Brute Force Detection

BFD -- Brute Force Detection

BFD is a shell script which parses security logs and detects authentication failures. It is a brute force implementation without much complexity, and it works in conjunction with a APF (Advanced Policy-based Firewall).

## Get the latest source and untar.
# cd /usr/src/utils
# wget http://rfxnetworks.com/downloads/bfd-current.tar.gz
# tar xfz bfd-current.tar.gz
# cd bfd-*
# ./install.sh

Read the README file, and edit the configuration file located in /usr/local/bfd/conf.bfd.
Find ALERT="0" and replace it with ALERT="1"
Find EMAIL_USR="root" and replace it with EMAIL_USR="[email protected]"

Edit /usr/local/bfd/ignore.hosts file, and add your own trusted IPs. BFD uses APF and hence it orverrides allow_hosts.rules, so it is important that you add trusted IP addresses to prevent yourself from being locked out.

## Start the program.
#  /usr/local/sbin/bfd -s

這篇文章有幫助嗎?

 列印本文

Also Read

SPAM

What is Spam? Would you like to... Print this pagePrint this page Email this pageEmail this...

What does MALWARE mean?

For the Wikipedia definition of Malware, please see http://en.wikipedia.org/wiki/MalwareMalware...

Rootkit help

RootKit -- Spyware and Junkware detection and removal toolGo to Rootkit Hunter homepage, and...

My server has been blocked by Abuse. What do I do?

Generally the abuse department will not block your server unless one of the following...

What is a DMCA and how do I file one?

The Digital Millennium Copyright Act (DMCA) is a United States copyright law that implements two...