Íàñòðîéêà brute force protection íà ðîóòåðå

**MrGalaxy** · 17-02-2010, 16:55

Originally Posted by al37919

Çàùèòà ðåàãèðóåò íà óñòàíîëåíèå ñîåäèíåíèÿ, à íå íà ââîä ïàðîëÿ. Áîëåå òîãî, äëÿ íåå íåâàæíî áûë ââåäåí êîððåêòíûé ïàðîëü èëè íåò.

Äîïóñòèì òàê. Êàê âèäíî ïî ìîåìó ñêðèíó èç 1-ãî ïîñòà, ó ìåíÿ íàñòðîåíî íà 5 ïîïûòîê â òå÷åíèå 600 ñ. ß ñäåëàë áîëüøå è çàïðîñ ïàðîëÿ âñ¸-ðàâíî âîçíèêàë ó ìåíÿ.
Òàê ÷òî ó ìåíÿ íåïðàâèëüíî?

ÇÛ: Êóäà-òî èñ÷åç ñêðèí, áëèí, â êîñìîñ, ÷òî-ëè èñïàðèëñÿ...
Âîò ïîâòîðÿþ:

**getikalex** · 28-08-2010, 21:01

Ñîáñòâåííî ñàáæ. Äëÿ ðîóòåðà, êîòîðûé êðóòèò èíåò 24/7 ñîôò òèïà áðóòà (ïîäáîðà ïàðîëåé ê ÿùèêàì è ñåðâèñàì) - ïðîñòî äîëæåí áûòü ðîäíûì. Òåì áîëåå ïîä ëèíóêñ åñòü ëó÷øèå âàðèàíòû, è ðåñóðñîâ îñîáûõ íå íàäî. (Íàñêîëüêî ÿ ïîíèìàþ ìîæíî îáîéòèñü êîììàíäíîé ñòðîêîé áåç ãðàôèêè)
Îñîáåííî õâàëÿò Hydra. Èñõîäíèêè âûëîæåíû. Íî â ëîá ñêîìïèëèðîâàòü ïîä ðîóòåð íå ïîëó÷èëîñü. Ìîæåò êòî ñïîäîáèòñÿ äîïèëÿòü íàïèëüíèêîì ?
À ìîæåò ãäå áûëî íà ôîðóìå ÷òî-òî ïîäîáíîå ? ïðîøó òêíóòü íîñîì, ñàì íå íàøåë.

ñì. ïî òåìå:
http://freeworld.thc.org/thc-hydra/
http://hacker-pro.net/archive/index.php/t-2971.html

PS. Ïîíÿòíî, ÷òî ïðîãè òàêîãî ðîäà íå ñîâñåì äæåíòåëüìåíñêèå, íî èíîãäà íàäî, ïðè÷åì íå îáÿçàòåëüíî ñî çëûì óìûñëîì.

**alegzz** · 28-08-2010, 21:38

ñòðàííî, âñå ñîáèðàåòñÿ...

**Parkinstein** · 28-08-2010, 22:23

Originally Posted by getikalex

Ñîáñòâåííî ñàáæ. Äëÿ ðîóòåðà, êîòîðûé êðóòèò èíåò 24/7 ñîôò òèïà áðóòà (ïîäáîðà ïàðîëåé ê ÿùèêàì è ñåðâèñàì) - ïðîñòî äîëæåí áûòü ðîäíûì. Òåì áîëåå ïîä ëèíóêñ åñòü ëó÷øèå âàðèàíòû, è ðåñóðñîâ îñîáûõ íå íàäî. (Íàñêîëüêî ÿ ïîíèìàþ ìîæíî îáîéòèñü êîììàíäíîé ñòðîêîé áåç ãðàôèêè)
Îñîáåííî õâàëÿò Hydra. Èñõîäíèêè âûëîæåíû. Íî â ëîá ñêîìïèëèðîâàòü ïîä ðîóòåð íå ïîëó÷èëîñü. Ìîæåò êòî ñïîäîáèòñÿ äîïèëÿòü íàïèëüíèêîì ?
À ìîæåò ãäå áûëî íà ôîðóìå ÷òî-òî ïîäîáíîå ? ïðîøó òêíóòü íîñîì, ñàì íå íàøåë.

ñì. ïî òåìå:
http://freeworld.thc.org/thc-hydra/
http://hacker-pro.net/archive/index.php/t-2971.html

PS. Ïîíÿòíî, ÷òî ïðîãè òàêîãî ðîäà íå ñîâñåì äæåíòåëüìåíñêèå, íî èíîãäà íàäî, ïðè÷åì íå îáÿçàòåëüíî ñî çëûì óìûñëîì.

Ìîæåò ÒÓÒ ÷òî ïîëåçíîå îòûùåòñÿ?..

**getikalex** · 29-08-2010, 13:06

Âðîäå äîáèë åå êîìïèëÿöèþ ïî ìàíóàëó Parkinstein è çàïóñòèë !
Áóäó òåñòèòü...

**rutony** · 01-01-2009, 16:35

Code:

an  1 16:24:47 vsftpd[985]: [christina] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:24:49 vsftpd[985]: [christina] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:24:50 vsftpd[985]: [christina] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:24:52 vsftpd[996]: CONNECT: Client "209.203.14.50"
Jan  1 16:24:53 vsftpd[995]: [christine] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:24:55 vsftpd[995]: [christine] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:24:56 vsftpd[995]: [christine] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:24:58 vsftpd[1000]: CONNECT: Client "209.203.14.50"
Jan  1 16:24:58 vsftpd[999]: [christopher] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:00 vsftpd[999]: [christopher] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:01 vsftpd[999]: [christopher] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:03 vsftpd[1002]: CONNECT: Client "209.203.14.50"
Jan  1 16:25:03 vsftpd[1001]: [christy] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:05 vsftpd[1001]: [christy] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:06 vsftpd[1001]: [christy] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:09 vsftpd[1007]: CONNECT: Client "209.203.14.50"
Jan  1 16:25:09 vsftpd[1006]: [chuck] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:11 vsftpd[1006]: [chuck] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:13 vsftpd[1006]: [chuck] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:14 vsftpd[1010]: CONNECT: Client "209.203.14.50"
Jan  1 16:25:15 vsftpd[1009]: [cindy] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:16 vsftpd[1009]: [cindy] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:18 vsftpd[1009]: [cindy] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:19 vsftpd[1014]: CONNECT: Client "209.203.14.50"
Jan  1 16:25:20 vsftpd[1013]: [claire] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:22 vsftpd[1013]: [claire] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:24 vsftpd[1013]: [claire] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:25 vsftpd[1017]: CONNECT: Client "209.203.14.50"
Jan  1 16:25:26 vsftpd[1016]: [clarence] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:28 vsftpd[1016]: [clarence] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:29 vsftpd[1016]: [clarence] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:31 vsftpd[1020]: CONNECT: Client "209.203.14.50"
Jan  1 16:25:31 vsftpd[1019]: [clarissa] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:33 vsftpd[1019]: [clarissa] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:34 vsftpd[1019]: [clarissa] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:36 vsftpd[1023]: CONNECT: Client "209.203.14.50"
Jan  1 16:25:37 vsftpd[1022]: [clark] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:38 vsftpd[1022]: [clark] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:40 vsftpd[1022]: [clark] FAIL LOGIN: Client "209.203.14.50"
Jan  1 16:25:41 vsftpd[1025]: CONNECT: Client "209.203.14.50"
Jan  1 16:25:42 vsftpd[1024]: [claudia] FAIL LOGIN: Client "209.203.14.50"

êàê ÿ ïîíèìàþ, ñóäÿ ïî ëîãó ïûòàþòñÿ ïîäîáðàòü ïàðîëü ê ðîóòåðó, â ÷àñòíîñòè ê ôòï

ñîîáñòâåííî âîçíèêàåò âîïðîñ, êàê ìàêñèìàëüíî îáåçîïàñèòü,
1. êàê ïîìåíÿòü ïàðîëè äëÿ ê telnet, ssh?
2. êàêèå ïðàâèëà ïðîïèñàòü â iptables, îò íàçîéëèâûõ áðóòôîðñåðîâ?

**chyvack** · 01-01-2009, 17:52

http://wl500g.info/showpost.php?p=69964&postcount=63
http://wl500g.info/showthread.php?t=16753&highlight=ssh

**TReX** · 26-09-2011, 23:05

Ãîñïîäà ðàçðàáîò÷èêè ïîïðàâüòå åñëè ÿ íå ïðàâ -

Code:

Chain SECURITY (0 references)
target     prot opt source               destination         
RETURN     tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/SYN limit: avg 1/sec burst 5 
RETURN     tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,RST,ACK/RST limit: avg 1/sec burst 5 
RETURN     udp  --  anywhere             anywhere            limit: avg 5/sec burst 5 
RETURN     icmp --  anywhere             anywhere            limit: avg 5/sec burst 5 
RETURN     ipv6 --  anywhere             anywhere            
DROP       all  --  anywhere             anywhere

Äåôîóëòíûå çíà÷åíèÿ Chain SECURITY, à â êàêèõ ñëó÷àÿõ îíè ñðàáàòûâàþò? Input, Output, Forward ýòî ïîíÿòíî, à âîò ýòè? Ïðîñòî íå ïîïàäàåò ëè ñþäà ïèðèíãîâûé òðàôèê ÷åðåç WAN/MAN?

**Basile** · 27-09-2011, 17:31

Originally Posted by TReX

<...> Äåôîóëòíûå çíà÷åíèÿ Chain SECURITY, à â êàêèõ ñëó÷àÿõ îíè ñðàáàòûâàþò? <...>

Ïî-ìîåìó îíè ñðàáàòûâàþò, êîãäà íà ñòðàíèöå Internet Firewall - Basic Config óñòàíîâëåíà çàùèòà îò áðóòôîðñà FTP è/èëè SSH.

Åñëè öåïî÷êà "SECURITY" èñïîëüçóåòñÿ, òî íà íå¸ äîëæíû áûòü ïåðåõîäû. Åñëè êîìàíäà íèæå ÷òî-òî âûäàñò, çíà÷èò èñïîëüçóåòñÿ:

Code:

iptables-save | grep -e "-j SECURITY"

**TReX** · 27-09-2011, 19:53

Originally Posted by BcTpe4HbIu

.

Ñïàñèáî, çà ñòîëü ïîëíûé è áåñïîëåçíûé îòâåò ) Ìåíÿ èíòåðåñîâàë èìåííî ÷àèí ñåêüþðåòè íà ðîóòåðå )

Originally Posted by Basile

Ïî-ìîåìó îíè ñðàáàòûâàþò, êîãäà íà ñòðàíèöå Internet Firewall - Basic Config óñòàíîâëåíà çàùèòà îò áðóòôîðñà FTP è/èëè SSH.

Åñëè öåïî÷êà "SECURITY" èñïîëüçóåòñÿ, òî íà íå¸ äîëæíû áûòü ïåðåõîäû. Åñëè êîìàíäà íèæå ÷òî-òî âûäàñò, çíà÷èò èñïîëüçóåòñÿ:

Code:

iptables-save | grep -e "-j SECURITY"

Ìíå òîæå òàê âñåãäà êàçàëîñü, íî çäåñü íà ôîðóìå îáíàðóæèë ðåêîìåíäàöèè ïî äîáàâëåíèþ îáõîäà ýòîé öåïî÷êè äëÿ óñêîðåíèÿ ðàáîòû êëèåíòà DC â ïîêàëüíîé ñåòè ïðîâàéäåðà, âîò è ñòàëî èíòåðåñíî êòî äóðàê ))

http://wl500g.info/showpost.php?p=23823&postcount=4

**Basile** · 02-10-2011, 11:46

Originally Posted by TReX

Ìíå òîæå òàê âñåãäà êàçàëîñü <...>

Äàâàéòå ðàçáèðàòüñÿ. Ó âàñ èñïîëüçóåòñÿ ýòà öåïî÷êà? Êàêèå ïðàâèëà ïåðåäàþò óïðàâëåíèå â SECURITY?

**TReX** · 02-10-2011, 18:47

Originally Posted by Basile

Äàâàéòå ðàçáèðàòüñÿ. Ó âàñ èñïîëüçóåòñÿ ýòà öåïî÷êà? Êàêèå ïðàâèëà ïåðåäàþò óïðàâëåíèå â SECURITY?

Ó ìåíÿ êîìàíäà iptables-save | grep -e "-j SECURITY" íå âûäàåò íè÷åãî, õîòÿ äëÿ SSH/FTP óñòàíîâëåííî Enale Brute Force Protection for SSH Server: è Enable Brute Force Protection for FTP Server: Yes

**BcTpe4HbIu** · 27-09-2011, 17:59

Originally Posted by TReX

â êàêèõ ñëó÷àÿõ îíè ñðàáàòûâàþò? Input, Output, Forward ýòî ïîíÿòíî, à âîò ýòè? Ïðîñòî íå ïîïàäàåò ëè ñþäà ïèðèíãîâûé òðàôèê ÷åðåç WAN/MAN?

**pollitra** · 16-06-2012, 15:53

çàøèôðîâàëè ïðîãîé, êñòàòè ëåãàëüíîé, ìàòü å¸ ðàçýäàê, lockdir.exe Ïàðîëü 29 ñèìâîëîâ ïðèñëàëè. Çà íàâîäêó íà OpenVPN ñïàñèáî. Îïðåäåë¸ííûì IP íå ïîëó÷èòñÿ, êëèåíò (äîìàøíèé êîìï) íà äèíàìè÷åñêîì IP. Ìîæåò ìîæíî ìàñêó çàäàâàòü, òèïà 226.***.***.***? Ïðîâàéäåð òî îäèí, íó 2, åñëè â áóäóùåì ïëàíøåò ñ 3G âîçüìó.

**staticroute** · 16-06-2012, 16:34

Originally Posted by pollitra

çàøèôðîâàëè ïðîãîé, êñòàòè ëåãàëüíîé, ìàòü å¸ ðàçýäàê, lockdir.exe Ïàðîëü 29 ñèìâîëîâ ïðèñëàëè. Çà íàâîäêó íà OpenVPN ñïàñèáî. Îïðåäåë¸ííûì IP íå ïîëó÷èòñÿ,
êëèåíò (äîìàøíèé êîìï) íà äèíàìè÷åñêîì IP. Ìîæåò ìîæíî ìàñêó çàäàâàòü, òèïà 226.***.***.***? Ïðîâàéäåð òî îäèí, íó 2, åñëè â áóäóùåì ïëàíøåò ñ 3G âîçüìó.

òîãäà òîëüêî VPN, åùå ìîæíî èñïîëüçîâàòü fwknop, ÷òîáû îòêðûâàòü íóæíûé ïîðò äëÿ íóæíîãî IP-àäðåñà òîæå ïî êëþ÷ó.
à ÿ áû íå ñòàë SSH îòêðûòûì îñòàâëÿòü íàðóæó, äà è âîîáùå ëó÷øå èñïîëüçîâàòü fwknop

Thread: Íàñòðîéêà brute force protection íà ðîóòåðå

Thread Tools

Rate This Thread

Display

Hybrid View

Áðóò ñ ðîóòåðà ïðîáîâàë êòî...òèïà Hydra ïðèêðóòèòü

Çàùèòà ðîóòåðà

?

Similar Threads

Óñòàíîâêà è íàñòðîéêà asterisk íà ðîóòåðå

Íàñòðîéêà CRON íà ðîóòåðå

Íàñòðîéêà mpcs íà ðîóòåðå

[HowTo] avoid brute force in AP mode

VSFTP Brute force attacks

Tags for this Thread

Posting Permissions