Automatic and distributed "iptables drop": Advices?
I’ve just published a project on GitHub called “SECTHEMALL” (https://github.com/SECTHEMALL/secthemall). It distributes and syncs a blacklist on all your linux servers using iptables. It can store your logs on the secthemall.com cloud, and make you able to create Rules or get graphical reports.
The purpose is to block Brute Force Attacks, Port Scan, Web Vulnerability Scan, etc… and to distribute all iptables rules, allowing you to block all potential attackers on all your servers preemptively.
If anyone has advices, parser request, any kind of idea, please let me know! At this time the project is in beta.