OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.
Does the same as firewall-drop.sh and firewalld-drop.sh but for nftables (default in Debian 10+). Needs a bit more steps to setup but does a very good job.
Documentation should be updated to contain maybe an example for the nftables configuration.
Does the same as firewall-drop.sh and firewalld-drop.sh but for nftables (default in Debian 10+). Needs a bit more steps to setup but does a very good job. Documentation should be updated to contain maybe an example for the nftables configuration.
Tested on Debian 11 with IPv4 and IPv6 adresses.