blob: e10cb4081a63d310b2beedeb2933826a6efd8457 (
plain) (
tree)
|
|
Sshguard monitors services from their logging activity. It reacts to messages
about dangerous activity by blocking the source address with the local firewall.
Sshguard employs a clever parser that can recognize several logging formats at
once transparently (syslog, syslog-ng, metalog, multilog, raw messages), and
detects attacks for many services out of the box, including SSH, FreeBSD's
ftpd and dovecot. It can operate all the major firewalling systems, including
PF, netfilter/iptables, IPFIREWALL/ipfw, IPFILTER.
Sshguard has several relevant features like support for IPv6, whitelisting,
suspension, log message authentication. It is reliable, easy to set up and
demands very few resources to the system.
WWW: http://sshguard.sourceforge.net
|