On Jan 20, 10:22pm, br...@nmsu.edu (Brook Milligan) wrote: -- Subject: Re: blacklistd is now available for current (comments?)
| Interesting coincidence; I was just exploring sshguard as a means to accomp= | lish similar goals this weekend. | | On Jan 20, 2015, at 7:54 PM, Christos Zoulas wrote: | > This is package contains library that can be used by network daemons to | > communicate with a packet filter via a daemon to enforce opening and | > closing ports dynamically based on policy. | | Having the daemons directly record the outcome of their authentication seem= | s preferable to groveling through log entries as, for example, sshguard doe= | s. However, that requires modification of the relevant daemons and is in t= | hat sense more intrusive. =20 Yes, I hate the grovelling through logs and I could not find something that did this directly, so I wrote it. | Is your idea to modify (or encourage modification of) a broad array of daem= | ons that might benefit from this? I'm thinking, for example, of daemons re= | sponsible for IMAP mail delivery and other such things that require credent= | ials. Is this something that can be added to PAM and thereby avoid being s= | o intrusive on the daemons themselves? As you can see from the patch, the daemon modification is trivial. Yes, I am planning to add this to more daemons (I think I will do named next because it is really spammy on my machines), and yes if there is a way to do this via PAM that would be even better. christos