Fail2ban monitors log files like /var/log/auth.log and Webserver access logs and can temporarily or persistently bans failure-prone addresses by updating existing firewall rules.
Currently, by default, fail2ban supports ssh/apache/vsftpd but configuration can be easily extended for monitoring any other ASCII file.
[Read more…]