FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

I am looking for an LTO tape library. Do you have one to spare?
Port details
sshguard Protect hosts from brute force attacks against ssh and other services
1.5_10 security on this many watch lists=12 search for ports that depend on this port Find issues related to this port Report an issue related to this port
Maintainer: feld@FreeBSD.org search for ports maintained by this maintainer
Port Added: 01 Mar 2007 01:37:03
License: BSD2CLAUSE
Sshguard monitors services from their logging activity. It reacts to messages
about dangerous activity by blocking the source address with the local firewall.

Sshguard employs a clever parser that can recognize several logging formats at
once transparently (syslog, syslog-ng, metalog, multilog, raw messages), and
detects attacks for many services out of the box, including SSH, FreeBSD's
ftpd and dovecot.  It can operate all the major firewalling systems, including
PF, netfilter/iptables, IPFIREWALL/ipfw, IPFILTER.

Sshguard has several relevant features like support for IPv6, whitelisting,
suspension, log message authentication. It is reliable, easy to set up and
demands very few resources to the system.

WWW: http://sshguard.sourceforge.net
SVNWeb : Homepage : Distfiles Availability : PortsMon
Slave ports
  1. security/sshguard-ipfilter
  2. security/sshguard-ipfw
  3. security/sshguard-pf
There are no ports dependent upon this port

To install the port: cd /usr/ports/security/sshguard/ && make install clean
To add the package: pkg install security/sshguard


Configuration Options
     No options to configure

USES:
tar:bzip2

Master Sites:
  1. http://aarnet.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  2. http://distcache.FreeBSD.org/ports-distfiles/
  3. http://downloads.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  4. http://freefr.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  5. http://garr.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  6. http://heanet.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  7. http://hivelocity.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  8. http://ignum.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  9. http://internode.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  10. http://iweb.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  11. http://jaist.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  12. http://kaz.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  13. http://kent.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  14. http://master.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  15. http://nchc.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  16. http://ncu.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  17. http://netcologne.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  18. http://sunet.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  19. http://superb-dca3.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  20. http://switch.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  21. http://tenet.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  22. http://ufpr.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/
  23. http://waix.dl.sourceforge.net/project/sshguard/sshguard/sshguard-1.5/

Number of commits found: 27

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
23 Jan 2015 20:15:34
Original commit files touched by this commit  1.5_10
Revision:377762
feld search for other commits by this committer
Patch parser to fix matching for Cyrus IMAP login attempts which are not
plaintext.

PR:		196943
Submitted by:	jakob.alvermark@bsdlabs.com
08 Jan 2015 13:42:53
Original commit files touched by this commit  1.5_9
Revision:376531
feld search for other commits by this committer
Add ability to pass additional custom arguments to sshguard daemon via
sshguard_flags in rc.conf

Declare LICENSE while here

Submitted by:	wjw@digiware.nl
10 Dec 2014 14:04:24
Original commit files touched by this commit  1.5_8
Revision:374458
feld search for other commits by this committer
Update "BSD" license in security category
03 Nov 2014 21:56:18
Original commit files touched by this commit  1.5_7
Revision:372126
feld search for other commits by this committer
Make it possible to run sshguard without blacklist database by setting
in rc.conf:

 sshguard_blacklist=""

This may fix reliability for some users.

PR:		174018
03 Nov 2014 21:11:34
Original commit files touched by this commit  1.5_6
Revision:372123
feld search for other commits by this committer
Do not hide stdout from users by sending it to syslog. Users need to be
able to readily view errors if they happen at startup.

PR:		193378
02 Oct 2014 12:28:03
Original commit files touched by this commit  1.5_6
Revision:369818
feld search for other commits by this committer
The default pardon and prescribe settings in the rc script were swapped
and did not match the documentation. Users should tune to their needs
instead of relying on the defaults, but if they are this will be an
improvement.

Submitted by:	John Vinopal
22 May 2014 13:17:34
Original commit files touched by this commit  1.5_5
Revision:354836
feld search for other commits by this committer
Adopting security/sshguard

rc script passes rclint

Removed clever built-in sysadmin countermeasure:

Previously sshguard would automatically add a line to your
/etc/syslog.conf file. You could activate sshguard by uncommenting this
line. However, every time you reinstall/update sshguard this line will
also be automatically removed rendering the program inactive and your
system unprotected.

Sponsored by:	SupraNet Communications, Inc
25 Apr 2014 13:08:34
Refresh Original commit files touched by this commit
Revision:352123
crees search for other commits by this committer
Fix rc script, which I made a bit of a mess of.  Really sorry :(

Submitted by:	se

While here, add error checking in pkg-install before replacing
syslog.conf with an unknown file!
08 Apr 2014 19:03:02
Original commit files touched by this commit  1.5_3
Revision:350643
crees search for other commits by this committer
Fix old sshguard bug; does not detect ssh invalid users logins

PR:		ports/174571
Submitted by:	Francois Charlier <fcharlier@ploup.net>

Reset maintainer after 16 month timeout

While here, stage, remove some insanity and fixup rc script
20 Sep 2013 22:55:26
Original commit files touched by this commit  1.5_2
Revision:327769
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
01 Feb 2013 15:04:01
Original commit files touched by this commit  1.5_2
Revision:311381
ak search for other commits by this committer
- Fix all cases of 'No newline at end of file' in ports tree

Approved by: portmgr (bapt)
27 Jun 2012 00:22:55
Original commit files touched by this commit  1.5_2
delphij search for other commits by this committer
Add a rc.d script to daemonize sshguard.

Submitted by:   delphij
PR:             ports/166471
Approved by:    maintainer timeout (~3 months)
24 Jul 2011 18:16:30
Original commit files touched by this commit  1.5_1
arved search for other commits by this committer
Fix sshguared-ipfw -b option

PR:             157807
Submitted by:   Dmitry <smallcms@gmail.com>
Approved by:    maintainer timeout
12 Jun 2011 02:35:49
Original commit files touched by this commit  1.5
miwi search for other commits by this committer
- Update to 1.5

PR:             155607
Submitted by:   Matthias Fechner <idefix@fechner.net>
10 Jan 2010 00:36:33
Original commit files touched by this commit  1.4
danger search for other commits by this committer
- update to 1.4

PR:             ports/142469
Approved by:    gabor, Maintainer
22 Aug 2009 00:35:32
Original commit files touched by this commit  1.3
  Sanity Test Failure
amdmi3 search for other commits by this committer
- Switch SourceForge ports to the new File Release System: categories starting
with P,R,S
03 Oct 2008 14:28:11
Original commit files touched by this commit  1.3
amdmi3 search for other commits by this committer
- Update to 1.3, which also fixes build problem with autoconf

PR:             127599
Submitted by:   Jeremy Johnston <jeremy at smart-serv dot net>
Suggested by:   Mij <mij at bitchx dot it> (maintainer)
23 Sep 2008 18:58:35
Original commit files touched by this commit  1.2
amdmi3 search for other commits by this committer
- Update to 1.2. Changes:
  - support for Cyrus IMAP
  - support for SSH "possible break-in attempt" messages
  - updated support for dovecot to include logging format of new versions
  - fix of IPF backend causing sshguard not to update /etc/ipf.rules (disallow
IPv6)
  - fix detection of password when sshd doesn't log anything more than PAM
- While here, use SF macro

PR:             127456
Submitted by:   Mij <mij at bitchx dot it> (maintainer)
28 Jul 2008 07:35:02
Original commit files touched by this commit  1.1_1
lwhsu search for other commits by this committer
- Install man page to ${MANPREFIX}/man .  Thanks to pav@ for notification
- Update description reflecting additions of version 1.1

PR:             ports/126001
Submitted by:   Mij <mij AT bitchx.it> (maintainer)
26 Jul 2008 13:49:02
Original commit files touched by this commit  1.1
lwhsu search for other commits by this committer
- Update to 1.1

PR:             ports/125973
Submitted by:   Mij <mij AT bitchx.it> (maintainer)
04 Jan 2008 20:35:08
Original commit files touched by this commit  1.0_1
arved search for other commits by this committer
Prevent the port from running automake if it is installed

PR:             118065
Submitted by:   Mij <mij@bitchx.it>
17 Jun 2007 21:55:21
Original commit files touched by this commit  1.0_1
itetcu search for other commits by this committer
- add patch for:
The regex used to recognize IPv6 addresses in security/sshguard{,-ipfw,-pf}
doesn't catch all IPv6 addresses. The author (and port maintainer) is aware of
this issue and supplied the patch, which fixes the issue. The patch will be
part of sshguard-1.1, which is due soonish.
- bump PORTREVISION

PR:             113800
Submitted by:   Henrik Brix Andersen
Approved by:    Mij (maintainer)
12 Jun 2007 22:13:32
Original commit files touched by this commit  1.0
itetcu search for other commits by this committer
Shorten COMMENT

Submitted by:   sat@
12 Jun 2007 22:09:47
Original commit files touched by this commit  1.0
itetcu search for other commits by this committer
Allow slave ports to overwrite the COMMENT.

Submitted by:   sat@
12 Jun 2007 20:05:42
Original commit files touched by this commit  1.0
itetcu search for other commits by this committer
- upgrade to version 1.0
- the port is no longer interactive, it uses the default blocking backend
(hosts)
- for pf and ipfw see the new ports sshguard-[pf|ipfw]

PR:             ports/112749
Submitted by:   Mij (maintainer)
Reviewed by:    leeym@
01 Mar 2007 10:06:14
Original commit files touched by this commit  0.91_1
clsung search for other commits by this committer
- respect maintainer's insist on interactive part,
  even IS_INTERACTIVE is discouraged
- PORTREVISION is thus bumped.

Approved by:    maintainer (implicit)
01 Mar 2007 01:36:56
Original commit files touched by this commit  0.91
clsung search for other commits by this committer
Add sshguard 0.91, protect networked hosts from brute force attacks
against ssh.

PR:             ports/109439
Submitted by:   Mij <mij at bitchx.it>

Number of commits found: 27

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
asterisk11Jan 29
asterisk13Jan 29
asterisk13Jan 29
linux_base-c6Jan 28
linux_base-f10Jan 28
bugzilla44Jan 26
py-django*Jan 24
py-django-devel*Jan 24
libresslJan 22
linux-c6-openssl*Jan 22
mingw32-openssl*Jan 22
openssl*Jan 22
chromiumJan 21
polarsslJan 19
polarssl13Jan 19

11 vulnerabilities affecting 19 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 24501
Broken 91
Deprecated 31
Ignore 338
Forbidden 1
Restricted 207
No CDROM 93
Vulnerable 19
Expired 0
Set to expire 26
Interactive 0
new 24 hours 3
new 48 hours7
new 7 days21
new fortnight51
new month121

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2014 Dan Langille. All rights reserved.