Difference between pages "Package:Sshguard" and "Package:Gzip"

(Difference between pages)
 
 
Line 1: Line 1:
 
{{Ebuild
 
{{Ebuild
|Summary=protects hosts from brute force attacks against ssh
+
|Summary=Gzip is the standard GNU compressor/decompressor, used to create and expand .gz archives.
|CatPkg=app-admin/sshguard
+
|CatPkg=app-arch/gzip
|Maintainer=
+
|Maintainer=Oleg,
 +
|Repository=Funtoo Overlay
 
}}
 
}}
__TOC__
+
Our forked version of Gzip adds a patch to add the <tt>--rsyncable</tt> option, which creates an "rsync-friendly" archive. This option used by <tt>vzdump>/tt> utility
'''sshguard''' is an intrusion prevention system.  sshguard parses server logs, determines malicious activity, and then bans malicious users via firewall rules.  sshguard is written in C so it does not tax an interprator.
+
  
== Installation ==
+
Here is the full description of this option:
=== Emerge ===
+
To install sshguard:
+
  
<console>
+
<blockquote>
###i## emerge app-admin/sshguard
+
"While compressing, synchronize the output occasionally based on the
</console>
+
inputThis reduces compression by about 1 percent most cases, but
 
+
means that the <tt>rsync</tt> program can take advantage of similarities
=== Configuration ===
+
in the uncompressed input when syncronizing two files compressed with
sshguard does not have a configuration filesshguard is controlled by flags passed to it upon execution.
+
this flag.  <tt>gunzip</tt> cannot tell the difference between a
 
+
compressed file created with this option, and one created without it."
/etc/conf.d/sshguard is where flags & log path can be passed to the sshguard service.
+
</blockquote>
 
+
==== Rules ====
+
{{file|name=/etc/conf.d/sshguard|desc=overly strict rules|body=
+
SSHGUARD_OPTS="-p 3600 -s 3600 -a 20"}}
+
 
+
==== Logs ====
+
sshguard will fail to start unless it has proper authorization logs to monitor.
+
 
+
{{file|name=/etc/conf.d/sshguard|desc=syslog-ng log location|body=
+
SSHGUARD_OPTS="${SSHGUARD_OPTS} -l /var/log/messages"}}
+
 
+
== Iptables ==
+
=== IP v4 ===
+
Generate blank iptables rules, and start iptables as outlined [[Iptables#First_Run|here]].
+
 
+
Insert these rules to allow sshguard to ban malicious users.
+
 
+
<console>
+
###i## iptables -N sshguard
+
</console>
+
 
+
&& to block all trafic from offenders
+
 
+
<console>
+
###i## iptables -A INPUT -j sshguard
+
</console>
+
 
+
== Boot Service ==
+
=== OpenRC ===
+
To start sshguard immediately:
+
<console>
+
###i## rc-service sshguard start
+
</console>
+
 
+
To start sshguard upon reboot:
+
<console>
+
###i## rc-update add sshguard default
+
</console>
+
 
+
== External Resources ==
+
*http://www.sshguard.net/
+
*http://www.ohloh.net/p/sshguard
+
 
+
[[Category:Security]]
+
[[Category:Server]]
+
 
{{EbuildFooter}}
 
{{EbuildFooter}}

Revision as of 12:23, June 27, 2014

app-arch/gzip


Current Maintainer(s):Oleg Vinichenko
Source Repository:Repository:Funtoo Overlay


Summary: Gzip is the standard GNU compressor/decompressor, used to create and expand .gz archives.


News

Drobbins

IP Space Migration Continues

All Funtoo user containers in the 8.28 IP space will be moving into our new IP space (172.97) over the next few days. If you have DNS set up -- be sure to watch your container and update to the new IP! container.host.funtoo.org DNS will be updated after the move.
2015-08-27 by Drobbins
Drobbins

Funtoo Hosting IP Move

Funtoo user containers with IPs in the 72.18.x.x range will be gradually migrating to new IP addresses this week. If you have DNS entries for your containers, please be aware that your DNS will need to be updated.
2015-08-11 by Drobbins
Drobbins

New ARM Stages

New ARM Stages, built with a new toolchain, are now hitting mirrors. Existing ARM users should re-install using these stages (dated Aug 3, 2015 or later,) rather than upgrade using emerge.
2015-08-06 by Drobbins
More...

Gzip

Tip

We welcome improvements to this page. To edit this page, Create a Funtoo account. Then log in and then click here to edit this page. See our editing guidelines to becoming a wiki-editing pro.

Our forked version of Gzip adds a patch to add the --rsyncable option, which creates an "rsync-friendly" archive. This option used by vzdump>/tt> utility

Here is the full description of this option:

"While compressing, synchronize the output occasionally based on the input. This reduces compression by about 1 percent most cases, but means that the <tt>rsync</tt> program can take advantage of similarities in the uncompressed input when syncronizing two files compressed with this flag. <tt>gunzip</tt> cannot tell the difference between a compressed file created with this option, and one created without it."


</div></div></div>