[Kimchi-devel] [RFC] [Wok] #147 Block authentication request after too many failures
Ramon Medeiros
ramonn at linux.vnet.ibm.com
Thu Dec 22 15:59:06 UTC 2016
Propose: make adjustments at login page to make difficult brute force
attack.
Today, an intruder can make login tries without any action from Wok.
Possible measures:
Record source port and ip. After 3 tries, block user for 30 seconds and
increase the time by each more try. Using source port and ip will avoid
errors for connections from NAT networks.
Example:
1) ip 192.168.1.1 tries to login as root 3 times and fail
2) A timeout of 30 seconds will be set
3) After that, for 5 minutes, each try will add 30 seconds + x times the
trial (60 seconds, 90 seconds. ..)
4) After 5 minutes of the last try, the counter will be reset.
--
Ramon Nunes Medeiros
Kimchi Developer
Linux Technology Center Brazil
IBM Systems & Technology Group
Phone : +55 19 2132 7878
ramonn at br.ibm.com
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ovirt.org/pipermail/kimchi-devel/attachments/20161222/d09644a2/attachment.html>
More information about the Kimchi-devel
mailing list