Loading...
 

Securing your server against Brute Force attempts


BFD

Brute Force Detection

A shell script which parses security logs and detects authentication failures that works in conjunction with a APF (Advanced Policy-based Firewall).

(Brute Force Detection) is a shell script which parses security logs and detects authentication failures that works in conjunction with a APF (Advanced Policy-based Firewall).

Install BFD

Brute Force Detection

A shell script which parses security logs and detects authentication failures that works in conjunction with a APF (Advanced Policy-based Firewall).

on a server:

  1. Login to your server through SSH and switch user to the root user: su root
  2. Change directories to the source install location. cd /usr/local/src
  3. Download the BFD

    Brute Force Detection

    A shell script which parses security logs and detects authentication failures that works in conjunction with a APF (Advanced Policy-based Firewall).

    script from the main mirror. wget http://rfxnetworks.com/downloads/bfd-current.tar.gz__
  4. Extract the script from the compressed tarball. tar xfz bfd-current.tar.gz
  5. Change directory to the newly created BFD

    Brute Force Detection

    A shell script which parses security logs and detects authentication failures that works in conjunction with a APF (Advanced Policy-based Firewall).

    directory. cd bfd-*
  6. Run the installer script. ./install.sh
  7. Read the README file, and edit the configuration file located in /usr/local/bfd/conf.bfd. vi /usr/local/bfd/conf.bfd

o-Find ALERT="0" and replace it with ALERT="1"

o-Find EMAIL_USR="root" and replace it with EMAIL_USR=username@yourdomain.com

  1. Add your IP addresses to the ignore.hosts file for BFD

    Brute Force Detection

    A shell script which parses security logs and detects authentication failures that works in conjunction with a APF (Advanced Policy-based Firewall).

    so you do not get locked out. vi /usr/local/bfd/ignore.hosts
  2. Start the BFD

    Brute Force Detection

    A shell script which parses security logs and detects authentication failures that works in conjunction with a APF (Advanced Policy-based Firewall).

    application. /usr/local/sbin/bfd -s