Abuse IP Atomizer
AIPA (Abuse IP Atomizer) is software that makes use of:
Most of intrusion prevention applications monitors services through their logging activity (e.g. Fail2ban). AIPA is different.
WAF (Web Application Firewall) controls input and output and communication between application and external world (e.g. Modsecurity). AIPA is different.
What exactly AIPA is doing? AIPA checks IP reputation on AbuseIPdb.com, BlockList.de and MyIP.ms, calculates propability of intrusion violation and bans if necessary.
- local database abstraction, editable with any text editor,
- collecting information in defined time period,
- calculating propability with own defined schema,
- logging activity,
- tested on Debian and Ubuntu (Apache 2.2 and 2.4) ,
- PLESK Onyx friendly.
NOTE. AIPA is application written in PHP. It uses netstat and bash (or cron) to run in specified time period. Use it on Your own risk. We give absolutely NO WARRANTY that this kind of software stops all intrusions. (none of Firewalls do).