Hookem-Banem
Built to react fast in server farms environments (ISPs, HSPs, organisations...) Hookem-Banem is a log monitoring system which monitors logs being sent to a central server (syslog, file...) and on detection of malicious intent (repeated login failures, many failed RCPT commands...
Features
- Distributed
- Firewall
- Support for IPv6
Tags
- Log Monitoring
- subnetting
- centralized-logging
- cluster
Hookem-Banem News & Activities
Recent activities
Hookem-Banem information
Developed by
UnknownLicensing
Open Source (GPL-3.0) and Free product.Written in
Alternatives
8 alternatives listedSupported Languages
- English
AlternativeTo Category
Security & PrivacyGitHub repository
- 1 Stars
- 0 Forks
- 0 Open Issues
- Updated
What is Hookem-Banem?
Built to react fast in server farms environments (ISPs, HSPs, organisations...) Hookem-Banem is a log monitoring system which monitors logs being sent to a central server (syslog, file...) and on detection of malicious intent (repeated login failures, many failed RCPT commands, bad HTTP requests... any other repeating condition you want to monitor for) it broadcasts a ban command to all servers in the cluster so the clients running on each machine can drop/reject any future connections from the attacker for a limited time (and on continued repeats even longer periods)
You can just monitor sshd logs for individual matching lines or using the built in pattern matching (generated line X then generated line Y), Hookem-Banem can be configured to only block specific attack attempts.