sshdfilter blocks ssh brute force attacks by analyzing sshd log output in real-time, offering automatic protection against security threats.
To keep the list of blocks small and fresh, block rules are removed after a week. In addition to this, SSHDFilter also comes with a LogWatch filter that makes it easier to find and analyze important information.
The latest release of SSHDFilter brings noteworthy improvements in terms of flexibility and convenience. The configuration parser has been completely rewritten, offering maximum flexibility to users. The pattern matching engine has also been updated to provide added capabilities.
SSHDFilter now has the capability to read SSHD messages from sshd -eD or via a named pipe retained by syslog. Moreover, hostname lookup has been added for PAM-based systems that display the hostname instead of the source IP. Finally, IPFW support has been recently added to the program.
Overall, SSHDFilter is an excellent tool to provide an extra layer of security to your system, guaranteeing your safety against SSH brute force attacks.
Version 1.5.4: N/A