Hello *.*,
Lately my Synchronet BBS has been suffering brute force attacks that are more persistent that usual, fortunately without success for them. I am trying to harden the BBS as much as possible and a question raises to me:
I have many login attempts with wrong usernames. I think that the BBS brute force defenses only count failed login attempts when a user fail their password.
If that's Synchronet behaviour, then it would have two problems:
* An attacker can still bash the BBS by just using wrong usernames that result on 'Unknown User'.
* An attacker can also infinitely test different usernames so he can get information of who is an actual user in the BBS and afterwards try brute-force (brute-force is useless if you don't even know the username).
Is it possible to ban these connection attempts that ends with the 'Unknown User' result?
Richard Williamson wrote to Karloch <=-
I have it set for thing that are single line but I hear you can
multi line it
Yes, that's how it already works. http://wiki.synchro.net/howto:block-hackers
Sysop: | Keyop |
---|---|
Location: | Huddersfield, West Yorkshire, UK |
Users: | 286 |
Nodes: | 16 (3 / 13) |
Uptime: | 91:45:24 |
Calls: | 6,498 |
Calls today: | 9 |
Files: | 12,100 |
Messages: | 5,277,697 |