Installing sshdfilter on ubuntu 10.4 LTS

Hi all,

I am attempting to install sshdfilter on my ubuntu 10.4 LTS machine. This package is supposed to block ssh-bruteforce attacks. It does that by adding blocking rules to iptables when multiple bad ssh logins are detected, and blocks the ip that initiated them.

This package usually relies on /var/log/sshd.fifo, but in ubuntu the file is called /var/log/auth.log, so I created a symlink

sudo ln -s /var/log/auth.log /var/log/sshd.fifo

After doing that I continued the installation by the excellent instructions here.
Unfortunately, I have no idea how to test if it is really working! :-(
Any ideas hot to test it?

Thanks a log,
-R

2

Contributors

3

Replies

1 Day

Discussion Span

1 Year Ago

Last Updated

4

Views

Question
Answered

FelineHazard

Light Poster

46 posts since Feb 2012

Reputation Points: 10

Solved Threads: 2

Skill Endorsements: 0

1 Year Ago

0

Hello,

I tried that sshdfilter and found denyhosts to be a much easier application to install and configure. And it works.

rch1231

Veteran Poster

1,040 posts since Sep 2009

Reputation Points: 142

Solved Threads: 154

Skill Endorsements: 12

1 Year Ago

0

Thanks, I'll try it and report back. I'm starting to think that sshdfilter is just too much trouble for debian-based distros.

FelineHazard

Light Poster

46 posts since Feb 2012

Reputation Points: 10

Solved Threads: 2

Skill Endorsements: 0

1 Year Ago

0

Ok thanks. I actually found fail2ban a bit more ubuntu-friendly.
-R

FelineHazard

Light Poster

46 posts since Feb 2012

Reputation Points: 10

Solved Threads: 2

Skill Endorsements: 0

Question Answered as of 1 Year Ago by rch1231

Installing sshdfilter on ubuntu 10.4 LTS

This question has already been solved: Start a new discussion instead