SSHGuard
Protects hosts from brute-force attacks against SSH and other services.

SSHGuard is an open-source security tool that monitors system logs and automatically blocks IP addresses performing brute-force attacks against SSH and other services. It uses a fast, sandboxed log parser to detect attack patterns and integrates with multiple firewall backends including iptables, ipfw, and pf. Designed for minimal system footprint, it supports IPv6, whitelisting, temporary or permanent blocking, and a wide range of log formats.
SSHGuard ingests system logs, parses them with a compiled lexical analyzer to detect repeat attackers, and automatically blocks offending IPs using the host's firewall backend.
System administrators managing internet-connected hosts on Linux, BSD, or macOS
Background.
- Status
- launched
- Business model
- open-source
Similar projects.
Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.
Have a take on this space?
Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.