Fail2ban
Daemon that watches logs and updates firewall rules to ban brute-force sources (SSH, mail, web, etc.).
Why it is included
Ubiquitous lightweight control on internet-facing Linux services.
Best for
SSH and web login protection where rate limits and VPN aren’t enough.
Strengths
- Jail filters
- Simple model
- Huge filter library
Limitations
- IPv6 and distributed attacks need extra design
Good alternatives
CrowdSec · SSHD config + keys only
Related tools
Security & Privacy
CrowdSec
Collaborative intrusion prevention: parse logs, apply scenarios, share reputation (optional), and block via bouncers (firewall, nginx, Cloudflare).
Networking & Remote Access
OpenSSH
SSH suite for secure remote access and file transfer.
Security & Privacy
Gobuster
Go-based directory/DNS/vhost brute-forcer with threading tuned for pentest wordlists.
Security & Privacy
Lynis
Host-based security auditing for Unix: misconfigurations, packages, SSH, kernel hardening hints.
Security & Privacy
Zeek
Network security monitor producing rich logs (conn, DNS, HTTP, SSL, files) for analytics—not a classic IDS signature engine.
Security & Privacy
Tracee
Linux runtime security using eBPF to trace OS and container events with prebuilt signatures and pipeline exports.