Looking for a tool detecting abusing IPs


Bro can cope with your requirements.
You just need to write a policy script to handle that.
You declare global variables to count connexion attemps to your servers.
You should take a look at the policy script “signatures.bro”. There is an example
to detect vertical and horizontal scans.

Hope it’s helpful.

R. Alahassa