LF Intrusion Detection!

SSHGuard monitors services through their logging activity. It reacts to messages about dangerous activity by blocking the source address with the local firewall. SSHGuard employs a clever parser that can transparently recognize several logging formats at once (syslog, syslog-ng, metalog, multilog, raw messages), and detects attacks for many services out of the box, including SSH, several ftpds, and dovecot. It can operate all the major firewalling systems, and features support for IPv6, whitelisting, suspension, and log message authentication. »

Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).

RdpGuard allows you to protect your Remote Desktop (RDP) from brute-force attacks by blocking attacker's IP address. Fail2Ban for Windows.

DDoS Protection tool. Anti DDoS Guardian stops DDoS attacks for Windows servers, it prevents Remote Desktop Connection brute force attacks, Slow HTTP Get&Post attacks, SYN flood, TCP flood, UDP flood, ICMP flood, bandwidth attacks, etc.

lua-spylog - Execute actions based on log records

An autoblocker for brute force attacks primarily for Windows Servers with good information in the admin mils telling you DNS names, country of origin and username used for the attack.