# How to read sshguard blacklist.db



## jjdltorre (Mar 31, 2011)

I started using sshguard and added this line:

```
-b 5:/var/db/sshguard/blacklist.db
```

as per http://www.sshguard.net/docs/man/sshguard/ 

There is data in the /var/dbsshguard/blacklist.db but I can't read it. 

The man page states "the strings(1) command can be used to peek in it for listing the blacklisted addresses" but I can't figure out how to do this. 

I read the man pages for strings by doing 
	
	



```
%man -S 1 strings
```
 but still wasn't able to figured out how to view it.  

How do you use strings to view the blocklist.db?

Thank you in advance.


----------



## jjdltorre (Mar 31, 2011)

Here is what I get so far:

```
%strings -n 1 blacklist.db
I
cF
nM
F
nM
```

Here is what I see on my messages: 

```
Mar 31 03:30:29 MyServer sshguard[31180]: Blacklist file '/var/db/sshguard/blacklist.db' doesn't exist, I'll create it for you.
Mar 31 03:31:38 MyServer sshguard[31180]: Blocking 60.12.50.132:4 for >420secs: 4 failures over 69 seconds.
Mar 31 03:46:49 MyServer sshguard[31180]: Blocking 60.12.50.132:4 for >1680secs: 4 failures over 209 seconds.
```

I assumed that that would add 60.12.50.132 IP address to the blacklist.db.


----------

