csf.pignore - use more than one criteria
Posted: 14 Feb 2010, 17:24
Hi,
Would it be possible to change csf.pignore so that I can tell it to ignore the executable /bin/bash when it's from user stijn?
When i'm logged on with ssh I get these emails regularly, and the only possibility to stop them as far as I know is to add user:stijn or exe:/bin/bash to the list.
If i exclude /bin/bash I won't see notices for other people, and when I add my user, i won't receive any mails when my user account is compromised and someone is using it to run scanning tools.
Or maybe I'm just thinking a bit too paranoid
grtz,
Stijn
Would it be possible to change csf.pignore so that I can tell it to ignore the executable /bin/bash when it's from user stijn?
When i'm logged on with ssh I get these emails regularly, and the only possibility to stop them as far as I know is to add user:stijn or exe:/bin/bash to the list.
If i exclude /bin/bash I won't see notices for other people, and when I add my user, i won't receive any mails when my user account is compromised and someone is using it to run scanning tools.
Or maybe I'm just thinking a bit too paranoid
grtz,
Stijn