Jun 30

SSHGuard 2.4.3 release announcement

SSHGuard 2.4.3 has been released! Added Add signature for BIND Add signature for Gitea Add signature for Microsoft SQL Server for Linux Add signature for OpenVPN Portshare Add signature for user-defined HTTP attacks Update signatures for Dovecot Update signatures for Postfix Fixed Fix memset off-by-one Resolve DNS names in capability mode using casper
Mar 15

SSHGuard 2.4.2 release announcement

SSHGuard 2.4.2 has been released! Added Recognize rejections from Postfix’s postscreen daemon The parser can now be changed using the PARSER and POST_PARSER options Changed Remove some false positive attack signatures for SSH and Cyrus Adjust log verbosity of some log messages The firewalld backend now uses firewall-cmd instead of iptables to flush block lists
Jul 31

SSHGuard 2.4.1 release announcement

SSHGuard 2.4.1 has been released! More details are available in the release announcement.
Jun 10

SSHGuard 2.4.0 release announcement

SSHGuard 2.4.0 has been released! More details are available in the release announcement.
Jan 1

SSHGuard 2.3.1 release announcement

SSHGuard 2.3.1 has been released! More details are available in the release announcement.
Dec 15

SSHGuard 2.3.0 release announcement

SSHGuard 2.3.0 has been released! More details are available in the release announcement.
Jul 9

SSHGuard 2.2.0 release announcement

SSHGuard 2.2.0 has been released! More details are available in the release announcement.
Nov 9

SSHGuard 2.1.0 release announcement

SSHGuard 2.1.0 has been released! More details are available in the release announcement.
Apr 24

The story of how SSH got to be on port 22

Passing along an interesting read by Tatu Ylonen, the inventor of the original SSH program and the SSH 1 protocol, on how it’s not a coincidence that SSH got assigned to port number 22 and how scared he was of the [in]formal process of allocating a port number. If you’re scared of leaving your SSH server unprotected today – almost 22 years later, you can get to sleep a little easier by installing SSHGuard.
Mar 6

SSHGuard 2.0.0 release announcement

SSHGuard 2.0.0 has been released, and here are the highlights: Added Add firewalld backend Add ipset backend Annotate logs using -a flag to sshg-parser Match “no matching cipher” for SSH Preliminary support for Capsicum and pledge() Resurrect ipfilter backend Support reading from os_log on macOS 10.12 and systemd journal Changed Add warning when reading from standard input Build and install all backends by default Improve log messages and tweak logging priorities Runtime flags now configurable in the configuration file SSHGuard requires a configuration file to start Removed
Mar 6

SSHGuard installed by default in Ubuntu MATE 16.04.2 for Raspberry Pi

The Ubuntu MATE blog have announced that SSHGuard will be enabled by default when users enable SSH in Ubuntu MATE for Raspberry Pi. Ubuntu MATE 16.04.2 has disabled SSH by default, but once SSH is enabled by users — it will also enable SSHGuard at the same time. This will help protect the resource-limited Raspberry Pi devices against scripted attacks on their SSH service. Users may also soon see SSHGuard pop up in other Raspberry Pi focused Linux distributions based on Ubuntu Pi Flavours for Raspberry Pi as per their blog.