Download Shareware and Freeware Software for Windows, Linux, Macintosh, PDA

line Home  |  About Us  |  Link To Us  |  FAQ  |  Contact

Serving Software Downloads in 976 Categories, Downloaded 32.284.510 Times

sshutout 1.0.3

  Date Added: April 01, 2010  |  Visits: 798


Report Broken Link
Printer Friendly Version

Product Homepage
Download (77 downloads)

sshutout is a daemon that periodically monitors log files, looking for multiple failed login attempts via the Secure Shell daemon. sshutout is meant to mitigate what are commonly known as "dictionary attacks," i.e. scripted brute force attacks that use lists of user IDs and passwords to effect unauthorized intrusions. The sshutout daemon blunts such attacks by creating firewall rules to block individual offenders from accessing the system. These rules are created when an attack signature is detected, and after a configurable expiry interval has elapsed, the rules are deleted. The sshutout algorithm follows a pretty standard model for *nix daemons. The program starts, assumes a fairly safe set of built-in default values, then consults an optional configuration file to further refine these values, and finally consults the command line for arguments specifying overrides. The program checks to see that it has the required superuser authority and then forks. Its newly forked daemon process detaches from the console; the original process terminates. Next, an initial whitelist is constructed from the addresses of all active network interfaces. In addition, the name servers and default route are added to this whitelist. Finally, host addresses specified in the configuration file or command line are appended to the list. Appropriate signal handling is now set up. In this case, SIGHUP, the hang-up signal, is provided with a handler to refresh the daemons operating parameters from the configuration file. The other handled signals, i.e. SIGTERM and SIGPWR (and possibly SIGINT and SIGQUIT if not running as a daemon), are set up to cause a graceful termination of the daemon process. After signal handling has been initialized, the daemon enters its main processing loop. The loop spends most of its time in a sleep state, but when it does execute, which is approximately once per second, it examines all entries in its blocked hosts list to see if any are ready to expire. Those that are expiring are removed from the list and are also unblocked at the firewall through removal of the corresponding rule. The daemons next action is to determine whether its polling interval has elapsed. If it has not yet elapsed, then the daemon goes back to sleep. If the interval has elapsed, then the daemon examines the hosts configuration to see if any changes are required to the whitelist, for example, if any new interfaces have come up, or if the addresses associated with any interfaces have changed, etc. Next, the daemon will examine the specified log file to look for failed login attempts. It tallies a count of all failed login attempts for each unique host address over the span of the given polling interval. Those tallies that exceed the specified threshold are moved to the list of blocked hosts (unless, of course, they are in the whitelist.) Each item added to the blocked list is also blocked at the firewall through the addition of an suitable rule. This processing continues indefinitely until the daemon is signaled to stop. Installation: $ su - # tar -xzvf sshutout-1.0.0.tar.gz # cd sshutout-1.0.0 # make # make install Whats New in This Release: - This release adds the -u command line option to enable blocking of "Illegal user" login attempts. - This option is also configurable via the configuration file..

Requirements: No special requirements
Platforms: Linux
Keyword: Attempts Configuration Configuration File Daemon Failed Failed Login Failed Login Attempts Log Log Files Login Looking For Secure Shell Security Sshutout Via The
Users rating: 0/10

License: Freeware Size: 30.72 KB
Utilities  - Search 0.2
Windows can not open your file? With free Search utility you can easily find the information about any file extension that you are looking for including programs associated with it. The application offers you a quick...
2.17 MB  
Blog  -  LifeType 1.2.8
LifeType is an open-source blogging platform with support for multiple blogs and users in a single installation. LifeType supports multiple blogs and users, media management, generation of standard content, clean URLs and support for...
Utilities  -  Additional Tasks Extension for Network File Monitor
The basic configuration of File/FTP Replication Monitor manages up to 50 tasks. Additional tasks extension gives it an ability to work with extra tasks if it is required. Network File Monitor Professional gives users an unlimited options in...
Libraries  -  JComet 0.1
JComet is an open source project aiming to provide a set of reloadable and dynamic configuration objects, such as properties and XML elements, as well as to provide a framework for event-change listener that are called when data is changed....
10.24 KB  
Libraries  -  Simple Config 1.1.1
Simple Config library supports configuration files consisting of simple name-value pairs, similar to the old Windows INI files. A config file can be loaded into memory, queried by item name, modified, and written back out to a file. Configuration...
23.55 KB  
Programming  -  dopen 0.2.1
DOPEN is a module to open a file by looking at it extension/shebang and select the right program. It's library will update on frequent base on launchpad. The next version will introduce a smart-update system, to save configuration of users and...
10.24 KB  
Networking Tools  -  AGT 1.11
AGT is a powerful console frontend to iptables, supporting nearly all of the iptables extensions (such as quota, random, MIRROR, multiport, owner, string, MAC address, and more). All options can be specified in a configuration file with similar...
13.31 KB  
Networking Tools  -  Frankenwall 0.5.10
Frankenwall is a bash shell script intended to create a highly secure IPTables based Linux firewall/router with QOS/traffic shaping/bandwidth management. Be certain you know exactly what your network needs before using it. The primary focus of...
18.43 KB  
FTP Clients  -  AFD 1.3.5
AFD comes from Automatic File Distributor and provides a framework for very flexible, non-stop, log and debug-able delivery of an arbitrary amount of files to multiple recipients as expressed in URLs (currently mailing and ftp supported with the...
1.1 MB  
Utilities  -  Openwall Linux kernel patch 2.4.35-ow2
Openwall Linux kernel patch is a collection of security-related features for the Linux kernel, all configurable via the new Security options configuration section. In addition to the new features, some versions of the patch contain various...
34.82 KB  
Linux Software  -  wpCache® WordPress HTTP Cache 1.9
wpCache® is a high-performance, distributed object, caching system application, generic in nature, but intended for use in speeding up dynamic web applications, by decreasing database load time. wpCache® decreases dramatically the page...
3.51 MB  
Linux Software  -  Polling Autodialer Software 3.4
ICTBroadcast Auto Dialer software has a survey campaign for telephone surveys and polls. This auto dialer software automatically dials a list of numbers and asks them a set of questions that they can respond to, by using their telephone keypad....
488 B  
Linux Software  -  Total Video Converter Mac Free 3.5.5
Total Video Converter Mac Free developed by EffectMatrix Ltd is the official legal version of Total Video Converter which was a globally recognized brand since 2006. Total Video Converter Mac Free is a free but powerful all-in-one video...
17.7 MB  
Linux Software  -  Skeith mod_log_sql Analyzer 2.10beta2
Skeith is a php based front end for analyzing logs for Apache using mod_log_sql.
47.5 KB  
Linux Software  -  SLAX 6.0+
Slax is a modern, portable, small and fast Linux operating system with a modular approach and outstanding design. Despite its small size, Slax provides a wide collection of pre-installed software for daily use, including a well organized graphical...
190 KB  
Security Tools  -  Free AntiSpyware 7.2.5
As powerful and professional anti-spyware software, Free AntiSpyware has ability to detect & stop the latest and most malicious programs that are doing harm to your computer and breaking your privacy. This free spyware remover software helps...
128.08 MB  
Security Tools  -  paraproxy 1.1
paraproxy is a supplement library for paramiko which adds support for SSH2 proxy commands. #md5=0c7041e8d2d7e49b09df526bba3efb28 #md5=1fbb4f888f40a01439ff27458c6210eb #md5=493c0f426e376427c30f3f39ebc8dac1
20.48 KB  
Security Tools  -  pam_smxs 1.6
pam_smxs is a PAM module that authenticates a user using challenge-response. All tokens that support ANSI X9.9 are currently supported and it provides full support for CryptoCard RB1 tokens.
522.24 KB  
Security Tools  -  DoudouLinux 2011-11
DoudouLinux [1] is a system specially designed for children to make computer use as easy and pleasant as possible for them (and for their parents too! [2]). DoudouLinux provides tens of applications that suit children from 2 to 12 years and tries...
964.17 MB  
Security Tools  -  django-auth-ldap 1.0.19
This authentication backend enables a Django project to authenticate against any LDAP server. To use it, add django_auth_ldap.backend.LDAPBackend to AUTHENTICATION_BACKENDS. It is not necessary to add django_auth_ldap to INSTALLED_APPLICATIONS...
30.72 KB