Fail2ban scans log files (e.g. /var/log/apache/error_log) and bans IPs that show the malicious signs -- too many password failures, seeking for exploits, etc. Generally Fail2Ban is then used to update firewall rules to reject the IP addresses for a specified amount of time...
- - Fail2ban is the most popular Linux alternative to CrowdSec.
- - Fail2ban is the most popular Open Source & free alternative to CrowdSec.
A FREE and open source application that allows auto banning ip addresses from failed login attempts. Many sources are watched such as SSH, SMTP, SQL-Server, MySQL, RDP and dropped packets.
- - IPBanPro is the most popular Windows alternative to CrowdSec.
- - IPBanPro is the most popular commercial alternative to CrowdSec.
The idea of denying access to SSH servers is nothing new and I was inspired by many other scripts that I discovered. However, none of them did things the way I envisioned them to. Also, they were all shell scripts which do not offer the elegance of Python.