Release Notes: This is a milestone release, coming after 18 months of development and testing and a long list of beta and RC releases. Two major features are introduced: the LogSucker, to monitor many log sources at once, and attack dangerousness, to punish attacks with fine-tuned severity. Along with these comes a long list of further minor features, signatures, and fixes. All users are strongly recommended to update to this version, and report missing signatures to http://sshguard.net/newsignature/ .
Release Notes: This release candidate fixes the last known bugs submitted by users for 1.5rc3. Fixes cover mainly Solaris portability, plus whitelisting and a rare assertion violation and file descriptor leak. This is the last RC planned before 1.5 stable.
Release Notes: This release contains improvements to blacklisting, the Log Sucker, and logging. Some fixes were made to the process authentication system, recognition of multilog messages, and documentation.
Release Notes: This release fixes compilation issues on Solaris, fixes the "hosts" backend's logic for temporary files, and fixes the blacklist module to avoid inconsistencies in saved blacklists.
Release Notes: With respect to 1.5beta3, this release completes support for IPv6 by adding support for CIDR-based IPv6 whitelisting and whitelisting of both IPv4 and IPv6 addresses when adding hosts. IPv4-mapped IPv6 addresses are passed to backend firewalls as IPv4. This is the last release that adds features for 1.5. The next releases will only fix bugs until 1.5 stable.
Release Notes: Sshguard now recognizes "last message repeated N times" messages, contextually and per-source. Attackers are now gauged with dangerousness instead of attack counts by adjusting the '-a' option. Support for Sendmail relaying abuse and for vsftpd authentication failure messages has been added. The recognition of messages of Gentoo's PAM implementation for authentication failure has been added.
Release Notes: The Log Sucker has been extended to handle volatile files. Support was included for new attack patterns from Exim and cucipop. The recognition of certain IPv6 addresses has been corrected.
Release Notes: This release is capable of monitoring many log files at once without relying on logging systems such as syslog. It introduces a number of other fixes and improvements.
Release Notes: This release includes many new features (touchiness, automatic permanent blacklisting, IPv6 whitelisting, and more), many bugfixes to the logic, and some fixes and additions to the log analyzer.
Release Notes: Planned as the last Release Candidate before 1.4 stable, this series contains several new features and bugfixes. Notably, sshguard is now "touchy", reacts increasingly badly with insisting abusers, and can build a permanent blacklist of frequent attackers to be loaded at each start-up. Bugfixes cover IPv6 compatibility on the Mac and a potential BoF exploitable by local users when SSHGuard is setuid-root.