![[Up]](/images/navigator/uparrow.png){kind=small}
agentsmith is a daemon that continuously monitors a log file for break-in attempts by remote hosts. Upon detection of a break-in attempt, it launches a user defined script or application, which can do virtually anything from sending mails to whatever you might think of, e.g: monitor
- mail logs and block spammers right away
- firewall logs and block malicious hosts
- logs for brute-force login attempts using ssh and block them
The criteria what is considered a break-in attempt can be configured by means of a regular expression.
It runs on Solaris, OpenBSD, FreeBSD, and Linux and requires only the PCRE library as external dependency.
![[Valid XHTML 1.0]](/images/w3c/valid-xhtml10-blue.png)
![[Valid CSS]](/images/w3c/valid-css2-blue.png)