Daemon to ban hosts that cause multiple authentication errors

A Linux packet crafting tool.

Centralize or distribute IPset blacklists

Anti-Abuse for servers at authentication time

RedisPushIptables is used to update firewall rules to reject the IP addresses for a specified amount of time or forever reject.

GeSWall, Intrusion Prevention System

Execute actions based on log records

docker modsecurity reverse proxy WAF based on nginx

Brute force attack prevention for remotely accessible SQL Server databases using PowerShell and Windows Task Scheduler API

Simple & efficient log file scanning and iptable filtering

Docker jail system based on the FreeBSD and BSD Jail system.

List of IP addresses and ranges caught during hacking and/or intrussion attempts.

Docker Image for remote dynamic IP blacklisting on UniFi USG.

Libellux: Up and Running is a collection of personal notes and documentation regarding open-source software configuration. The focus is to build a so called Zero Trust Network using a central authentication server to enhance the security for our existing applications. We will manage our network using an open-source software tool for provisioning and configuration management to automate and speed up productivity.

DHCP-DNS Sever Firewall Rules

A simple intrusion detection/prevention system framework written in PHP.

Bro is a powerful network analysis framework that is much different from the typical IDS you may know. Official mirror of git.bro.org/bro.git .

Gonzo Project Research Repository

DHCP-DNS Sever Firewall Rules

Detects online privacy intrusions, works 60% of the time...

Module on intrusion detection and prevention systems

Intrusion detection and prevention system

Suricata Intrusions Detection (IDS) rules

This is the C++ version of the StratosphereLinuxIPS. It is mainly used for integration with Snort and other IDSs.

An automatic reserved engineering threats detection tool “FLUKS”. The tool optimizes and extracts intelligent threat modules using a special designed machine learning algorithm technique, which allows forensic experts to visualize and explore different threats monitored by firewall, IDS/IPS and anti-virus server attacks. When a content of a file is loaded into FLUKS, a representative summary is executed with least significant attacks. It distinguishes the trace changes found in different attacks arc and re-routes the trails of routes back to origin source of attack. Forensic investigators can then determine a set of certain fields relevant to the attack according to the corresponding target.