Built to react fast in server farms environments (ISPs, HSPs, organisations...) Hookem-Banem is a log monitoring system which monitors logs being sent to a central server (syslog, file...) and on detection of malicious intent (repeated login failures, many failed RCPT commands, bad HTTP requests... any other repeating condition you want to monitor for) it broadcasts a ban command to all servers in the cluster so the clients running on each machine can drop/reject any future connections from the attacker for a limited time (and on continued repeats even longer periods)
You can just monitor sshd logs for individual matching lines or using the built in pattern matching (generated line X then generated line Y), Hookem-Banem can be configured to only block specific attack attempts.
You're looking for the best programs similar to Hookem-Banem. Check out our top picks. Below, let's see if there are any Hookem-Banem alternatives that support your platform.
Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally...
SSHGuard monitors services through their logging activity. It reacts to messages about dangerous activity by blocking the source address with the local firewall....
The idea of denying access to SSH servers is nothing new and I was inspired by many other scripts that I discovered. However, none of them did things the way I...
RdpGuard allows you to protect your Remote Desktop (RDP) from brute-force attacks by blocking attacker's IP address. Fail2Ban for Windows.
e.guardo protects your RDP, MSSQL, FTP, SMTP, EXCHANGE, OWA, LYNC, MICROSOFT DYNAMICS CRM, SHAREPOINT and many more services from Brute Force and Dictionary Attacks
HeatShield is a network firewall management service and SSH brute force blocker for Linux servers.
Add your reviews & share your experience when using Hookem-Banem to the world. Your opinion will be useful to others who are looking for the best Hookem-Banem alternatives.