Projects / BlockHosts


BlockHosts is a script to record how many times a local system is attacked, based on configurable scanning of system logs for sshd or other services. When a particular IP address exceeds a configured number of failed login attempts, that IP address is blocked using hosts.allow files, or by using null-routing, or by using packet filtering. An email notification facility is also available.

Operating Systems

Recent releases

  •  23 Sep 2012 12:44

    Release Notes: Now with IPv6 support. This is preliminary, and requires underlying tools to support IPv6.

    •  18 Jun 2011 09:52

      Release Notes: This release fixed a failure to read time values on certain systems that occurred because Python strptime could not read times written by strftime on the same system. The solution was to remove the use of strptime from

      •  19 Mar 2011 20:13

        Release Notes: The RPM package had an incorrect dependency on Python 2.6, which is now removed.

        •  14 Aug 2010 21:33

          Release Notes: Detection of duplicate log messages was fixed, since it used to mask multiple login failures for sshd.

          •  17 May 2008 21:04

            Release Notes: iptables is now updated by inserting blockhosts blocking rules at the beginning of the chain instead of at the end. This will allow servers with default policy of both DROP or ACCEPT to make use of blockhosts. Both INPUT and FORWARD chains will now block traffic from rogue IP hosts.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.