README (1060B)
1 gods 2 --- 3 A simpler solution to the problem of blocking malicious ssh users. 4 5 Why gods? 6 --- 7 It is just an anagram for sdog. 8 9 What is it? 10 --- 11 It is intended to be used as a daemon to block unsolicited ssh users 12 from trying to bruteforce their way through. 13 14 sdog reads authlog (/var/log/authlog) and blocks ips based on simple 15 pattern matching. It depends on two config files which are mutually 16 exclusive to each other. 17 18 /etc/gods/blacklist 19 As the name suggests this file shall contain the ip addresses 20 one wishes to block eternally. 21 22 /etc/gods/whitelist 23 As the name suggests this file shall contain the ip addresses 24 one wishes to allow access eternally. 25 26 Apart from the directives that sdog learns from these files, it shall 27 ban/unban users based on a simple mathematical model: 28 blockage duration = 3 ^ n 29 where n is the number of times the respective user 30 has tried to authenticate and failed. 31 n is an element of the set [-1,8] 32 33 After 8 tries, the said user is blacklisted eternally. 34 35 The initial idea is to support pf and npf. 36 37 Cheers 38 zer