Displaying 1 to 12 from 12 results

fail2ban - Daemon to ban hosts that cause multiple authentication errors

  •    Python

Fail2Ban scans log files like /var/log/auth.log and bans IP addresses having too many failed login attempts. It does this by updating system firewall rules to reject new connections from those IP addresses, for a configurable amount of time. Fail2Ban comes out-of-the-box ready to read many standard log files, such as those for sshd and Apache, and is easy to configure to read any log file you choose, for any error you choose. Though Fail2Ban is able to reduce the rate of incorrect authentications attempts, it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services.

Suricata IDS - Network threat detection engine

  •    C

The Suricata engine is capable of real time intrusion detection (IDS), inline intrusion prevention (IPS), network security monitoring (NSM) and offline pcap processing. Suricata inspects the network traffic using a powerful and extensive rules and signature language, and has powerful Lua scripting support for detection of complex threats.

Sguil - The Analyst Console for Network Security Monitoring

  •    Tcl

Sguil (pronounced sgweel) is built by network security analysts for network security analysts. Sguil's main component is an intuitive GUI that provides access to realtime events, session data, and raw packet captures. Sguil facilitates the practice of Network Security Monitoring and event driven analysis.

OpenWIPS-ng - Wireless Intrusion Prevention System

  •    C

OpenWIPS-ng is an open source and modular Wireless IPS (Intrusion Prevention System). It is composed of three parts: Sensor(s): "Dumb" devices that capture wireless traffic and sends it to the server for analysis. Also responds to attacks. Server: Aggregates the data from all sensors, analyzes it and responds to attacks. It also logs and alerts in case of an attack. Interface: GUI manages the server and displays information about the threats on your wireless network(s).




evebox - Web Based Event Viewer (GUI) for Suricata EVE Events in Elastic Search

  •    Go

EveBox is a web based Suricata "eve" event viewer for Elastic Search. And one of...


vallumd - Centralize or distribute IPset blacklists

  •    C

This program allows you to centralize and distribute IP blacklists. If you maintain a server on the Internet, it's very likely you encountered one or more brute force attacks. Not a problem, just install fail2ban. Done.

banisher - The Banisher watches your systemd journal and bans, with no delay, abusers.

  •    Go

The Banisher watches in real time your systemd journal and bans, via iptables, hosts who match on yours rules. Currently hosts (IP) are banished for 3 hours.

koa-ip-filter - koa middleware to filter request IPs or custom ID with glob patterns, array, string, regexp or matcher function

  •    Javascript

Middleware for koa that filters IPs against glob patterns, RegExp, string or array of globs. Support custom 403 Forbidden message and custom ID. Pull requests and stars are always welcome. For bugs and feature requests, please create an issue. But before doing anything, please read the CONTRIBUTING.md guidelines.