BlockSSHD is a Perl script that prevents SSH brute force attacks by adding dynamic IPTables rules, based on the BruteForceBlocker v1.2.3 approach.
BlockSSHD script has a feature that allows a user to define a time-out to trigger a counter reset. If the counter incremented, but has not yet reached the threshold, and a new login failure message is detected, BlockSSHD checks the time-out. If the last increment of the counter occurred before the current time minus the time-out period, the counter resets instead of increasing. The time-out is set to ten minutes by default.
Apart from its excellent functionality, BlockSSHD also has some command-line options, including options to run the script as a daemon, stop the script, print help text, and print the version. Additionally, running the BlockSSHD script without any command line options will start it in interactive mode. It also includes a Red Hat-style init script in the init directory.
This new version of BlockSSHD comes packed with several features, including the addition of Anton's WHOIS function to blocking emails. The restore block function is also added to ensure old IPS are not accidentally applied. The restore block function is on by default, and the log file is created automatically when the function is enabled.
Overall, BlockSSHD is a robust and well-conceived script that runs efficiently to prevent SSH brute force attacks. With its unique features and functional interface, it is a top-notch security solution for every user.
Version 1.1: N/A