ClearOS Documentation



301 error for file:

User Tools

Site Tools

Attack Detector

The Attack Detector app scans your system for authentication failures across various types of services installed on your system. If the failure threshold is reached, the app will block the attacking system. For example, it is a common tactic for spammers to guess a valid username/password combination for sending unsolicited outbound mail. The Attack Detector detects the failed login attempts and actively blocks the spammer.


If your system does not have this app available, you can install it via the Marketplace.

You can find this feature in the menu system at the following location:

Gateway|Intrusion Protection|Attack Detector


The following apps provide rule sets for the Attack Detector app:

  • SSH Server
  • FTP Server
  • SMTP Server
  • IMAP Server

If you have one of the above apps installed, you will see corresponding Attack Detector rules in the configuration interface. You can enable and disable any of these rules using the web-based interface.


The Attack Detector also provides a report of blocked IP addresses.

Technical Note

The Attack Detector app is powered by fail2ban.

content/en_us/7_ug_attack_detector.txt · Last modified: 2016/03/24 13:49 by pbaldwin