CD Inserts & Envelopes Web Interface
Nisha Ganatra's Films
Cake: starring Heather Graham
ITRANS Song Book Hindi, Urdu, Marathi song lyrics
ILKEYB $$ Indian Languages Package for Windows
Travel Travel reports, it is all about food
Montreal: Schwartz's, Le Petit Alep
Albums: Pictures and some notes
BlockHosts block hosts
BlockHosts FAQ
BlockHosts Forum
Blog Mostly consumer and technology topics
Email: avinash@aczoom.com
Copyright © 1995-2011 Avinash Chopde, avinash@aczoom.com
I admit it regex has never been my strong side. What I would like to match is the following
Nov 20 21:55:30 zummer sshd[21198]: error: PAM: User not known to the underlying authentication module for root from 59.6.185.37
Nov 20 21:56:30 zummer sshd[21207]: error: PAM: User not known to the underlying authentication module for root from 61.155.105.62
I'v had a lot of these lately and even though the attempt dont constitute any risk (no root login on this box) I think the attacker has demonstrated his intention. So I tried to build a new pattern like this:
"sshd-NotKnown":
r'{LOG_PREFIX{sshd}} User not known to the underlying authentication module for .* from {HOST_IP}',
but to no avail. Blockhost does not detect the attach.
What am I doing wrong?
Recent comments
1 week 5 days ago
2 weeks 6 days ago
2 weeks 6 days ago
3 weeks 3 days ago
7 weeks 5 days ago
9 weeks 5 days ago
12 weeks 6 days ago
17 weeks 18 hours ago
17 weeks 5 days ago
20 weeks 12 hours ago