Daemon Shield is a Linux intrusion prevention
daemon that scans for brute force break-in attacks
in real time and uses iptables to create rules
that block the attackers' IP addresses for a
configurable period of time. It uses handlers that
watch for attacks against given services, such as
SSH, telnet, FTP, etc. It is highly configurable
through a central configuration file. It loads
existing blocklist rules into iptables on startup,
and removes the blocklist rules when it shuts
down. Other major features include background
daemon operation, logging to syslog,
easy-to-extend handlers, configurable block
duration, and email notifications.
