SSHGuard

sshguard.net

Protects hosts from brute-force attacks against SSH and other services.

Visit
SSHGuard screenshot
/ About /

SSHGuard is an open-source security tool that monitors system logs and automatically blocks IP addresses performing brute-force attacks against SSH and other services. It uses a fast, sandboxed log parser to detect attack patterns and integrates with multiple firewall backends including iptables, ipfw, and pf. Designed for minimal system footprint, it supports IPv6, whitelisting, temporary or permanent blocking, and a wide range of log formats.

/ How it works /

SSHGuard ingests system logs, parses them with a compiled lexical analyzer to detect repeat attackers, and automatically blocks offending IPs using the host's firewall backend.

/ Who it's for /

System administrators managing internet-connected hosts on Linux, BSD, or macOS

/ More info /

Background.

Status
launched
Business model
open-source
/ Discovered patterns /

Similar projects.

Coming soonSpektrail’s read on Security

Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.

Coming soon

Have a take on this space?

Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.