FreshPorts -- The Place For Ports If you buy from Amazon USA, please support us by using this link.
Follow us
Blog
Twitter

Port details
sshguard Protect hosts from brute force attacks against ssh and other services
2.0.0_1 security on this many watch lists=16 search for ports that depend on this port Find issues related to this port Report an issue related to this port
Maintainer: dan.mcgregor@usask.ca search for ports maintained by this maintainer
Port Added: 01 Mar 2007 01:37:03
License: BSD2CLAUSE
Sshguard monitors services from their logging activity. It reacts to messages
about dangerous activity by blocking the source address with the local firewall.

Sshguard employs a clever parser that can recognize several logging formats at
once transparently (syslog, syslog-ng, metalog, multilog, raw messages), and
detects attacks for many services out of the box, including SSH, FreeBSD's
ftpd and dovecot.  It can operate all the major firewalling systems, including
PF, netfilter/iptables, and IPFIREWALL/ipfw.

Sshguard has several relevant features like support for IPv6, whitelisting,
suspension, log message authentication. It is reliable, easy to set up and
demands very few resources to the system.

WWW: http://sshguard.sourceforge.net
SVNWeb : Homepage : PortsMon : pkg-plist

To install the port: cd /usr/ports/security/sshguard/ && make install clean
To add the package: pkg install sshguard

PKGNAME: sshguard

distinfo:

TIMESTAMP = 1500391750
SHA256 (sshguard-2.0.0.tar.gz) = e87c6c4a6dddf06f440ea76464eb6197869c0293f0a60ffa51f8a6a0d7b0cb06
SIZE (sshguard-2.0.0.tar.gz) = 886995


NOTE: FreshPorts displays only information on required and default dependencies. Optional dependencies are not covered.

Build dependencies:
  1. autoconf-2.69 : devel/autoconf
  2. autoheader-2.69 : devel/autoconf
  3. autoreconf-2.69 : devel/autoconf
  4. aclocal-1.15 : devel/automake
  5. automake-1.15 : devel/automake
There are no ports dependent upon this port

Configuration Options
     No options to configure

USES:
autoreconf

Master Sites:
  1. http://cytranet.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  2. http://downloads.sourceforge.net/project/sshguard/sshguard/2.0.0/
  3. http://dronedata.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  4. http://excellmedia.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  5. http://freefr.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  6. http://jaist.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  7. http://kent.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  8. http://liquidtelecom.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  9. http://nchc.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  10. http://netassist.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  11. http://netcologne.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  12. http://netix.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  13. http://superb-dca2.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  14. http://superb-sea2.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  15. http://tenet.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  16. http://ufpr.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  17. http://vorboss.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  18. https://cytranet.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  19. https://downloads.sourceforge.net/project/sshguard/sshguard/2.0.0/
  20. https://dronedata.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  21. https://excellmedia.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  22. https://freefr.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  23. https://jaist.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  24. https://kent.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  25. https://liquidtelecom.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  26. https://nchc.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  27. https://netassist.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  28. https://netcologne.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  29. https://netix.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  30. https://superb-dca2.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  31. https://superb-sea2.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  32. https://tenet.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  33. https://ufpr.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
  34. https://vorboss.dl.sourceforge.net/project/sshguard/sshguard/2.0.0/
Port Moves

Number of commits found: 46

Commit History - (may be incomplete: see SVNWeb link above for full details)
DateByDescription
24 Jul 2017 10:56:16
Original commit files touched by this commit  2.0.0_1
Revision:446517
woodsb02 search for other commits by this committer
security/sshguard: Fix rc script, add UPDATING entry

sshguard usually looks at sshguard.conf for a list of files to monitor,
but lets you override it via the command line using -l arguments.

This change fixes an issue with the previous rc script which was
*always* setting the '-l' arguments even if sshguard_watch_logs wasn't
set in rc.conf.

This change also sets the defaults in the config file to match the
former defaults in the rc script, and adds an UPDATING entry to warn
of the change from default configuration via rc.conf the config file.

PR:		220906
Submitted by:	Dan McGregor (maintainer)
Reported by:	chris@cretaforce.gr
20 Jul 2017 15:34:09
Original commit files touched by this commit  2.0.0
Revision:446263
feld search for other commits by this committer
security/sshguard: Update to 2.0.0

PR:		219409
20 Jul 2017 13:53:57
Original commit files touched by this commit  1.7.1
Revision:446261
feld search for other commits by this committer
security/sshguard: reset MAINTAINER
09 Jan 2017 21:50:36
Original commit files touched by this commit  1.7.1
Revision:431035
feld search for other commits by this committer
security/sshguard: Update to 1.7.1
29 Aug 2016 19:55:47
Original commit files touched by this commit  1.7.0_1
Revision:421094
feld search for other commits by this committer
security/sshguard: Unbreak build by making a metaport

security/sshguard no longer provides hosts/TCP Wrappers support by
default as this was removed upstream. It is now a metaport which will
allow you to select a backend. Further details can be found in the
UPDATING entry.
26 Aug 2016 21:07:15
Original commit files touched by this commit  1.7.0
Revision:420950
feld search for other commits by this committer
security/sshguard: Update to 1.7.0

Changelog:

Added
    Add sshg-logtail
    Add sshg-parser
    Control firewall using sshg-fw
    Match "no matching key exchange method" for SSH

Deprecated
    Hosts backend is deprecated
    Logsuck (-l option) is deprecated, use sshg-logtail instead
    Process validation (-f option) is deprecated
(Only the first 15 lines of the commit message are shown above View all of this commit message)
19 May 2016 11:09:14
Original commit files touched by this commit  1.6.4_1
Revision:415503
amdmi3 search for other commits by this committer
- Fix trailing whitespace in pkg-messages

Approved by:	portmgr blanket
02 May 2016 16:49:08
Original commit files touched by this commit  1.6.4_1
Revision:414462
feld search for other commits by this committer
security/sshguard: Update man page, fix sshguard_reset_interval default

Upstream responded to my submitted man page patch and indicated that
sshguard_reset_interval (-s) has been changed to 1800 (30 mins) as well.
02 May 2016 16:26:04
Original commit files touched by this commit  1.6.4
Revision:414461
feld search for other commits by this committer
security/sshguard: Update to 1.6.4

- Add PID file support back to rc script
- Rename some rc script parameters to better align with sshguard(8)

  sshguard_safety_thresh -> sshguard_danger_thresh
  sshguard_pardon_min_interval -> sshguard_release_interval
  sshguard_prescribe_interval -> sshguard_reset_interval

Release notes:

This release brings updated signatures, usability improvements, and bug
fixes. Highlights in this release include:

    - Match Postfix pre-authentication disconnects
(Only the first 15 lines of the commit message are shown above View all of this commit message)
19 Mar 2016 13:04:29
Original commit files touched by this commit  1.6.3_1
Revision:411393
feld search for other commits by this committer
security/sshguard: Add patch to prevent log flooding with error messages

PR:		208133
08 Mar 2016 16:20:03
Original commit files touched by this commit  1.6.3
Revision:410632
feld search for other commits by this committer
security/sshguard: Update to 1.6.3

Changelog:	https://sourceforge.net/p/sshguard/mailman/message/34733464/

PR:		207511
Submitted by:	<dcarmich@dcarmichael.net>
15 Dec 2015 21:18:52
Original commit files touched by this commit  1.6.2
Revision:403812
feld search for other commits by this committer
security/sshguard-pf Fix documentation URL in pkg-message

Submitted by:	Johan <johan jails se>
13 Oct 2015 01:14:26
Original commit files touched by this commit  1.6.2
Revision:399172
feld search for other commits by this committer
security/sshgaurd: Update to 1.6.2

* Remove recommendation of using syslog pipes
* IPFW support has been rewritten and entries now are added to table 22

PR:		203452
01 Aug 2015 23:24:56
Original commit files touched by this commit  1.6.1
Revision:393405
feld search for other commits by this committer
security/sshguard: update to 1.6.1
26 Jul 2015 15:04:34
Original commit files touched by this commit  1.6.0_1
Revision:392923
feld search for other commits by this committer
security/sshguard-null

portable do-nothing backend for applying detection but not prevention

PR:		201323
17 May 2015 13:47:41
Original commit files touched by this commit  1.6.0_1
Revision:386613
feld search for other commits by this committer
Add patch to support syslog in verbose mode

This was previously a patch in the FreeBSD ports tree and was sent
upstream but did not make it into 1.6.0

Submitted by:	gregp@n0qds.org
05 May 2015 01:59:51
Original commit files touched by this commit  1.6.0
Revision:385439
feld search for other commits by this committer
Update to 1.6.0
24 Mar 2015 02:23:30
Original commit files touched by this commit  1.5_12
Revision:382064
feld search for other commits by this committer
Restore lost changes to patch-src-parser-attack_scanner.l

PR:		197854
24 Mar 2015 02:11:26
Original commit files touched by this commit  1.5_11
Revision:382063
feld search for other commits by this committer
Enable matching of syslog entries with <facility.level>

PR:		197854
23 Jan 2015 20:15:34
Original commit files touched by this commit  1.5_10
Revision:377762
feld search for other commits by this committer
Patch parser to fix matching for Cyrus IMAP login attempts which are not
plaintext.

PR:		196943
Submitted by:	jakob.alvermark@bsdlabs.com
08 Jan 2015 13:42:53
Original commit files touched by this commit  1.5_9
Revision:376531
feld search for other commits by this committer
Add ability to pass additional custom arguments to sshguard daemon via
sshguard_flags in rc.conf

Declare LICENSE while here

Submitted by:	wjw@digiware.nl
10 Dec 2014 14:04:24
Original commit files touched by this commit  1.5_8
Revision:374458
feld search for other commits by this committer
Update "BSD" license in security category
03 Nov 2014 21:56:18
Original commit files touched by this commit  1.5_7
Revision:372126
feld search for other commits by this committer
Make it possible to run sshguard without blacklist database by setting
in rc.conf:

 sshguard_blacklist=""

This may fix reliability for some users.

PR:		174018
03 Nov 2014 21:11:34
Original commit files touched by this commit  1.5_6
Revision:372123
feld search for other commits by this committer
Do not hide stdout from users by sending it to syslog. Users need to be
able to readily view errors if they happen at startup.

PR:		193378
02 Oct 2014 12:28:03
Original commit files touched by this commit  1.5_6
Revision:369818
feld search for other commits by this committer
The default pardon and prescribe settings in the rc script were swapped
and did not match the documentation. Users should tune to their needs
instead of relying on the defaults, but if they are this will be an
improvement.

Submitted by:	John Vinopal
22 May 2014 13:17:34
Original commit files touched by this commit  1.5_5
Revision:354836
feld search for other commits by this committer
Adopting security/sshguard

rc script passes rclint

Removed clever built-in sysadmin countermeasure:

Previously sshguard would automatically add a line to your
/etc/syslog.conf file. You could activate sshguard by uncommenting this
line. However, every time you reinstall/update sshguard this line will
also be automatically removed rendering the program inactive and your
system unprotected.

Sponsored by:	SupraNet Communications, Inc
25 Apr 2014 13:08:34
Refresh Original commit files touched by this commit
Revision:352123
crees search for other commits by this committer
Fix rc script, which I made a bit of a mess of.  Really sorry :(

Submitted by:	se

While here, add error checking in pkg-install before replacing
syslog.conf with an unknown file!
08 Apr 2014 19:03:02
Original commit files touched by this commit  1.5_3
Revision:350643
crees search for other commits by this committer
Fix old sshguard bug; does not detect ssh invalid users logins

PR:		ports/174571
Submitted by:	Francois Charlier <fcharlier@ploup.net>

Reset maintainer after 16 month timeout

While here, stage, remove some insanity and fixup rc script
20 Sep 2013 22:55:26
Original commit files touched by this commit  1.5_2
Revision:327769
bapt search for other commits by this committer
Add NO_STAGE all over the place in preparation for the staging support (cat:
security)
01 Feb 2013 15:04:01
Original commit files touched by this commit  1.5_2
Revision:311381
ak search for other commits by this committer
- Fix all cases of 'No newline at end of file' in ports tree

Approved by: portmgr (bapt)
27 Jun 2012 00:22:55
Original commit files touched by this commit  1.5_2
delphij search for other commits by this committer
Add a rc.d script to daemonize sshguard.

Submitted by:   delphij
PR:             ports/166471
Approved by:    maintainer timeout (~3 months)
24 Jul 2011 18:16:30
Original commit files touched by this commit  1.5_1
arved search for other commits by this committer
Fix sshguared-ipfw -b option

PR:             157807
Submitted by:   Dmitry <smallcms@gmail.com>
Approved by:    maintainer timeout
12 Jun 2011 02:35:49
Original commit files touched by this commit  1.5
miwi search for other commits by this committer
- Update to 1.5

PR:             155607
Submitted by:   Matthias Fechner <idefix@fechner.net>
10 Jan 2010 00:36:33
Original commit files touched by this commit  1.4
danger search for other commits by this committer
- update to 1.4

PR:             ports/142469
Approved by:    gabor, Maintainer
22 Aug 2009 00:35:32
Original commit files touched by this commit  1.3
  Sanity Test Failure
amdmi3 search for other commits by this committer
- Switch SourceForge ports to the new File Release System: categories starting
with P,R,S
03 Oct 2008 14:28:11
Original commit files touched by this commit  1.3
amdmi3 search for other commits by this committer
- Update to 1.3, which also fixes build problem with autoconf

PR:             127599
Submitted by:   Jeremy Johnston <jeremy at smart-serv dot net>
Suggested by:   Mij <mij at bitchx dot it> (maintainer)
23 Sep 2008 18:58:35
Original commit files touched by this commit  1.2
amdmi3 search for other commits by this committer
- Update to 1.2. Changes:
  - support for Cyrus IMAP
  - support for SSH "possible break-in attempt" messages
  - updated support for dovecot to include logging format of new versions
  - fix of IPF backend causing sshguard not to update /etc/ipf.rules (disallow
IPv6)
  - fix detection of password when sshd doesn't log anything more than PAM
- While here, use SF macro

PR:             127456
Submitted by:   Mij <mij at bitchx dot it> (maintainer)
28 Jul 2008 07:35:02
Original commit files touched by this commit  1.1_1
lwhsu search for other commits by this committer
- Install man page to ${MANPREFIX}/man .  Thanks to pav@ for notification
- Update description reflecting additions of version 1.1

PR:             ports/126001
Submitted by:   Mij <mij AT bitchx.it> (maintainer)
26 Jul 2008 13:49:02
Original commit files touched by this commit  1.1
lwhsu search for other commits by this committer
- Update to 1.1

PR:             ports/125973
Submitted by:   Mij <mij AT bitchx.it> (maintainer)
04 Jan 2008 20:35:08
Original commit files touched by this commit  1.0_1
arved search for other commits by this committer
Prevent the port from running automake if it is installed

PR:             118065
Submitted by:   Mij <mij@bitchx.it>
17 Jun 2007 21:55:21
Original commit files touched by this commit  1.0_1
itetcu search for other commits by this committer
- add patch for:
The regex used to recognize IPv6 addresses in security/sshguard{,-ipfw,-pf}
doesn't catch all IPv6 addresses. The author (and port maintainer) is aware of
this issue and supplied the patch, which fixes the issue. The patch will be
part of sshguard-1.1, which is due soonish.
- bump PORTREVISION

PR:             113800
Submitted by:   Henrik Brix Andersen
Approved by:    Mij (maintainer)
12 Jun 2007 22:13:32
Original commit files touched by this commit  1.0
itetcu search for other commits by this committer
Shorten COMMENT

Submitted by:   sat@
12 Jun 2007 22:09:47
Original commit files touched by this commit  1.0
itetcu search for other commits by this committer
Allow slave ports to overwrite the COMMENT.

Submitted by:   sat@
12 Jun 2007 20:05:42
Original commit files touched by this commit  1.0
itetcu search for other commits by this committer
- upgrade to version 1.0
- the port is no longer interactive, it uses the default blocking backend
(hosts)
- for pf and ipfw see the new ports sshguard-[pf|ipfw]

PR:             ports/112749
Submitted by:   Mij (maintainer)
Reviewed by:    leeym@
01 Mar 2007 10:06:14
Original commit files touched by this commit  0.91_1
clsung search for other commits by this committer
- respect maintainer's insist on interactive part,
  even IS_INTERACTIVE is discouraged
- PORTREVISION is thus bumped.

Approved by:    maintainer (implicit)
01 Mar 2007 01:36:56
Original commit files touched by this commit  0.91
clsung search for other commits by this committer
Add sshguard 0.91, protect networked hosts from brute force attacks
against ssh.

PR:             ports/109439
Submitted by:   Mij <mij at bitchx.it>

Number of commits found: 46

Login
User Login
Create account

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD

This site
What is FreshPorts?
About the authors
Issues
FAQ
How big is it?
The latest upgrade!
Privacy
Forums
Blog
Contact

Search
Enter Keywords:
 
more...

Latest Vulnerabilities
weechatSep 25
perl5.24Sep 24
chromiumSep 22
apache22Sep 19
apache24Sep 19
asterisk11Sep 19
asterisk13Sep 19
firefox*Sep 19
firefox*Sep 19
firefox-esr*Sep 19
firefox-esr*Sep 19
libxul*Sep 19
libxul*Sep 19
linux-firefox*Sep 19
linux-firefox*Sep 19

12 vulnerabilities affecting 82 ports have been reported in the past 14 days

* - modified, not new

All vulnerabilities


Ports
Home
Categories
Deleted ports
Sanity Test Failures
Newsfeeds

Statistics
Graphs
NEW Graphs (Javascript)
Traffic

Calculated hourly:
Port count 31467
Broken 118
Deprecated 74
Ignore 385
Forbidden 0
Restricted 174
No CDROM 78
Vulnerable 47
Expired 18
Set to expire 70
Interactive 0
new 24 hours 2
new 48 hours5
new 7 days18
new fortnight2832
new month3340

Servers and bandwidth provided by
New York Internet, SuperNews, and RootBSD
Valid HTML, CSS, and RSS.
Copyright © 2000-2017 Dan Langille. All rights reserved.