Brutus-IDS / News: Recent posts

Brutus-IDS Beta 4 is now ready. There have been a number of feature enhancements and bugfixes:

Fix for all reports having hardcoded timezone. Now pulls timezone info from system config.
Fix for SMS alert detect. Used ge instead of >= so would never have tested true
Reformatting strings and emails
Added comments for why (even tho unused) Mail::CheckUser is included in auto_add script
Increased level of debugging for override of current datetime to 2
Modified default behavior for CheckUser to not make an SMTP connection (was causing problems with CBL DNSBL)
Added values for CheckUser connection to be a local user so it doesn't use default localhost.localdomain
Use correct logfile for notification emails based on config file (missed one, oops)
Fix for skip_domain which wasn't working correctly
Added bugfixes for duplicate notifications for local admin notification.... read more

Brutus-IDS, one of the simplest to install and configure, Intrusion Detections System is now ready for the Beta3 drop. This drop contains the final round of feature requests have been completed, and the (hopefully) final Beta of Brutus-IDS is published and read for use.

Brutus-IDS is a small collection of perl scripts which monitors SSH failed logins, and when an attack is detected, the event is logged, system administrators for the localhost as well as the attacking system are notified, and the IP of the attacked is automatically added to the firewall to prevent further attack attempts.... read more

Brutus-IDS Beta2 is now available and download package has been published. Edits from Beta1 are minor. Next step for Beta3 will be a configuration script to ease initial setup.

Project URL: https://sourceforge.net/projects/brutus-ids/

Download URL: https://sourceforge.net/project/platformdownload.php?group_id=243599

- The Brutus-IDS team

Brutus-IDS is a simple SSH intrustion and automatic firewall blocking and notification app for Linux distros using IPTables.