SCF Portal Stats

Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43431
  • Total Topics: 16526
  • Online today: 2930
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 1
Guests: 2930
Total: 2931









Post reply

Name:
Email:
Subject:
Message icon:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image

Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

shortcuts: hit alt+s to submit/post or alt+p to preview


Topic Summary

Posted by: Samker
« on: 29. April 2012., 20:23:07 »

Nice work Mike. :thumbsup:

Few additional details about "Dictionary attacks" for SCF members from Wikipedia:

Quote

In cryptanalysis and computer security, a dictionary attack is a technique for defeating a cipher or authentication mechanism by trying to determine its decryption key or passphrase by searching likely possibilities.

...
Source: http://en.wikipedia.org/wiki/Dictionary_attack



... and one, just for "figure out", YT video:

http://www.youtube.com/watch?v=xR8J_jNw2io


Posted by: mikey
« on: 28. April 2012., 22:21:43 »

So how do you handle dictionary attacks?

Until recently, I used automatic scripts to ban sources. Scripts are too slow. So why can't we just build a simple rule set for the firewall?...perhaps like this;

Code: [Select]
iptables -N SSH_BAN
iptables -A INPUT -p tcp --dport 22 -m state --state NEW -j SSH_BAN
iptables -A SSH_BAN -m recent --set --name SSH
iptables -A SSH_BAN -m recent --update --seconds 60 --hitcount 4 --name SSH -j DROP

iptables-save > /etc/sysconfig/iptables

/sbin/service iptables save


The result;

Code: [Select]
[root@bench ~]# iptables -L -v
Chain INPUT (policy ACCEPT 374M packets, 106G bytes)
 pkts bytes target     prot opt in     out     source               destination
 176K   10M SSH_BAN    tcp  --  any    any     anywhere             anywhere            tcp dpt:ssh state NEW

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain OUTPUT (policy ACCEPT 274M packets, 395G bytes)
 pkts bytes target     prot opt in     out     source               destination

Chain SSH_BAN (1 references)
 pkts bytes target     prot opt in     out     source               destination
 176K   10M            all  --  any    any     anywhere             anywhere            recent: SET name: SSH side: source
 164K 9812K DROP       all  --  any    any     anywhere             anywhere            recent: UPDATE seconds: 60 hit_count:
 4 name: SSH side: source
[root@bench ~]#
Works for me. :)

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023