Projects / DenyThem

DenyThem

DenyThem is a program designed to protect your Linux system from malicious attacks. It is an active response system to disrupt and block dictionary attacks and DOS attacks. DenyThem by default uses /var/log/syslog and /var/log/auth.log and searches for hack attempts. When DenyThem finds enough hack attempts from a single host, it will add a DROP statement to your system's firewall, thus preventing future attacks. DenyThem uses iptables, so it will only work on Linux or any other system that uses iptables. It can also block traffic from specific countries.

Tags
Licenses
Implementation

Recent releases

  •  18 Nov 2009 00:51

    Release Notes: An iptables issue with pathing on some machines was fixed. This program has been confirmed to work on Gentoo and just about any Linux system with iptables. You just need to point the monitor function at the proper place for your syslog information.

    •  02 Mar 2009 06:25

      Release Notes: This version adds country blocking support, allowing you to block complete countries from accessing the system. Multiple log support and custom flag support were also added. This allows you to add an invalid access flag and a regular expression to pull the host.

      Recent comments

      21 Oct 2010 13:36 matthewrogers

      I believe that being able to block access to countries that you do not have any legal recourse only seems logical. If you can't touch them, why should they be able to touch you?

      20 Nov 2009 09:20 freskokreas

      IMHO, completely blocking traffic from specific countries is a week attempt to improve security or defend against "hackers" attacks. It might work for single individuals in households, but it's a very, very bad idea from a methodical point of view. And stateting that blocking traffic from Russia and China has helped the author may be offending to certain persons. I have a suggestion to make to improve the program: instead of blocking by country, block by political ideologies. Block communists... ;-P

      Screenshot

      Project Spotlight

      OpenStack4j

      A Fluent OpenStack client API for Java.

      Screenshot

      Project Spotlight

      TurnKey TWiki Appliance

      A TWiki appliance that is easy to use and lightweight.