SSHGuard
sshguard.netProtects hosts from brute-force attacks against SSH and other services.
Securitybrute-force-protectionsshfirewallintrusion-preventioniptablesopen-sourcesyslog
About
SSHGuard is an open-source security tool that monitors system logs and automatically blocks IP addresses performing brute-force attacks against SSH and other services. It uses a fast, sandboxed log parser to detect attack patterns and integrates with multiple firewall backends including iptables, ipfw, and pf. Designed for minimal system footprint, it supports IPv6, whitelisting, temporary or permanent blocking, and a wide range of log formats.
Problem
Internet-connected hosts are constantly targeted by brute-force attacks that compromise accounts and generate excessive system load and log noise.
For
System administrators managing internet-connected hosts on Linux, BSD, or macOS
How it works
SSHGuard ingests system logs, parses them with a compiled lexical analyzer to detect repeat attackers, and automatically blocks offending IPs using the host's firewall backend.
Business model
open-source
Status
launched