Propose: make adjustments at login page to make difficult brute
Today, an intruder can make login tries without any action from Wok.
Record source port and ip. After 3 tries, block user for 30
seconds and increase the time by each more try. Using source port
and ip will avoid errors for connections from NAT networks.
1) ip 192.168.1.1 tries to login as root 3 times and fail
2) A timeout of 30 seconds will be set
3) After that, for 5 minutes, each try will add 30 seconds + x times the trial (60 seconds, 90 seconds. ..)
4) After 5 minutes of the last try, the counter will be reset.
-- Ramon Nunes Medeiros Kimchi Developer Linux Technology Center Brazil IBM Systems & Technology Group Phone : +55 19 2132 7878 firstname.lastname@example.org