LinuxQuestions.org
Go Job Hunting at the LQ Job Marketplace
Go Back   LinuxQuestions.org > Forums > Non-*NIX Forums > Programming
User Name
Password
Programming This forum is for all programming questions.
The question does not have to be directly related to Linux and any language is fair game.

Notices



Reply
 
Search this Thread
Old 11-15-2008, 06:19 PM   #1
travisray2004
LQ Newbie
 
Registered: Jul 2007
Posts: 4

Rep: Reputation: 0
Exclamation create a rpm for sshdfilter


Hello All,

I am wanting to create a rpm for sshdfilter. I know it can be done, its just a matter of programing the install files. I am currently workings on the .spec file and stuck. The compressed file is found here.
sshdfilter.spec
Quote:
Summary: ssh brute force attack blocker
Name: sshdfilter
Version: 0.1.0alpha1
Release: 1.5.5
License: GPL
Group: Security
URL: http://www.csc.liv.ac.uk/~greg/sshdfilter/

Source: http://www.csc.liv.ac.uk/~greg/sshdfilter-%(version).tar.gz
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root

Requires: iptables
Requires: sshd
Requires: logwatch

%description
sshdfilter blocks the frequent brute force attacks on ssh daemons, it does this by directly reading the sshd logging output (or sysl
og output) and generating iptables (or ipfw) rules, the process can be quick enough to block an attack before they get a chance to e
nter any password at all. The blocking policy is defined by a list of blockrules largely by user name or by the type of user name. T
here are two install routes, the old style sshdfilter starts sshd itself, having started sshd with the -e and -D options. The newer
style uses a syslog configuration line that writes sshd messages to a dedicated named pipe, normally /var/log/sshd.fifo. Regardless,
this means sshdfilter can see events as they happen and act on them as they happen. sshdfilter then looks for lines of the form:

Did not receive identification string from x.x.x.x
Illegal user x from x.x.x.x
Failed password for illegal user x from x.x.x.x port x ssh2
Failed password for x from x.x.x.x port x ssh2

When sshd produces any of these messages, the response of sshdfilter is defined by the configuration file /etc/sshdfilterrc. The def
ault configuration file defines the first message as in instant block event that will install an iptables rule dropping that IP. The
other lines are given 3 chances (ie. this chance and two more) before an iptables dropping rule is generated and their IP is blocke
d.
%prep

%setup -q
%build
%install
%clean
%doc AUTHORS ChangeLog INSTALL NEWS TODO README COPYING

%changelog
* Sat Nov 15 2008 - travisray2004 at gmail dot com 0.1.0alpha1
- Initial release.
Currently need to work on the build/install/clean parts. Anyhelp is much appreciated.
 
Old 11-16-2008, 03:19 PM   #2
BlueC
Member
 
Registered: Aug 2007
Posts: 122

Rep: Reputation: 17
You could get a good idea from here:

http://www.filewatcher.com/p/sshdfil...lter.spec.html

P.S. There are ready-built RPMs for Mandriva at least and possibly other distros.
 
Old 11-16-2008, 04:42 PM   #3
travisray2004
LQ Newbie
 
Registered: Jul 2007
Posts: 4

Original Poster
Rep: Reputation: 0
Quote:
Originally Posted by BlueC View Post
You could get a good idea from here:

http://www.filewatcher.com/p/sshdfil...lter.spec.html

P.S. There are ready-built RPMs for Mandriva at least and possibly other distros.
Thanks. I wasn't sure if I could change it to Fedora based system. I will check it out. Thanks.
 
  


Reply

Tags
building, rpm


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Create RPM Packages siva19185 Linux - Newbie 1 07-02-2008 11:59 AM
how to create a RPM jp-lack Linux - General 1 05-04-2007 07:57 AM
Create Rpm sjacobs Linux - Software 0 11-03-2005 08:19 AM
how to create .rpm package shalin Programming 1 07-13-2004 11:12 AM
how to create RPM Package shalin Programming 0 03-10-2004 12:04 AM


All times are GMT -5. The time now is 07:35 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration