Service Guardian aims to protect servers against various things such as resource exhaustion and connection floods. It can measure the number of connections to servers' ports and, after a grace time period, compares and sees if the host is still in violation of the specified settings. If a host is in violation of the settings, it will be filtered out and dropped via netfilter/iptables.
|Tags||Logging Monitoring Networking Firewalls Systems Administration Security|
|Operating Systems||POSIX Linux|
Release Notes: Better signal handling and a verbose mode were added. *block* and *unblock* are used instead of *drop*. The ADD-RESOLVERS keyword can now be used in the good hosts section to automatically define the system's resolv.conf DNS resolvers as non-blockable targets. A fast attack scan detector and blocker was added. Some new configuration options were added.
Release Notes: Allows for interface names in the good hosts configuration section. Fixes failed host name lookups.
Release Notes: Interface names can now be specified in service-guardian.conf. This allows for protection of hosts with dynamic IPs. Runtime editable settings have been added.
Release Notes: This release adds an RPM spec file and a Makefile. A Log/Demo URL was added. An RPM file has been created.
No changes have been submitted for this release.