Denyhosts!

More..

* restricted username feature #restricted, * Synchronization download resiliency #sync_download_resiliency. * reset on success #reset_on_success * Synchronization mode is now supported by command line/cron version (with the sync flag DenyHosts 2.0 introduces _synchronization mode_ which allows DenyHosts daemons to proactively thwart attackers _before_ they strike your ssh server. Read the FAQ #sync for important information on how to configure DenyHosts for synchronization mode (hint: it's easy, but you must enable it #sync_enable explictly. DenyHosts now has an easier to remember url: www.denyhosts.net http://www.denyhosts.net

Denyhosts alternatives

  • SSHGuard

  • SSHGuard monitors services through their logging activity. It reacts to messages about dangerous activity by blocking the source address with the local firewall. SSHGuard employs a clever parser that can transparently recognize several logging formats at once (syslog, syslog-ng, metalog, multilog, raw messages), and detects attacks for many services out of the box, including SSH, several ftpds, and dovecot. It can operate all the major firewalling systems, and features support for IPv6, whitelisting, suspension, and log message authentication. ยป

    tags: bruteforce firewall freebsd intrusion-detection ssh

  • Fail2ban

  • Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).

    tags: firewall security-utilities internet-filter iptables ip-blocking

  • IPQ BDB

  • IPQ BDB filtering is done by a user space netfilter daemon that issues verdicts after looking up the IP address in a Berkeley DB. The fuzzy blocking model, freely inspired by STOCKADE, is designed to block non-distributed dictionary attacks and mitigate spam.

    tags: firewall gnu iptables

  • RdpGuard

  • RdpGuard allows you to protect your Remote Desktop (RDP) from brute-force attacks by blocking attacker's IP address. Fail2Ban for Windows.

    tags: remote-desktop-access rdp

  • IPBan

  • A FREE and open source application that allows banning ip addresses from failed terminal services or SQL server logins out of the box. Other types of banning are easily added via an application configuration file.

    tags: remote-desktop-access terminal-services

  • HeatShield

  • HeatShield is a network firewall management service for Linux servers. A firewall configured by HeatShield prevents unauthorized access to services running on your servers, such as SSH and MySQL. Using HeatShield, you can easily restrict access to these services so that only IP addresses you trust are allowed to communicate with your servers.

    tags: firewall server-management firewall-management bruteforce iptables

  • e.guardo Smart Defender

  • e.guardo protects your RDP, MSSQL, FTP, SMTP, EXCHANGE, OWA, LYNC, MICROSOFT DYNAMICS CRM, SHAREPOINT and many more services from Brute Force and Dictionary Attacks

    tags: online-service heuristic-detection hacker-protection ddos-protection brute-force-protection

  • SpyLog

  • lua-spylog - Execute actions based on log records

    tags: autoblock brute-force-protection bruteforce protection rdp-protection