Search Results for "ips"

Fail2Ban scans log files and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).

Scan systemd journal file for failed sshd login attempts in a given period. Add iptables rules to ban offenders.

Please see http://firehol.org/ for up-to-date releases and information. FireHOL is a stateful iptables packet filtering firewall configurator. It is abstracted, extensible, easy and powerful. It can handle any kind of firewall, but most importantly, it gives you the means to configure it, the same way you think of it.

Administration tool for Linux-based ISP traffic shaper

This is a simple Webinterface to ban or unban IPs with Fail2Ban. Written in PHP. Uses fail2ban-client operations on the local socket. Questions? Contact me: steffen[at]simails.de Update for Debian 13 Trixie and others running systemd: To get the socket-permission fix working, do this: 1. systemctl edit fail2ban [Service] ExecStartPost=/bin/sh -c 'while [ ! -S /var/run/fail2ban/fail2ban.sock ]; do sleep 0.2; done; chmod 0766 /var/run/fail2ban/fail2ban.sock' -> strg+o, strg+x 2. systemctl daemon-reload 3. systemctl restart fail2ban 4. ls -l /var/run/fail2ban/fail2ban.sock

SendCommand is a Perl script that uses the Expect library to automate telnet and ssh sessions on remote hosts (Cisco, Netscreen, Bluecoat and more). Executes commands and outputs results to stdout or into files. It aims to be a very flexible tool.

Subnet manager web interface supporting IPv4 and IPv6 to document your subnets and individual IPs, allocate desired blocks automatically, auto-collapsing of unused subnets, group related subnets together and send SWIPs to ARIN easily. Optional PowerDNS integration to update revdns an A records of IPs.

This product is no longer maintained: The author created alternative tools: https://databunker.org/ and https://privacybunker.io/ GreenSQL is a database firewall engine used to protect Open Source Databases from SQL injection attacks. It works in proxy mode. Application logic is based on evaluating of SQL commands using risk score factors, as well as blocking of sensitive commands

JWAIM is a security framework for Java Web Applications. It provides modules and interfaces to add monitoring, firewall and IPS capabilities in the application server.

Concurrent SSH client, with fixed-length queue of active threads, file upload and download and more.

Secwatch is an intrusion detection system using log analysis to detect service scan and other brute-force attempts on a server or other computer using system logs and will create temporary firewall rules to block offending IPs