Bruteblock allows system administrators to block
various bruteforce attacks on UNIX services. The
program analyzes system logs and adds attackers'
IP addresses into the ipfw2 table, effectively
blocking them. Addresses are automatically removed
from the table after specified amount of time.
Bruteblock uses regular expressions to parse logs,
which gives it enough flexibility to be used with
almost any network service. Bruteblock doesn't use
any external programs and works with ipfw2 tables
via the raw sockets API.