Mercurial > hg > maltfilter

diff example.conf @ 4:b2c7c76b3529 maltfilter-0.7

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Added scanning feature for SSH root login attempts with failed passwords.
author Matti Hamalainen <ccr@tnsp.org>
date Thu, 13 Aug 2009 18:02:53 +0300
parents fec14263801d
children ee5f7b8dcdea
line wrap: on
line diff
--- a/example.conf	Thu Aug 13 17:44:25 2009 +0300
+++ b/example.conf	Thu Aug 13 18:02:53 2009 +0300
@@ -38,6 +38,11 @@
 CHK_PROXY_SCAN      = 1
 CHK_GOOD_HOSTS      = "example.org|google.com|74.125.45.100"
 
+# Notice! ONLY enable this setting, if you have disabled password root
+# logins from sshd_config (e.g. you have "PermitRootLogin without-password")
+# or that alternatively you have defined "safe" hosts in NOBLOCK_HOSTS below.
+CHK_ROOT_SSH_PWD    = 0
+
 # Maltfilter logfile path and name (set empty "" if you don't want logging)
 LOGFILE = "/var/log/maltfilter"