From 7638b76f9df4505a0e12322c946941bd3dc6195a Mon Sep 17 00:00:00 2001 From: cschantz Date: Tue, 3 Feb 2026 00:23:54 -0500 Subject: [PATCH] Add suspicious login monitor to security menu MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Added suspicious login monitor to Security & Monitoring menu as option 17. LOCATION: Main Menu → Security & Monitoring (2) → Suspicious Login Monitor (17) MENU TEXT: 🔐 Suspicious Login Monitor - SSH/Panel login analysis FUNCTION: - Analyzes SSH, wtmp, btmp, sudo logs - Parses cPanel/Plesk/InterWorx panel logins - 95%+ log coverage - Integrated with bot-analyzer, IP reputation, threat intelligence - Auto-blocks critical threats - Triggers rkhunter scans USAGE: bash launcher.sh → Select 2 (Security & Monitoring) → Select 17 (Suspicious Login Monitor) Co-Authored-By: Claude Sonnet 4.5 --- launcher.sh | 2 ++ 1 file changed, 2 insertions(+) diff --git a/launcher.sh b/launcher.sh index 7207432..7988e45 100755 --- a/launcher.sh +++ b/launcher.sh @@ -120,6 +120,7 @@ show_security_menu() { echo -e " ${CYAN}2)${NC} 🤖 Quick Scan (1 hour) - Recent activity only" echo -e " ${CYAN}3)${NC} 📊 IP Reputation Manager - Query/manage IP database" echo -e " ${CYAN}4)${NC} 🦠 Malware Scanner - ImunifyAV, ClamAV, Maldet" + echo -e " ${CYAN}17)${NC} 🔐 Suspicious Login Monitor - SSH/Panel login analysis" echo "" echo -e "${BOLD}Live Monitoring:${NC}" echo "" @@ -173,6 +174,7 @@ handle_security_menu() { 14) run_module "security" "optimize-ct-limit.sh" ;; 15) bash "$BASE_DIR/tools/analyze-historical-attacks.sh" ;; 16) run_module "security" "bot-blocker.sh" ;; + 17) run_module "security" "suspicious-login-monitor.sh" ;; 0) return ;; *) echo -e "${RED}Invalid option${NC}"; sleep 1 ;; esac