ever wonder how administrators of high value target technology (HVTT) users (aka Enterprises) fend off their attackers?
Helpful tools, like Denyhosts, Fail2Ban, and others help streamline the management and security of the systems they are responsible for
A combination of DenyHosts, fail2ban and creating your own server that you perform post-log-inspection on and update a database of the output of fail2ban and denyhosts. As well as using firewalls properly, as per Marcus Ramen’s original creation of the “firewall”. Deny All, Trust few, Filter everyone, Advanced Port Wizardry (ie. Port Knocking, which is actually listed in the thread above and I am not able to upvote it at this time. So I thought I would add some insights.
Using a tool such as SNORT https://www.snort.org/ and since you’re using Python/C/ASM (OPS aka Optimal Programming Stack) and being a Pragmatic Programmer #pragmaticprogrammer you have a broad range of skills, abilities with a pro-active preventative style where you enjoy planning ahead for future flexibility of your scalability. see Pythonic Styles like the Zen of Python..DEC
I love the Zen of Python.
The Zen of Python
Beautiful is better than ugly.
Explicit is better than implicit.
Simple is better than complex.
Complex is better than complicated.
Flat is better than nested.
Sparse is better than dense.
Special cases aren’t special enough to break the rules.
Although practicality beats purity.
Errors should never pass silently.
Unless explicitly silenced.
In the face of ambiguity, refuse the temptation to guess.
There should be one– and preferably only one –obvious way to do it.
Although that way may not be obvious at first unless you’re Dutch.
Now is better than never.
Although never is often better than right now.
If the implementation is hard to explain, it’s a bad idea.
If the implementation is easy to explain, it may be a good idea.
Namespaces are one honking great idea — let’s do more of those!
https://www.addictivetips.com/net-admin/intrusion-detection-tools/ (see excerpt below)
Security is a hot topic and it has been for quite a while. Many years ago, viruses were the only concerns of system administrators. Viruses were so common that it led the way for an astounding range of virus prevention tools. Nowadays, barely anyone would think of running an unprotected computer. However, computer intrusion, or the unauthorized access to your data by malicious users, is the “threat du jour”. Networks have become the target of numerous ill-intentioned hackers which will go to great lengths to gain access to your data. Your best defense against these types of threats is an intrusion detection–or prevention–system. Today, we’re reviewing ten of the best free intrusion detection tools.
.DEC (More to come)