Projects / Daemon Shield

Daemon Shield

Daemon Shield is a Linux intrusion prevention daemon that scans for brute force break-in attacks in real time and uses iptables to create rules that block the attackers' IP addresses for a configurable period of time. It uses handlers that watch for attacks against given services, such as SSH, telnet, FTP, etc. It is highly configurable through a central configuration file. It loads existing blocklist rules into iptables on startup, and removes the blocklist rules when it shuts down. Other major features include background daemon operation, logging to syslog, easy-to-extend handlers, configurable block duration, and email notifications.

Tags
Licenses
Operating Systems
Implementation
Translations

RSS Recent releases

  •  06 Jul 2005 08:36

Release Notes: All of the required IP chains and rules are now created upon startup and removed upon shutdown automatically, without file editing by hand. The init script should no longer depend on an RHEL-based distribution. The configure script now has a --with-python option in order to accomodate multiple installed Python distributions. More documentation has been written, including some information on installing Python 2.3. There are several minor bugfixes.

Release Notes: This release works well in the environments where it has been tested, which include RHEL ES 4, CentOS 4, and RHEL ES 3 with Python 2.3 installed. Currently, SSH and PAM handlers are functional and enabled by default. The pam handler should block any attacks against pam-enabled services. A handler for Apache is planned for future releases.

Screenshot

Project Spotlight

Blender

A 3D animation studio for modeling, texturing, compositing, and video editing.

Screenshot

Project Spotlight

TEA

A modest and easy-to-use editor with many useful features for HTML editing.