Hi Ramon,yep
On 12/22/2016 01:59 PM, Ramon Medeiros wrote:
Propose: make adjustments at login page to make difficult brute force attack.
Today, an intruder can make login tries without any action from Wok.
Possible measures:Record source port and ip. After 3 tries, block user for 30 seconds and increase the time by each more try. Using source port and ip will avoid errors for connections from NAT networks.
Example:
1) ip 192.168.1.1 tries to login as root 3 times and fail
You will consider ip and port, right? So when ip and port tries to login as root 3 times and fail...
yep. based on ip and port2) A timeout of 30 seconds will be set
Does that mean the user will not be allowed to perform a login action for 30 seconds?
3) After that, for 5 minutes, each try will add 30 seconds + x times the trial (60 seconds, 90 seconds. ..)
Not sure I got what you want here. After the 30 seconds block, the user will be able to try to login again.
How many attempts he/she can try to login again before get blocked?
Will he/she get blocked for 5 minutes in the second round of attempts?
4) After 5 minutes of the last try, the counter will be reset.
-- Ramon Nunes Medeiros Kimchi Developer Linux Technology Center Brazil IBM Systems & Technology Group Phone : +55 19 2132 7878 ramonn@br.ibm.com
_______________________________________________ Kimchi-devel mailing list Kimchi-devel@ovirt.org http://lists.ovirt.org/mailman/listinfo/kimchi-devel
-- Ramon Nunes Medeiros Kimchi Developer Linux Technology Center Brazil IBM Systems & Technology Group Phone : +55 19 2132 7878 ramonn@br.ibm.com