msimerson / sentry Goto Github PK
View Code? Open in Web Editor NEWBruteforce attack blocker (ssh, FTP, SMTP, and more)
Bruteforce attack blocker (ssh, FTP, SMTP, and more)
I haven't attempted to look in the database, but due to issue #1 and entries not being removed from hosts.deny. I can verify, manual or automatic blacklist will add another entry into hosts.deny.
I suspect it would be wise to verify if an ip is already listed in the file, or with a working cleanup, make sure all copies of the ip is removed.
Two things dealing with autoupdates done on the web. First it doesn't look like there is any authentication of the code that you get on update. No digital signature checking of the code or server makes it possible to hijack the request and replace the code with a malicious version. Second it doesn't look like there's an option to turn off auto updates.
Thanks for the code!
FreeBSD 9.1 amd64 & Perl v5.14.2
as root adding a manual blacklist: (also automatic blacklist works great)
/var/db/sentry # ./sentry.pl --verbose -b --ip=192.168.11.35
installed version is 0.25
ip 192.168.11.35 is valid
setup checks succeeded
using /var/db/sentry/sentry.dbm as database
0 connections from 192.168.11.35 (key: 3232238371)
blacklisting 192.168.11.35
As root, trying to delist any blacklist:
/var/db/sentry # ./sentry.pl --verbose -delist --ip=192.168.11.35
installed version is 0.25
ip 192.168.11.35 is valid
setup checks succeeded
using /var/db/sentry/sentry.dbm as database
0 connections from 192.168.11.35 (key: 3232238371)
and it is blacklisted
unblacklisting 192.168.11.35
file /var/db/sentry/hosts.deny or enclosing dir is not writable!
unwhitelisting 192.168.11.35
permissions:
-rw-r--r-- 1 root wheel 996 Jun 12 13:10 hosts.deny
drwxr-xr-x 2 root wheel 512 Jun 12 13:10 sentry
Obviously blacklisting works, but the entry is never removed from hosts.deny
Really just a question, not an issue.
1.0.5 (on CentOS 8)
Should whitelist the IP address
[root@localhost ~]# /var/db/sentry/sentry.pl --ip=N.N.N.N --whitelist
Net::IP not installed. No IPv6 support.
Can't locate object method "new" via package "Net::IP" at /var/db/sentry/sentry.pl line 931.
Installed as per instructions. Ran the above command with a valid IP address.
Previous, the shebang line was hard coded:
#!/usr/bin/perl
And then I updated it because /usr/bin/perl doesn't always work (perl5, /opt/local, /usr/local, etc...). So I switched it to:
#!/usr/bin/env perl
Which should, work more often. But not necessarily so. See this and this.
When sentry is installed, find the path to perl (using ENV, following symlinks, etc..) and update the shebang line with the fully qualified path to perl.
1.05 (CentOS 8)
I'd like to remove it since it doesn't seem to work.
I am now locked out of my server and can't remove the lock
Just ran the installation instructions as per the README
our $VERSION = '1.04';
sentry --uninstall
Should completely and cleanly remove the module and disconnect it from the system.
Nothing happens
It would be great to have support for IPv6.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.