fail2drop
vFlow
fail2drop | vFlow | |
---|---|---|
1 | 1 | |
1 | 1,063 | |
- | 0.4% | |
8.6 | 1.8 | |
about 1 month ago | about 1 month ago | |
Go | Go | |
GNU General Public License v3.0 only | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
fail2drop
-
Fail2ban Sucks
I think ssh on a non-standard port is a no-brainer, have been doing this for years.
But at some point I got too many log entries of failed ssh access attempts. So I looked into fail2ban, but found the system too involved, and I don't like python for this kind of thing to start with. Then I started looking for alternatives, because I figured you only need something very simple, that checks certain log files and then instructs the kernel through netfilter to drop traffic from all infracting IPs. I like single-binary applications, especially for things installed outside the normal package manager. Found a skeleton of a golang app that claimed to work (it didn't), but I managed to rework it, and it serves my use cases: https://github.com/pepa65/fail2drop
vFlow
-
Netflow Monitoring Software Based on FLOSS
Verizon vflow
What are some alternatives?
topip - IPv4 grep and top usage summary for log files
goflow - The high-scalability sFlow/NetFlow/IPFIX collector used internally at Cloudflare.
iplib - A library for working with IP addresses and networks in Go
goflow2 - High performance sFlow/IPFIX/NetFlow Collector
go-fasttld - go-fasttld is a high performance effective top level domains (eTLD) extraction module.
ElastiFlow - Network flow analytics (Netflow, sFlow and IPFIX) with the Elastic Stack
Docker - Notary is a project that allows anyone to have trust over arbitrary collections of data
Gor - GoReplay is an open-source tool for capturing and replaying live HTTP traffic into a test environment in order to continuously test your system with real data. It can be used to increase confidence in code deployments, configuration changes and infrastructure changes.
ntopng - Web-based Traffic and Security Network Traffic Monitoring
loki - Like Prometheus, but for logs.
croc - Easily and securely send things from one computer to another :crocodile: :package:
scc - Sloc, Cloc and Code: scc is a very fast accurate code counter with complexity calculations and COCOMO estimates written in pure Go