Configure Brute Force Detection

You are here: Index > Webuzo > General Support > Topic : Configure Brute Force Detection

Threaded Mode | Print

Configure Brute Force Detection (4 Replies, Read 23140 times)

peopleinside	# September 6, 2014, 3:35 pm
Group: Member Post Group: Super Member Posts: 1394 Status: Open source, web and security passionate	Hi, i have installed Brute Force Detection, i see in the config file via SSH i should inser my email adress for notification, there are other options who i have to edit or this module is alredy active by default after installing it? Thanks ----------------------- PeopleInside Web, security, open source passionate.
IP: --

Configure Brute Force Detection

peopleinside	# September 6, 2014, 5:20 pm \| Post: 1
Group: Member Post Group: Super Member Posts: 1394 Status: Open source, web and security passionate	VERY IMPORTANT: Some minutes after set up my email address for notification and i receve an email with 35 fail login attemps from IP of CINA who try to log in into SSH with different username admin and root. So it's very important Webuzo make more easy to set up notification email when user install this module or show install confirmation message with link for let user know how to setup notification. A question: In the email log i can see 35 failed login attemps.. For default setting after with number IP is banned if log in fails? Question 1: How i can check ban list od Brute Force Detection? Thanks I want to look into log for know what appen before today is one year i have Brute Force with no email alert set up.. Now i discover this i have turned off SSH and FTP access.. Question 2: Also Brute Force detection works, monitor and block attachs in FTP access too or only access to SSH? Question 3: If also FTP is Brute Force protected, maybe is possibile to have FTP access enabled and SSH disabled (now - from what i see is not possibile) maybe can be possibile in the future if this has sense for have SSH disabled but FTP enabled if there is no Brute Force attach notification problem? For example now i have discovered my SSH is under attack so i disabled it, if Brute force notifly me attach of FTP i will turn this one also off.. for now i see only one button who disabled FTP and SSH Thanks. ----------------------- PeopleInside Web, security, open source passionate.
IP: --

Configure Brute Force Detection

peopleinside	# September 6, 2014, 5:58 pm \| Post: 2
Group: Member Post Group: Super Member Posts: 1394 Status: Open source, web and security passionate	I have made a mistake. If you disable SSH you don't disabled FTP but i use SFTP so it's normal if i disable SSH SFTP are not avaiable. My mistake. ----------------------- PeopleInside Web, security, open source passionate.
IP: --

Configure Brute Force Detection

peopleinside	# September 6, 2014, 6:45 pm \| Post: 3
Group: Member Post Group: Super Member Posts: 1394 Status: Open source, web and security passionate	Question 3 not need a reply. New Question 4: There is a way to monitor all success log in attemp in SSH? I have read it's possibile with DenyHost (http://www.tecmint.com/5-best-practices-to-secure-and-protect-ssh-server/) After how many faliture attemps Brute Force ban an IP.. i don't understand why my log email alerted me of 35 failed login attemps from same IP.. maybe i have to check a settings where the BAN is set? thnaks for the patience and the reply ----------------------- PeopleInside Web, security, open source passionate.
IP: --

Configure Brute Force Detection

valley	# September 9, 2014, 6:26 am \| Post: 4
Group: Webuzo Team Post Group: Super Member Posts: 1644 Status:	Sir you can check the logs here /var/log/bfd_log You can learn more about BFD from their official site https://www.rfxn.com/projects/linux-environment-security/ ----------------------- Webuzo : Single User Control Panel Join Webuzo : Facebook Twitter
IP: --

« Previous Next »

Threaded Mode | Print

Jump To :

Users viewing this topic
	1 guests, 0 users.

All times are GMT. The time now is April 16, 2024, 11:16 pm.

Powered By AEF 1.0.8 © 2007-2008 Electron Inc.

Queries: 11 | Page Created In:0.026