IPBan!

More..

52. [email protected] says: August 8, 2013 at 2:14 pm http://www.digitalruby.com/securing-your-windows-dedicated-server/#comment-11720
Hi, I have installed the service but can't see it in the services (and can't start it so, here is the install log > _Installing assembly 'C: Users nl20121974 Desktop IPBan IPBan.exe'._ > _Affected parameters are:_ > _   logtoconsole _ > _   logfile C: Users nl20121974 Desktop IPBan IPBan.InstallLog_ > _   assemblypath C: Users nl20121974 Desktop IPBan IPBan.exe_ > _No public installers with the RunInstallerAttribute.Yes attribute could be found in the C: Users nl20121974 Desktop IPBan IPBan.exe assembly._ > _Committing assembly 'C: Users nl20121974 Desktop IPBan IPBan.exe'._ > _Affected parameters are:_ > _   logto

IPBan alternatives

  • SSHGuard

  • SSHGuard monitors services through their logging activity. It reacts to messages about dangerous activity by blocking the source address with the local firewall. SSHGuard employs a clever parser that can transparently recognize several logging formats at once (syslog, syslog-ng, metalog, multilog, raw messages), and detects attacks for many services out of the box, including SSH, several ftpds, and dovecot. It can operate all the major firewalling systems, and features support for IPv6, whitelisting, suspension, and log message authentication. »

    tags: bruteforce firewall freebsd intrusion-detection ssh

  • Fail2ban

  • Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).

    tags: firewall security-utilities internet-filter iptables ip-blocking

  • Denyhosts

  • The idea of denying access to SSH servers is nothing new and I was inspired by many other scripts that I discovered. However, none of them did things the way I envisioned them to. Also, they were all shell scripts which do not offer the elegance of Python.

    tags: daemon bruteforce web-log-analyzer ssh-bruteforce

  • IPQ BDB

  • IPQ BDB filtering is done by a user space netfilter daemon that issues verdicts after looking up the IP address in a Berkeley DB. The fuzzy blocking model, freely inspired by STOCKADE, is designed to block non-distributed dictionary attacks and mitigate spam.

    tags: firewall gnu iptables

  • RdpGuard

  • RdpGuard allows you to protect your Remote Desktop (RDP) from brute-force attacks by blocking attacker's IP address. Fail2Ban for Windows.

    tags: remote-desktop-access rdp

  • EvlWatcher

  • Protected against RDP-Brute forcers. It installs a service which scans the event log for anomalies every 30 seconds (by default).When the service finds out that someone is taunting your server with RDP-login attempts, it adds the remote IP to a generic rule in the windows firewall which locks out the attacker. After 2 hours (default), the ban will be lifted, i.e. the IP will be removed from the rule.

    tags: protection rdp-protection remote-desktop-access

  • e.guardo Smart Defender

  • e.guardo protects your RDP, MSSQL, FTP, SMTP, EXCHANGE, OWA, LYNC, MICROSOFT DYNAMICS CRM, SHAREPOINT and many more services from Brute Force and Dictionary Attacks

    tags: online-service heuristic-detection hacker-protection ddos-protection brute-force-protection

  • SpyLog

  • lua-spylog - Execute actions based on log records

    tags: autoblock brute-force-protection bruteforce protection rdp-protection