Detecting server abuse

monitoring denial-of-service

I think you're looking for an Intrusion Detection System (IDS), or maybe an Intrusion Prevention System (IPS). Have you looked at Snort?


CSF/LFD (http://www.configserver.com/cp/csf.html) are fantastic (and free!) and work great with cPanel boxes. It also works just fine on non-cPanel boxes.

Takes less than 5 minutes to setup on your existing box. Tweak the defaults for your environment and it'll automatically block IPs and/or kill processes that go beyond the bounds you set, and send you an email of what it did.

Related

Change domain password from non-domain computer (AD)
Why would Windows Server not respond to DHCP DISCOVER?
How do you verify a restore?
Looking for a tool to plan network/vlan topologies [closed]
Can enabling a RAID controller's writeback cache harm overall performance?
Why do web sites in IIS7/7.5 have ASP.NET ISAPI filters enabled by default?
How do I assign a public IP to a machine behind a pfSense box using 1:1 NAT?
pfsense log file retention
Why do I have so many apache2 processes?
Keystone vs. Feed-Thru vs. Punchdown Patch Panels
Using an allowed user list with VSFTPD
How can we keep an organized inventory of server hardware, virtual guests, software licenses and associated services?