From 4964d6635d159f364950304000c512faf14b2f3d Mon Sep 17 00:00:00 2001 From: Sam Therapy Date: Fri, 23 Aug 2024 20:23:11 +0200 Subject: [PATCH] Initial commit Signed-off-by: Sam Therapy --- .gitignore | 3 +++ .gitmodules | 6 ++++++ README.md | 12 +++++++++++ fail2ban-endlessh | 1 + helpers/endlessh.conf | 27 ++++++++++++++++++++++++ helpers/endlessh.sh | 7 +++++++ helpers/fail2ban-endlessh.sh | 3 +++ krathalan-endlessh | 1 + nfpms/endlessh-krathalan.yaml | 39 +++++++++++++++++++++++++++++++++++ nfpms/fail2ban-endlessh.yaml | 31 ++++++++++++++++++++++++++++ 10 files changed, 130 insertions(+) create mode 100644 .gitignore create mode 100644 .gitmodules create mode 100644 README.md create mode 160000 fail2ban-endlessh create mode 100644 helpers/endlessh.conf create mode 100644 helpers/endlessh.sh create mode 100644 helpers/fail2ban-endlessh.sh create mode 160000 krathalan-endlessh create mode 100644 nfpms/endlessh-krathalan.yaml create mode 100644 nfpms/fail2ban-endlessh.yaml diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..ce0cc0a --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +*.deb +*.rpm +*.apk \ No newline at end of file diff --git a/.gitmodules b/.gitmodules new file mode 100644 index 0000000..a619443 --- /dev/null +++ b/.gitmodules @@ -0,0 +1,6 @@ +[submodule "fail2ban-endlessh"] + path = fail2ban-endlessh + url = https://github.com/SamTherapy/fail2ban-endlessh +[submodule "krathalan-endlessh"] + path = krathalan-endlessh + url = https://github.com/krathalan/endlessh diff --git a/README.md b/README.md new file mode 100644 index 0000000..18f1394 --- /dev/null +++ b/README.md @@ -0,0 +1,12 @@ +# TODO + +## Adding + +```sh +# Add PGP key +sudo curl https://git.froth.zone/api/packages/packaging/debian/repository.key -o /usr/share/keyrings/git-froth-zone-packaging.asc +# Add repo +echo "deb [signed-by=/usr/share/keyrings/git-froth-zone-packaging.asc] https://git.froth.zone/api/packages/packaging/debian sid main" | sudo tee /etc/apt/sources.list.d/git-froth-zone-packaging.list +# Update and install +sudo apt update +``` \ No newline at end of file diff --git a/fail2ban-endlessh b/fail2ban-endlessh new file mode 160000 index 0000000..faae1d6 --- /dev/null +++ b/fail2ban-endlessh @@ -0,0 +1 @@ +Subproject commit faae1d6d7a0d2f476700a5138fb81f5babb3fd66 diff --git a/helpers/endlessh.conf b/helpers/endlessh.conf new file mode 100644 index 0000000..08bd6c8 --- /dev/null +++ b/helpers/endlessh.conf @@ -0,0 +1,27 @@ +# The port on which to listen for new SSH connections. +Port 2222 + +# The endless banner is sent one line at a time. This is the delay +# in milliseconds between individual lines. +Delay 10000 + +# The length of each line is randomized. This controls the maximum +# length of each line. Shorter lines may keep clients on for longer if +# they give up after a certain number of bytes. +MaxLineLength 32 + +# Maximum number of connections to accept at a time. Connections beyond +# this are not immediately rejected, but will wait in the queue. +MaxClients 4096 + +# Set the detail level for the log. +# 0 = Quiet +# 1 = Standard, useful log messages +# 2 = Very noisy debugging information +LogLevel 1 + +# Set the family of the listening socket +# 0 = Use IPv4 Mapped IPv6 (Both v4 and v6, default) +# 4 = Use IPv4 only +# 6 = Use IPv6 only +BindFamily 0 \ No newline at end of file diff --git a/helpers/endlessh.sh b/helpers/endlessh.sh new file mode 100644 index 0000000..30d0678 --- /dev/null +++ b/helpers/endlessh.sh @@ -0,0 +1,7 @@ +#!/bin/sh + +systemctl daemon-reload +systemctl unmask endlessh +systemctl preset endlessh +systemctl enable endlessh +systemctl restart endlessh \ No newline at end of file diff --git a/helpers/fail2ban-endlessh.sh b/helpers/fail2ban-endlessh.sh new file mode 100644 index 0000000..23c6524 --- /dev/null +++ b/helpers/fail2ban-endlessh.sh @@ -0,0 +1,3 @@ +#!/bin/sh + +systemctl restart fail2ban \ No newline at end of file diff --git a/krathalan-endlessh b/krathalan-endlessh new file mode 160000 index 0000000..4858c60 --- /dev/null +++ b/krathalan-endlessh @@ -0,0 +1 @@ +Subproject commit 4858c6031f959c0805f5dd9868a907993d17b997 diff --git a/nfpms/endlessh-krathalan.yaml b/nfpms/endlessh-krathalan.yaml new file mode 100644 index 0000000..ce26c27 --- /dev/null +++ b/nfpms/endlessh-krathalan.yaml @@ -0,0 +1,39 @@ +# nfpm example configuration file +# +# check https://nfpm.goreleaser.com/configuration for detailed usage +# +name: "endlessh-krathalan" +arch: "amd64" +platform: "linux" +version: "20240823" +version_schema: none +section: "default" +priority: "extra" +provides: + - endlessh +recommends: + - fail2ban + - fail2ban-endlessh +conflicts: + - endlessh +maintainer: "Sam Therapy " +description: | + SSH tarpit that slowly sends an endless banner | Krathalan fork +homepage: "https://github.com/krathalan/endlessh" +license: "Unlicense" +contents: + - src: ./krathalan-endlessh/endlessh + dst: /usr/bin/endlessh + - src: ./krathalan-endlessh/endlessh.1 + dst: /usr/share/man/man1/endlessh.1 + - src: ./krathalan-endlessh/util/endlessh.service + dst: /lib/systemd/system/endlessh.service + - src: ./helpers/endlessh.conf + dst: /etc/endlessh.conf + type: config + - src: /etc/endlessh.conf + dst: /etc/endlessh/config + type: symlink +scripts: + postinstall: ./helpers/endlessh.sh +# yaml-language-server: $schema=https://nfpm.goreleaser.com/static/schema.json diff --git a/nfpms/fail2ban-endlessh.yaml b/nfpms/fail2ban-endlessh.yaml new file mode 100644 index 0000000..f076769 --- /dev/null +++ b/nfpms/fail2ban-endlessh.yaml @@ -0,0 +1,31 @@ +# nfpm example configuration file +# +# check https://nfpm.goreleaser.com/configuration for detailed usage +# + +name: "fail2ban-endlessh" +arch: "all" +platform: "linux" +version: "20240823" +version_schema: none +section: "default" +priority: "extra" +depends: + - fail2ban + - endlessh +maintainer: "Sam Therapy " +description: | + Combining the powers of endlessh and fail2ban. +homepage: "https://github.com/SamTherapy/fail2ban-endlessh" +license: "Unlicense" +contents: + - src: ./fail2ban-endlessh/action.d/endlessh.conf + dst: /etc/fail2ban/action.d/endlessh.conf + type: config + - src: ./fail2ban-endlessh/jail.d/endlessh.conf + dst: /etc/fail2ban/jail.d/endlessh.conf + type: config +scripts: + postinstall: ./helpers/fail2ban-endlessh.sh + postremove: ./helpers/fail2ban-endlessh.sh +# yaml-language-server: $schema=https://nfpm.goreleaser.com/static/schema.json