Description
A security service that watches logs and temporarily bans IP addresses after repeated failed authentication attempts. It is commonly used to reduce brute-force noise against SSH, web login forms, and other services.
Use it on servers that expose login services to a network. It helps with abuse control, but it does not replace strong passwords, keys, updates, and service-specific hardening.