RdpGuard!

SSHGuard monitors services through their logging activity. It reacts to messages about dangerous activity by blocking the source address with the local firewall. SSHGuard employs a clever parser that can transparently recognize several logging formats at once (syslog, syslog-ng, metalog, multilog, raw messages), and detects attacks for many services out of the box, including SSH, several ftpds, and dovecot. It can operate all the major firewalling systems, and features support for IPv6, whitelisting, suspension, and log message authentication. »

Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time, although any arbitrary other action (e.g. sending an email) could also be configured. Out of the box Fail2Ban comes with filters for various services (apache, courier, ssh, etc).

The idea of denying access to SSH servers is nothing new and I was inspired by many other scripts that I discovered. However, none of them did things the way I envisioned them to. Also, they were all shell scripts which do not offer the elegance of Python.

An autoblocker for brute force attacks primarily for Windows Servers with good information in the admin mils telling you DNS names, country of origin and username used for the attack.

IPQ BDB filtering is done by a user space netfilter daemon that issues verdicts after looking up the IP address in a Berkeley DB. The fuzzy blocking model, freely inspired by STOCKADE, is designed to block non-distributed dictionary attacks and mitigate spam.

e.guardo protects your RDP, MSSQL, FTP, SMTP, EXCHANGE, OWA, LYNC, MICROSOFT DYNAMICS CRM, SHAREPOINT and many more services from Brute Force and Dictionary Attacks

DDoS Protection tool. Anti DDoS Guardian stops DDoS attacks for Windows servers, it prevents Remote Desktop Connection brute force attacks, Slow HTTP Get&Post attacks, SYN flood, TCP flood, UDP flood, ICMP flood, bandwidth attacks, etc.

Lit Fuse Intrusion Detection (LID) protects your Windows system from brute force attacks and other intrusion attempts by placing a brick wall between your server and would-be hackers. Lightweight and lightning-fast, our software keeps an eye on your network traffic 24/7, watching for suspicious activity.

lua-spylog - Execute actions based on log records

A FREE and open source application that allows banning ip addresses from failed terminal services or SQL server logins out of the box. Other types of banning are easily added via an application configuration file.

Protected against RDP-Brute forcers. It installs a service which scans the event log for anomalies every 30 seconds (by default).When the service finds out that someone is taunting your server with RDP-login attempts, it adds the remote IP to a generic rule in the windows firewall which locks out the attacker. After 2 hours (default), the ban will be lifted, i.e. the IP will be removed from the rule.