+- Post4VPS Forum | Free VPS Provider (https://post4vps.com)
+-- Forum: Geek World (https://post4vps.com/Forum-Geek-World)
+--- Forum: Scripting & Programming (https://post4vps.com/Forum-Scripting-Programming)
+--- Thread: How to deal with brute force attacks (/Thread-How-to-deal-with-brute-force-attacks)
RE: How to deal with brute force attacks - Conan - 12-06-2016
(12-06-2016, 10:36 AM)Dudi Wrote: OSI 7 layer means application layer, so advanced DDOS firewalls protect against port scanning too
https://hostsailor.com/ddos-protection-and-mitigation/
Port scanning is VERY HARD TO MITIGATE. It's hard to tell if it's a legitimate user or a bot. It just detects multiple attempts which is bruteforcing.
I don't really like the term DDoS firewall. It's just basically a firewall with strong packet filtering function.
Firewalls may protect against DDoS but it doesn't i clude Layer 7 protection MOST OF THE TIME. The resources needed for filtering Layer 7 connections is just too damn high.
EDIT:
Just some more additional info.
Most of the Firewalls that protect against Layer 7 attacks just works on http/https or some other very widely used and attacked protocols.
Please don't rely on those for port scanning protection. They don't protect you from it.
RE: How to deal with brute force attacks - Vuluts - 12-15-2016
Based on the thread, Brute Force attack is different from DDoS attack? Brute Force is a type of attack that continuously attempts to logging in into the server and DDoS is a type of attack thru layers? correct me if I'm wrong brothers.
RE: How to deal with brute force attacks - RickB - 12-15-2016
@Vuluts, that might be an explaination, but "thru layers" is not a really clear clarification in my opinion. I myself imagine it this way:
DDoS: A lot of cars are pushed onto the highway, causing traffic jams (= server down)
Bruteforce: One car is trying to get into someone's garage by continuously trying a different key (every time he uses a different (random) key)
RE: How to deal with brute force attacks - meetdilip - 12-16-2016
A lot of people banging the door = DDoS
Trying different keys to door = Brute force attack
RE: How to deal with brute force attacks - Vuluts - 12-16-2016
@RickB that's exactly what I want to express lol
Follow up question: Does DDoS attack and Brute Force attack can clearly defend 100%?
RE: How to deal with brute force attacks - Conan - 12-17-2016
(12-16-2016, 01:28 PM)Vuluts Wrote: @RickB that's exactly what I want to express lol
Follow up question: Does DDoS attack and Brute Force attack can clearly defend 100%?
DDoS attacks can't be fully mitigated especially layer 7 attacks.
BruteForce can be mitigated by enforcing rate limiting on login pages.
RE: How to deal with brute force attacks - Nova - 12-18-2016
Yes. Thats what I do. limts No. of failed logins to 3 and not using common user names like admin , root etc. Also using long complicated passwords.
RE: How to deal with brute force attacks - Jayce - 12-18-2016
The original poster might have already found the solution though I'll just share what I know in case someone else faces a similar situation and is looking for a solution. I usually disable root user, create a user with my name probably, add it to SUDOers, change SSH port to any other random port, use a complicated password (if not a SSH key-based authentication) and install fail2ban. That's how I secure my VPS. If you haven't done any action to secure your VPS (even if you have no past bruteforce attacks) you should start securing your VPS.
RE: How to deal with brute force attacks - xdude - 12-18-2016
OP was just starting a discussion about the subject telling his experience. So all opinions , suggestions and advice should be helpful to anyone who's viewing the thread.
RE: How to deal with brute force attacks - Arkiven4 - 12-21-2016
I Agree With @Nova . And MayBe Add If 3 times Failed To Logins . Bans Ip Temporaly