Fail2Ban
fail2ban.orgDaemon to ban hosts that cause multiple authentication errors
Securityintrusion-preventionfirewallbrute-force-protectionlinuxopen-sourceauthenticationlog-monitoring
About
Fail2Ban is an open-source intrusion prevention daemon that monitors log files for repeated failed authentication attempts and automatically updates firewall rules to block offending IP addresses. It supports a wide range of standard log formats out of the box, including sshd and Apache, and is highly configurable. The tool runs on Linux systems and is distributed under the GNU General Public License.
Problem
Servers are vulnerable to brute-force login attacks from repeated failed authentication attempts across exposed services.
For
Linux system administrators and server operators
How it works
Fail2Ban scans log files for repeated authentication failures and dynamically updates firewall rules to temporarily ban the offending IP addresses.
Business model
open-source
Status
launched
Founders
- Cyril Jaquier