sshguard

Description

sshguard can read log messages from standard input (suitable for piping from syslog) or monitor one or more log files. Log messages are parsed, line-by-line, for recognized patterns. If an attack, such as several login failures within a few seconds, is detected, the offending IP is blocked. Offenders are unblocked after a set interval, but can be semi-permanently banned using the blacklist option.

Home page for this solution: https://www.sshguard.net/index.html

A detailed overview is not available for this solution. Check out this solution yourself.

Code repository: https://bitbucket.org/sshguard/sshguard/src/master/