Since 2011, IPBan is the world's most trusted, free security software to block hackers and botnets. With both Windows and Linux support, IPBan has your dedicated or cloud server protected. Upgrade to IPBan Pro today and get a discount. Auto-ban ip addresses by detecting failed logins from event viewer and/or log files. On Linux, SSH is watched by default. On Windows, RDP, OpenSSH, VNC, MySQL, SQL Server, Exchange, SmarterMail, and MailEnable are watched. More applications can easily be added via the config file. Highly configurable, many options to determine failed login count threshold, time to ban, etc. Make sure to check out the ipban.config file (formerly named DigitalRuby.IPBan.dll.config, see IPBanCore project) for configuration options, each option is documented with comments. Shared failed logins and bans. All your machines work together to instantly block attackers from your entire network.
Features
- Banning happens basically instantly for event viewer. For log files, you can set how often it polls for changes
- Very fast - I've optimized and tuned this code since 2012. The bottleneck is pretty much always the firewall implementation, not this code
- Unban ip addresses easily by placing an unban.txt file into the service folder with each ip address on a line to unban
- Highly configurable, many options to determine failed login count threshold, time to ban, etc.
- Works with ipv4 and ipv6 on all platforms
- Documentation available
- GUI to configure all settings