Sshlock locks out hosts which scan and run dictionary attacks against it.
Sshlock runs a daemon to monitor ssh logins. It will automatically block traffic from the offending host by adding a firewall rule. Sshlock runs on Linux, FreeBSD and NetBSD. It has not been tested on Solaris or other UNIX variants yet.
When a host is blocked, sshlock logs an entry through the syslog facility.
Jul 16 15:37:19 example sshlockd: ssh lock 184.108.40.206
Copyright © 2004-2006 Eland Systems All Rights Reserved.
THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT HOLDERS OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
The download is provided free of charge subject to our license agreement.
sshlock-1.1.tgz (8 KB)
If you have any questions or suggestions, send an email to email@example.com