fail2ban

fail2ban is a Python-based intrusion prevention software that can protect various services on Linux. It works by analyzing system and application log files (e.g., /var/log/auth.log, /var/log/apache/error_log) and taking actions if any abnormal activities are detected from the logs. To identify potential attack attempts, fail2ban relies on regular expression based filters. These filters can be enabled and customized to detect various attacks on different services, for example, brute-force SSH attacks from botnets, password-guessing attacks on web/FTP/database servers, webmail phishing attacks, port scanning attacks, etc. Upon detecting suspicious activities, fail2ban automatically blocks offending IP addresses using netfilter/iptables or TCP wrappers (/etc/hosts.deny) for user-configurable amount of time, with optional email notifications.


  • Website: http://www.fail2ban.org/
  • Platform: Linux, BSD
  • License: GNU GPLv2+
  • Source repository: git
  • Community: mailing list bug tracker
  • Features: , ,
  • Similar Software

    Snort Snort is a network-based intrusion detection and prevention system written in C. Snort sniffs network packets on the wire, analyzes packet contents against known attack signatures, and logs any suspi...
    Suricata Suricata is an open-source intrusion detection and prevention system (IDS/IPS) developed by the Open Information Security Foundation (OISF). It features a modularized and multi-threaded architecture ...
    Bro Bro is an open-source network monitoring and intrusion detection system written in C++. Bro collects live packets via the libpcap interface, analyzes packet contents, generates events from the analys...
    OSSEC OSSEC is an open-source host-based intrusion detection system written in C. In OSSEC, a centralized OSSEC manager stores events sent by the OSSEC agent deployed on individual hosts, and captures syste...

    Subscribe to Xmodulo List

    Do you want to receive posts about Linux applications and software recommended by Xmodulo List? Enter your email address below, and we will deliver our recommendations straight to your email box, for free. Delivery powered by Google Feedburner.

    Leave a comment

    Your email address will not be published. Required fields are marked *