Пакет sshutout: Specfile

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
Name: sshutout
Version: 1.0.5
Release: alt3

Summary: Stop SSH dictionary attacks
License: GPL
Group: Security/Networking

Url: http://www.techfinesse.com/sshutout/sshutout.html
Source0: %name-%version.tar.gz
Source1: %name.init
Source2: %name.conf
Patch0: sshutout-1.0.5-alt-open.patch
Patch1: sshutout-1.0.5-alt-logstrings.patch
Packager: Michael Shigorin <mike@altlinux.org>

%description
%name periodically monitors log files looking for multiple failed login
attempts via the sshd (optionally, sshd2). It is meant to mitigate what
is commonly known as "dictionary attacks," i.e. scripted brute force
attacks that use lists of user IDs and passwords to effect unauthorized
intrusions. Typically such attacks fill up the system logs with hundreds
or even thousands of log entries for the failed login attempts. Aside
from the nuisance of wasted space, wasted bandwidth, and reduced signal
to noise ratio in the logs, the attacks can pose a real danger to
systems with weak ID and password combinations.

This package blunts such attacks by creating firewall rules to block
individual offenders from accessing the system. These rules are created
when an attack signature is detected, and after a configurable expiry
interval has elapsed, the rules are deleted.

While sshutout can help reduce the severity and impact of dictionary
attacks, it is by no means a substitute for a good password policy.
A password policy is the front line of defense against intrusion and
should be given careful consideration. %name is merely one small tool
intended to help reduce log clutter and diminish the incentive to mount
dictionary attacks.

%prep
%setup
%patch0 -p1
%patch1 -p1

%build
%make_build

%install
install -pDm755 %name %buildroot%_sbindir/%name
install -pDm755 %SOURCE1 %buildroot%_initdir/%name
install -pDm644 %SOURCE2 %buildroot%_sysconfdir/%name.conf

%post
%post_service %name

%preun
%preun_service %name

%files
%_sbindir/%name
%_initdir/%name
%_sysconfdir/%name.conf
%doc License README TODO sshutout.html 

%changelog
* Wed Oct 14 2009 Michael Shigorin <mike@altlinux.org> 1.0.5-alt3
- applied patch by A.Kitouwaykin <cetus newmail ru> to add
  "UNKNOWN USER" pattern recognition (closes: #21869)
- minor spec cleanup

* Wed Nov 05 2008 Michael Shigorin <mike@altlinux.org> 1.0.5-alt2
- fix FTBFS against recent glibc

* Thu Jul 03 2008 Michael Shigorin <mike@altlinux.org> 1.0.5-alt1
- built for ALT Linux
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.5.0
Наверх