Suggestion "Bruteforce"

Discussion in 'Tomato Firmware' started by kthaddock, Apr 9, 2011.

  1. kthaddock

    kthaddock Network Guru Member

    I have a suggestion regarding Bruteforce.
    I have used Toastman 1.28 7462 a couple of day and it's working fine.
    What I have seen prog are using a none optimal brute protect. If someone get banned you can't login to port 21,22 and 23, you have to wait.
    If you use this code you can use ftp, telnet and ssh under "attack". This function is implemented in dd-wrt and working just fine.

    When I connect to FTP-server and set "Limit Connection Attempts" to 4--60 then I can browse folder 4 times and then I have to wait 60sek before I can connect again even if I'm logged in to my account.

    bruteprotect chain
    -A bruteprotect -m recent --set --name BRUTEFORCE --rsource
    -A bruteprotect -m recent ! --update --seconds 60 --hitcount 4 --name BRUTEFORCE --rsource -j RETURN
    -A bruteprotect -j LOG --log-prefix "[DROP BRUTEFORCE] : " --log-tcp-options --log-ip-options
    -A bruteprotect -j DROP
  2. kthaddock

    kthaddock Network Guru Member

    Toastman isn't this interesting ??
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice