|Source Repository:||Gentoo Portage Tree|
Summary: protects hosts from brute force attacks against ssh
- Enable ipfilter firewall support (only for *bsd)
How We're Keeping You At the Center of the Funtoo UniverseRead about recent developments that keep you, our users, at the forefront of our focus as Funtoo moves forward.
New OpenGL management in FuntooFuntoo is switching to an improved system for managing multiple OpenGL providers (Mesa/Xorg, AMD and NVIDIA). The update may involve blockers and file collisions.
Subarch Profiles are coming...Subarch profiles are on their way! Learn more here.
sshguard is an intrusion prevention system. sshguard parses server logs, determines malicious activity, and then bans malicious users via firewall rules. sshguard is written in C so it does not tax an interprator.
To install sshguard:
# emerge app-admin/sshguard
sshguard does not have a configuration file. sshguard is controlled by flags passed to it upon execution.
/etc/conf.d/sshguard is where flags & log path can be passed to the sshguard service.
sshguard will fail to start unless it has proper authorization logs to monitor.
Generate blank iptables rules, and start iptables as outlined here.
Insert these rules to allow sshguard to ban malicious users.
# iptables -N sshguard
&& to block all trafic from offenders
# iptables -A INPUT -j sshguard
To start sshguard immediately:
# rc-service sshguard start
To start sshguard upon reboot:
# rc-update add sshguard default