BlockSSHD 1.1

BlockSSHD is a Perl script based on BruteForceBlocker v1.2.3 that dynamically adds IPTables rules to block SSH brute force.
BlockSSHD is a Perl script based on BruteForceBlocker v1.2.3 that dynamically adds IPTables rules to block SSH brute force attacks.

BlockSSHD checks a log file you specify, for example /var/log/secure on a Red
Hat, for SSH login failure messages. If it detects a failure message it records the source IP address and starts a counter. If messages continue to be detected from the same source IP address the counter is incremented for each message. When the counter reaches a user-specified threshold then the script will add an IPTables rules blocking SSH connections from that source IP address.

A user-specified time-out is also defined to trigger a reset of the counter. If the counter is incremented but has not yet reached the blocking threshold and a new login failure message arrives then BlockSSHD checks the time-out. If the last increment of the counter occurred earlier than the current time minus the time-out period then the counter is reset rather than incremented. The time-out defaults to 600 seconds (10 minutes).

The BlockSSHD script also has some command line options:

*) -d | --daemon | --start - Runs the script as a daemon
*) --stop - Stops the script
*) -h | --help - Prints help text
*) -v | --version - Print the version

Running the BlockSSHD script without any command line options will start it interactively.

You will also find a Red Hat style init script in the init directory.

What's New in This Release:

Fixed weird ^Ms in files
Added Anton's WHOIS functino to blocking emails
If restore block function is off then remove log file to ensure old IPS are not accidently applied
If restore block function is on then automatically create log file

last updated on:
April 27th, 2007, 18:35 GMT
price:
FREE!
developed by:
James Turnbull
license type:
GPL (GNU General Public License) 
category:
ROOT \ System \ Networking

FREE!

In a hurry? Add it to your Download Basket!

user rating 1

UNRATED
5.0/5
 

0/5

Add your review!

SUBMIT