Intrusion detection under Windows

Hi folks.

Is anyone running an open source intrusion detection system with Seafile self-hosted on Windows?

I’m wondering about the relative merits of Snort/Suricata/Bro IDS or other solutions.

Or is there a simple fail2ban equivalent for Windows that works with the Windows firewall to auto-ban IP’s that have had failed login attempts?

Thinking more about this after standing up an FTP server on a spare machine as a honeypot and seeing how many different IP’s were actively trying to get in to it :slight_smile:

I use Seafile for my self so a basic IDS is all I really need.