topip
fail2drop
topip | fail2drop | |
---|---|---|
1 | 1 | |
0 | 1 | |
- | - | |
10.0 | 8.6 | |
over 1 year ago | about 1 month ago | |
Go | Go | |
MIT License | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
topip
-
topip: who abusing your server?
topip can quickly find top-N of IPv4 addresses in your logs.
fail2drop
-
Fail2ban Sucks
I think ssh on a non-standard port is a no-brainer, have been doing this for years.
But at some point I got too many log entries of failed ssh access attempts. So I looked into fail2ban, but found the system too involved, and I don't like python for this kind of thing to start with. Then I started looking for alternatives, because I figured you only need something very simple, that checks certain log files and then instructs the kernel through netfilter to drop traffic from all infracting IPs. I like single-binary applications, especially for things installed outside the normal package manager. Found a skeleton of a golang app that claimed to work (it didn't), but I managed to rework it, and it serves my use cases: https://github.com/pepa65/fail2drop
What are some alternatives?
cidr - CLI to perform various actions on CIDR ranges
vFlow - Enterprise Network Flow Collector (IPFIX, sFlow, Netflow)
logwatcher - Program to monitor a logfile for strings
iplib - A library for working with IP addresses and networks in Go
script - Making it easy to write shell-like scripts in Go
go-fasttld - go-fasttld is a high performance effective top level domains (eTLD) extraction module.