GitHub - hackman/Hawk-IDS-IPS: A simple log analyzer which detects bruteforce attempts and prevents them by addin iptables rules.

3 Branches 6 Tags

Name	Name	Last commit message	Last commit date
Latest commit Marian Marinov builds/hawk-centos7.spec: Fixes for the install and upgrade processes Nov 27, 2023 f9d72b7 · Nov 27, 2023 History 329 Commits
bin	bin	bin/setup_iptables.sh: Make sure the chain is dynamic	Oct 10, 2023
builds	builds	builds/hawk-centos7.spec: Fixes for the install and upgrade processes	Nov 27, 2023
db	db	Rename the MySQL and PgSQL SQL files for better consistency	Oct 10, 2023
etc	etc	hawk.conf: Added the new service id(9) for the WHM service	Nov 27, 2023
images	images	Added the image that is used by the web interface to the git.	Nov 1, 2010
lib	lib	lib/parse_config.pm: This is used as external library to parse config…	Jan 1, 2023
patches	patches	Replace all 1h paths with system default paths that would match most	Dec 30, 2022
web-local	web-local	web-local/hawk.pl: Fix paths	Dec 30, 2022
web	web	Fixed permissions for hawk-master.pl and templates.pl. They were not …	Jan 1, 2023
LICENSE	LICENSE	LICENSE: License changed to GPLv2	Jan 28, 2011
README	README	README: Added CentOS installation istructions	Oct 10, 2023
TODO	TODO	TODO: logrotate	Oct 10, 2023
hawk-updater.pl	hawk-updater.pl	hawk-updater.pl: Updated the query for listing the servers	Dec 30, 2022
hawk-web.pl	hawk-web.pl	Replace all 1h paths with system default paths that would match most	Dec 30, 2022
hawk.init	hawk.init	Replace all 1h paths with system default paths that would match most	Dec 30, 2022
hawk.pl	hawk.pl	hawk.pl: Update in the cpanel_broot() function	Nov 27, 2023

Repository files navigation

Hawk is a lightweight log analyzer which was designed to be fast and efficient.

It scans log files on the fly and bans IP that makes too many password failures. 
It adds iptables rules to reject the IP addresses. 
You can define the logfiles.

What makes Hawk better then the other solutions out there is its unique Web Interface and its flexibility.

Hawk currently supports:
  sshd
  dovecot
  courier
  pure-ftpd
  proftpd
  cPanel
  DirectAdmin
  Postfix
  Exim with dovecot auth


Installation CentOS:
1. rpm -Uvh hawk-7.2-1.src.rpm
2. Setup iptables or ipset
2.1. For ipset, create a new ipset and add its name in /etc/hawk/hawk.conf on the ipset_name line.
2.2. For iptables, you can either create the chain by your self and set its name in hawk.conf or you can use /usr/share/hawk/setup_iptables.sh helper script, to do that for you.
3. systemctl start hawk