NoNox: To help automate the defense of Internet servers against attacks such as dictionary attacks aimed at root

NoNox is intended to help automate the defense of Internet servers against attacks such as dictionary attacks aimed at root. NoNox monitors log files for user-specified trigger patterns. When a pattern is seen enough times in a given file within a given period of time, NoNox will execute a command. The patterns, time limits, files to watch, and commands are all user-specified. For example, if NoNox sees too many failed login attempts from one IP address, it could execute a command that tells a firewall to drop packets from that host, instantly cutting off the attacker.

[Environment]		Console (Text Based)
[Intended Audience]		Advanced End Users, System Administrators
[License]		OSI Approved :: GNU General Public License (GPL)
[Network Environment]		IP
[Operating System]		POSIX :: Linux
[Programming Language]		Java
[Topic]		System :: Logging, System :: Networking :: Firewalls, System :: Systems Administration