1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
|
Subject: By default block only ssh bruteforce attacks.
Origin: Alex Mestiashvili <alex@biotec.tu-dresden.de>
--- libpam-abl.orig/conf/pam_abl.conf
+++ libpam-abl/conf/pam_abl.conf
@@ -4,11 +4,11 @@
host_rule=*:30/1h
user_db=/var/lib/abl/users.db
user_purge=1d
-user_rule=*:3/1h
+user_rule=*/sshd:5/1h
host_clear_cmd=[logger] [clear] [host] [%h]
host_block_cmd=[logger] [block] [host] [%h]
user_clear_cmd=[logger] [clear] [user] [%u]
user_block_cmd=[logger] [block] [user] [%u]
limits=1000-1200
-host_whitelist=1.1.1.1/24;2.1.1.1
-user_whitelist=danta;chris
+host_whitelist=localhost
+user_whitelist=
|
