Description
Monitors service logs for brute-force attempts and blocks offending IP addresses through firewall rules. Administrators use it to reduce repeated login attacks against SSH, mail, FTP, and other exposed services.
Automatic blocking can lock out legitimate users if rules or logs are wrong. Test configuration, keep console access available, and review firewall integration before relying on it remotely.