BanFromLog is a shell script which scans /var/log/auth.log to find IP addresses and ban them from accessing the server.
This software becomes very useful when managing several hundred, or even thousands, of users. Despite warning users about the importance of having a strong password, many will still have insecure passwords, which puts the server at risk. With this script, one can prevent all kinds of attacks that can occur when IPS attempt to access non-existent users.
These attacks generate a lot of traffic that can slow down the CPU, leading to performance problems. Even with a maximum number of attempts, attackers can saturate the server resources without being blocked.
BanFromLog resolves such issues by sending all IP addresses to a centralized MySQL server, where they can be monitored and handled. Any attacker attempting to penetrate one server will be blocked and prohibited from causing further damage to others.
Using BanFromLog, users need to meet some requirements, such as Bash, sqlite, or MySQL, and iptables. The new version of BanFromLog includes improvements such as printing in HTML the list of banned IPs to be more user friendly. Moreover, a bug has been corrected in the MySQL version, ensuring that all IPs are blocked correctly.
Overall, BanFromLog is an excellent software that provides an efficient way of securing servers and preventing attackers from gaining access to the system.
Version 0.75: N/A