3 posts with tag "intrusion detection"
Simple steps to enable and configure mod-security Apache module on Debian Wheezy, using Core Rule Set (CRS)
Psad is an intrusion prevention software, which makes use of iptables log messages to detect and (optionally) block port scans and other suspect traffic.
Fail2Ban is an intrusion prevention software which analyzes log files and ban possible attacks (mainly Brute-force), using firewall (iptables and more).