Propose: make adjustments at login page to make difficult brute force attack.

Today, an intruder can make login tries without any action from Wok.

Possible measures:

Record source port and ip. After 3 tries, block user for 30 seconds and increase the time by each more try. Using source port and ip will avoid errors for connections from NAT networks.


1) ip tries to login as root 3 times and fail
2) A timeout of 30 seconds will be set
3) After that, for 5 minutes, each try will add 30 seconds + x times the trial (60 seconds, 90 seconds. ..)

4) After 5 minutes of the last try, the counter will be reset.


Ramon Nunes Medeiros
Kimchi Developer
Linux Technology Center Brazil
IBM Systems & Technology Group
Phone : +55 19 2132 7878