Look up in our databases for FREE!
Try Apility.io yourself 30 days free. No credit card required!
BRUTEFORCEBLOCKER - Bruteforce SSH blacklist
BruteForceBlocker is a perl script, that works along with pf – firewall developed by OpenBSD team (Which is also available on FreeBSD since version 5.2 is out). Its main purpose is to block SSH bruteforce attacks via firewall. It checks sshd logs from syslog and looks for Failed Login attempts – mostly some annoying script attacks, and counts number of such attempts. Since the version of BruteForceBlocker 1.2 it is also possible to report blocked IPs to the project site and share your information with other users.
IP in these lists are used to perform SSH attacks to end user services. Sometimes these attacks can be stopped blocking full access to a website with a firewall, but a fine grained access control at application level can be necessary.