$ cat pkg/DESCR uses logfile monitoring and protects networked hosts from ssh brute force attacks. It detects such attacks and blocks the author's address with a firewall rule.
------------------ Port here. http://gayatri-hitech.com/Misc/sshguard.tgz I have a problem here. It works only when you give group RW permission to /dev/pf. I instrumented sshguard to use pf(4) ioctl but I think the systrace policy is not allowing it to open /dev/pf. That needs to be fixed. Otherwise it works very well. -Girish
