SSHGuard protects hosts from brute-force attacks against SSH and other services.
It has been written entirely in C and has no external dependencies and no
configuration file. SSHGuard aggregates system logs and blocks repeat offenders.
It can read log messages from standard input (suitable for piping from syslog)
or monitor one or more log files. Log messages are parsed, line-by-line, for
recognized patterns. If an attack, such as several login failures within a few
seconds, is detected, the offending IP is blocked. Offenders are unblocked after
a set interval, but can be semi-permanently banned using the blacklist option.
IMPORTANT:
You will need to properly set up "sshguard" chain in iptables. For further
information PLEASE CONSULT MAN PAGE, installed together with this package.
The information available on the website tends to be outdated, (it is well
worth reading anyway).