[Logcheck-commits] CVS logcheck/rulefiles/linux/violations.ignore.d
CVS User jlps-guest
logcheck-devel at lists.alioth.debian.org
Sat Oct 15 17:31:06 UTC 2005
Update of /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d
In directory haydn:/tmp/cvs-serv22710
Modified Files:
logcheck-ssh
Log Message:
Suppress warnings from ssh about failed reverse DNS
--- /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-ssh 2005/06/23 08:16:52 1.2
+++ /cvsroot/logcheck/logcheck/rulefiles/linux/violations.ignore.d/logcheck-ssh 2005/10/15 17:31:05 1.3
@@ -1,2 +1,4 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: warning: /etc/hosts.deny, line [0-9]+: can't verify hostname: getaddrinfo\([._[:alnum:]-]+, AF_INET\) failed$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: warning: /etc/hosts.deny, line [0-9]+: host name/name mismatch: [._[:alnum:]-]+ != [._[:alnum:]-]+$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: reverse mapping checking getaddrinfo for [._[:alnum:]-]+ failed - POSSIBLE BREAKIN ATTEMPT!$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ sshd\[[0-9]+\]: Address [._[:alnum:]-]+ maps to [._[:alnum:]-]+, but this does not map back to the address - POSSIBLE BREAKIN ATTEMPT!$
More information about the Logcheck-commits
mailing list