commit 8f400ac7290a4cc89b5a42e78077ac7d4c490808 parent ee76559d1317c84a2b604e4aab7b2764d08e34c3 Author: Naveen Narayanan <zerous@nocebo.space> Date: Wed, 29 Sep 2021 23:28:46 +0200 Update README Diffstat:
| M | README | | | 31 | ++++++++++++++++++++++++++++++- |
1 file changed, 30 insertions(+), 1 deletion(-)
diff --git a/README b/README @@ -1,8 +1,37 @@ gods --- - A simple watch dog for ssh. Why gods? --- It is just an anagram for sdog. + +What is it? +--- +It is intended to be used as a daemon to block unsolicited ssh users +from trying to bruteforce their way through. + +sdog depends on two config files which are mutually exclusive to each other. + +/etc/gods/blacklist + As the name suggests this file shall contain the ip addresses + one wishes to block eternally. + +/etc/gods/whitelist + As the name suggests this file shall contain the ip addresses + one wishes to allow access for eternally. + +Apart from the directives that sdog learns from these files, it shall +ban/unban users based on a simple mathematical model: + blockage duration = 3 ^ n + where n is the number of times the respective user + has tried to authenticate and failed. + n is an element of the set [-1,8] + +After 8 tries, the said user is blacklisted and n shall be reset (to +-1) if the user successfully authenticates. + +The initial idea is to support pf and npf. + +Cheers +zer