Hawk Introduction

From Wiki

Jump to: navigation, search

Contents

What is Hawk

The 1H Hawk is an effective and resource-efficient software that will help you eliminate downtime created by brute force attacks directed at your server. Hawk acts as both Intrusion Detection and Intrusion Prevention System actively protecting the server from bruteforce attacks.

Advantages

Analyzes traffic and detects intrusions with minimal resource usage

One of the main advantages of 1H Hawk is that it uses considerably less resources than most similar tools for analyzing incoming traffic. The software's unique design limits the time server resources are used for detecting and blocking malicious attackers instead of being available for the regular server users. Efficient blocking of IPs used for intrusion attempts

Effectively blocks intrusion attempts against all major services

The software is designed not only to analyze traffic and collect data, but also to proactively block attackers who try to brute force client passwords, attempt a denial-of-service attack or simply try to exploit an application running on the server. It allows the server administrator to define how many failed login attempts for what period of time by one IP will be considered a brute force attack and after how many brute force attempts the IP will be blocked. Detailed information in a user-friendly interface

Provides detailed picture of brute force activity and abusive IPs

In the Hawk interface you can easily spot peaks in failed login attempts, see which services exactly were attacked and find information about the activity from each blocked IP. You can check the Hawk Web Interface article for detailed instructions how to use the interface.

Personal tools
Namespaces
Variants
Actions
Navigation
Toolbox