Skip to content

hackman/Hawk-IDS-IPS

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

329 Commits

bin

bin

 
 

builds

builds

 
 

db

db

 
 

etc

etc

 
 

images

images

 
 

lib

lib

 
 

patches

patches

 
 

web-local

web-local

 
 

web

web

 
 

LICENSE

LICENSE

 
 

README

README

 
 

TODO

TODO

 
 

hawk-updater.pl

hawk-updater.pl

 
 

hawk-web.pl

hawk-web.pl

 
 

hawk.init

hawk.init

 
 

hawk.pl

hawk.pl

 
 

Repository files navigation

Hawk is a lightweight log analyzer which was designed to be fast and efficient.

It scans log files on the fly and bans IP that makes too many password failures. 
It adds iptables rules to reject the IP addresses. 
You can define the logfiles.

What makes Hawk better then the other solutions out there is its unique Web Interface and its flexibility.

Hawk currently supports:
  sshd
  dovecot
  courier
  pure-ftpd
  proftpd
  cPanel
  DirectAdmin
  Postfix
  Exim with dovecot auth


Installation CentOS:
1. rpm -Uvh hawk-7.2-1.src.rpm
2. Setup iptables or ipset
2.1. For ipset, create a new ipset and add its name in /etc/hawk/hawk.conf on the ipset_name line.
2.2. For iptables, you can either create the chain by your self and set its name in hawk.conf or you can use /usr/share/hawk/setup_iptables.sh helper script, to do that for you.
3. systemctl start hawk

About

A simple log analyzer which detects bruteforce attempts and prevents them by addin iptables rules.

1h.com/products/hawk

Resources

Readme

License

GPL-2.0 license
Activity

Stars

15 stars

Watchers

5 watching

Forks

3 forks
Report repository

Releases 3

Hawk v7.5 Latest
Nov 27, 2023
+ 2 releases

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages