The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Bfd

Discussion in 'General Discussion' started by binumvk, Oct 22, 2004.

  1. binumvk

    binumvk Active Member

    Joined:
    Oct 13, 2004
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
    I am everytime using a dynamic IP how can i prevent to locked up myself,if i install BFD(brute force detection) in my cpanel server.
     
    #1 binumvk, Oct 22, 2004
    Last edited: Oct 23, 2004
  2. FWC

    FWC Well-Known Member

    Joined:
    May 13, 2002
    Messages:
    354
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Ontario, Canada
    Don't produce failed logins and you should be fine.
     
  3. binumvk

    binumvk Active Member

    Joined:
    Oct 13, 2004
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
    is it possible to set a login attempt failure and then how can i configure that /ignore.hosts file,leave it blank or configure it using my dynamic ip?
     
  4. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    If you have a dynamic IP, then you cannot exclude it for obvious reasons.

    If you want to change the trigger levels, then you need to edit the appropriate rule file in /usr/local/bfd/rules/ and set the TRIG value as you want it.
     
  5. binumvk

    binumvk Active Member

    Joined:
    Oct 13, 2004
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
    Thanks!!!!
     
  6. SarcNBit

    SarcNBit Well-Known Member

    Joined:
    Oct 14, 2003
    Messages:
    1,010
    Likes Received:
    3
    Trophy Points:
    38
    Consider using key based access

    You can also consider opening up your ISPs entire range of dynamically assigned IPs. That will leave you open to brute force attacks from people sharing or spoofing those IPs. The impact of that decision would depend on the size of your ISPs pool. In any case you will want to use a strong password and change it regularly.
     
  7. damainman

    damainman Well-Known Member

    Joined:
    Nov 13, 2003
    Messages:
    515
    Likes Received:
    0
    Trophy Points:
    16
    I been wondering this for awhile but never had a chance to find it out... Is there a way to have bfd block users for using certain names? Like if someone tried to use a certain user name to log in, just block them.
     
  8. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess
    Possibly, but that's beyond my knowledge on configuring specific rulesets for BFD. You're probably better off asking on the applications forums.
     
  9. binumvk

    binumvk Active Member

    Joined:
    Oct 13, 2004
    Messages:
    42
    Likes Received:
    0
    Trophy Points:
    6
    do you know the names of such forums
     
  10. chirpy

    chirpy Well-Known Member

    Joined:
    Jun 15, 2002
    Messages:
    13,475
    Likes Received:
    20
    Trophy Points:
    38
    Location:
    Go on, have a guess

Share This Page