Skip to content
/ Hawk-IDS-IPS Public

A simple log analyzer which detects bruteforce attempts and prevents them by addin iptables rules.

1h.com/products/hawk

License

GPL-2.0 license
15 stars 3 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

hackman/Hawk-IDS-IPS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

329 Commits
bin
bin
 
 
builds
builds
 
 
db
db
 
 
etc
etc
 
 
images
images
 
 
lib
lib
 
 
patches
patches
 
 
web-local
web-local
 
 
web
web
 
 
LICENSE
LICENSE
 
 
README
README
 
 
TODO
TODO
 
 
hawk-updater.pl
hawk-updater.pl
 
 
hawk-web.pl
hawk-web.pl
 
 
hawk.init
hawk.init
 
 
hawk.pl
hawk.pl
 
 

Repository files navigation

Hawk is a lightweight log analyzer which was designed to be fast and efficient.

It scans log files on the fly and bans IP that makes too many password failures. 
It adds iptables rules to reject the IP addresses. 
You can define the logfiles.

What makes Hawk better then the other solutions out there is its unique Web Interface and its flexibility.

Hawk currently supports:
  sshd
  dovecot
  courier
  pure-ftpd
  proftpd
  cPanel
  DirectAdmin
  Postfix
  Exim with dovecot auth


Installation CentOS:
1. rpm -Uvh hawk-7.2-1.src.rpm
2. Setup iptables or ipset
2.1. For ipset, create a new ipset and add its name in /etc/hawk/hawk.conf on the ipset_name line.
2.2. For iptables, you can either create the chain by your self and set its name in hawk.conf or you can use /usr/share/hawk/setup_iptables.sh helper script, to do that for you.
3. systemctl start hawk

About

A simple log analyzer which detects bruteforce attempts and prevents them by addin iptables rules.

1h.com/products/hawk

Resources

Readme

License

GPL-2.0 license
Activity

Stars

15 stars

Watchers

5 watching

Forks

3 forks
Report repository

Releases 3

Hawk v7.5 Latest
Nov 27, 2023
+ 2 releases

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages