Attacks and intrusions to information systems cause large revenue losses. The prevention of these attacks is not always possible by just considering information from isolated sources of the network. A global view of the whole system is necessary to react against the different actions of such an attack. The design and deployment of a decentralized system targeted at detecting as well as reacting to information system attacks might benefit from the use of the publish/subscribe model. In this paper, we discuss the advantages and convenience in using this communication paradigm for a general decentralized attack prevention framework and overview the design and implementation of our approach by using a combination of two different publish/subscribe middleware products. Furthermore, we present a quantitative evaluation of our approach.