cschantz/Linux-Server-Management-Toolkit
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
4ea982b1195140de368ce70bbf6f8dac776ff928
Linux-Server-Management-Too…/modules/security
T
History
cschantz 4ea982b119 FIX: Update threshold logic to use hits from persistent storage 
The 'hits' variable is now loaded from central ip_data file,
which survives monitor restarts. This is the persistent lifetime
detection count we need for the adaptive threshold.

Threshold adaptation now works correctly:
- 10+ lifetime hits: threshold = 1 (auto-block any SYN activity)
- 5-9 lifetime hits: threshold = 1 (lower from 3)
- 3-4 lifetime hits: threshold = 2 (lower from 3)
- 2 lifetime hits: threshold = 2 (lower from 3)
- 1st detection: threshold = 3 (baseline)

This enables tracking IPs that probe 5-10 times over days at low levels.

Co-Authored-By: Claude Haiku 4.5 <noreply@anthropic.com>
2026-03-06 23:04:10 -05:00
..
bot-analyzer.sh
Standardize bot-analyzer.sh menu validation and improve input handling
2026-02-11 22:45:04 -05:00
bot-blocker.sh
Standardize bot-blocker.sh menu validation, colors, and yes/no prompts
2026-02-17 18:42:04 -05:00
enable-cphulk.sh
Fix cPHulk to use SQLite database instead of MySQL
2025-12-11 17:01:17 -05:00
firewall-activity-monitor.sh
Initial commit: Server Management Toolkit v2.0
2025-11-03 18:21:40 -05:00
ip-reputation-manager.sh
Fix final 10 HIGH integer comparisons in live-attack-monitor and ip-reputation-manager
2025-12-03 20:12:20 -05:00
live-attack-monitor-v2.sh
FIX: Update threshold logic to use hits from persistent storage
2026-03-06 23:04:10 -05:00
live-attack-monitor.sh
Add immediate blocking for RCE and critical web exploits
2026-02-20 23:04:35 -05:00
malware-scanner.sh
Standardize malware-scanner.sh menu validation, colors, and yes/no prompts
2026-02-17 18:42:50 -05:00
optimize-ct-limit.sh
Fix remaining AWK-UNINIT issues in bot-analyzer and network analysis
2026-02-07 02:50:34 -05:00
ssh-attack-monitor.sh
Initial commit: Server Management Toolkit v2.0
2025-11-03 18:21:40 -05:00
suspicious-login-monitor.conf.example
MAJOR: Add advanced false positive reduction - whitelists, admin context, temporal analysis
2026-02-03 02:13:10 -05:00
suspicious-login-monitor.sh
Fix TYPE-MISMATCH and AWK-UNINIT issues in email analysis scripts
2026-02-07 02:43:07 -05:00
tail-apache-access.sh
CRITICAL FIX: Update InterWorx log file name from access_log to transfer.log
2025-11-20 15:50:45 -05:00
tail-apache-error.sh
REFACTOR: Class B modules - Multi-panel log discovery
2025-11-19 20:06:50 -05:00
tail-mail-log.sh
Initial commit: Server Management Toolkit v2.0
2025-11-03 18:21:40 -05:00
tail-secure-log.sh
Initial commit: Server Management Toolkit v2.0
2025-11-03 18:21:40 -05:00
web-traffic-monitor.sh
CRITICAL FIX: Update InterWorx log file name from access_log to transfer.log
2025-11-20 15:50:45 -05:00