how to prevent brute force attack

This is my first shell Script, write chaos, experiment, or is available, and now on my own Web server running up!! ~~#!/bin/bash# this shellscript to prevent SSH brute force hack #auther:aaronguo#date:jan82016#version:1.2# Specifies the shell's log file logfile= "/var/log/blocked_ip" # gets the current time, used for grep/var/log/secure. (format: MMNBSP;DD NBSP;

the/etc/hosts.deny, some words have been successful. Ways to improve SSH security 1. Modify the configuration file of the SSHD server/etc/ssh/sshd_config, and add some parameters to the following modifications to enhance security. By default, the system uses port 22nd to change the listening port to another value (preferably more than 1024 of the high-end port to avoid conflicts with other regular service ports), which can increase the difficulty of the intruder detection system running the

Use the MD5 conversion algorithm to prevent brute-force password cracking MD5 is the most common cryptographic algorithm in Web applications. Because MD5 is irreversible, the ciphertext obtained after MD5 calculation cannot be obtained through reverse algorithms.Looking back at the original intention of using MD5 to encrypt text passwords in Web applications, it

Use the MD5 conversion algorithm to prevent brute force cracking. MD5 is the most common cryptographic algorithm in Web applications. Because MD5 is irreversible, the ciphertext obtained after MD5 calculation cannot be obtained through reverse algorithms. Review that MD5 is the most common cryptographic algorithm in Web applications. Because MD5 is irreversible,

Overview:Nowadays, the Internet is very insecure. Many people use some scanners to scan the ssh port and try to connect to the SSH port for brute force cracking. Therefore, we recommend that you use the VPs host space, set a complex SSH logon password as much as possible. For details about how to configure Secure SSH services, refer to the article "Configure Secure SSH service on a VPs host". How can I

start" >>/etc/rc.local/etc/init.d/denyhosts start3. Testing[Email protected]:~$ ssh [email protected]Welcome to Linuxfan.cn[email protected] ' s password:Permission denied, please try again.[email protected] ' s password:Permission denied (Publickey,gssapi-keyex,gssapi-with-mic,password). # #成功[Email protected]:~$ ssh [email protected]Ssh_exchange_identification:read:Connection Reset by peerThis article is from the "Lp-linux" blog, make sure to keep this source http://linuxlp.blog.51cto.com/114

Raspberrypi2 sshd[6351]: Did not receive identification string from 61.160.222.53Statistics, the last one months there are more than 20,000, I was wrong, small pie: (How to prevent this kind of idle egg ache of person? Generally speaking:1. Configure Sshd_config, disable root login2. Using a non-regular SSH service port3. Use a non-regular login name4. Use key to login as much as possibleThe above four articles I have noticed, but can not

custom attribute, and draws four noise lines, the color is random, and the starting and ending positions are randomly generated. 3. Correct verification code for real-time change of maintenancein order to verify the correctness of the verification code entered by the user, the mainactivity to maintain a variable in the user click on the custom View The value of this variable can be changed in real time when the verification code is refreshed. Here, using a custom broadcast implementation, a ran

line of my/etc/crontab file is**/1 ** root sh/root/hosts_deny.sh repeats the script every other hour, /var/log/secure is polling once every week, so we can configure the time to execute this script based on the server's actual situation, this cycle can be appropriately reduced for machines with frequent brute force cracking.After my public network machine runs the script for a while, the/etc/hosts. deny fi

You can refer to the related articles at the end of this article. Scanning the Internet is a frequent issue. To prevent brute force cracking of ssh accounts and passwords, you can use denyhosts to enhance system security. 1. InstallSudo apt-get install denyhosts2. Configure/etc/denyhosts. conf. Content reference:Sshd logon log file. Different systems are differen

1. Environment CentOS 72, online installationYum Install-y epel-releaseYum Install-y Fail2banFail2ban structure/etc/fail2ban # # Fail2ban Service configuration directory/ETC/FAIL2BAN/ACTION.D # # iptables, mail and other action files directory/ETC/FAIL2BAN/FILTER.D # # condition matching file directory, filtering log key content/ETC/FAIL2BAN/JAIL.CONF # # Fail2ban Protection configuration file/etc/fail2ban/fail2ban.conf # # Fail2ban profile, defining log levels, logs, sock file locations, and mo

DenyHosts is a very useful anti-SSH brute force software that feels simpler and more effective than fail2ban.Installing denyhosts under Debian is very simple. Direct APT installation can. (The strong place of Debian is what bird thing he can apt-get install)The screened IP is recorded in the/etc/hosts.deny file and can be viewed at any time. 1, the elimination of SSH login records, to

appropriately modify the connection frequency of the brute force cracking program, allowing the attack program to brute force in the context of satisfying the security policy. For example, an attacker could fully define an attacker to attempt an FTP

PHP Mysql brute-force cracking script and phpmysql brute-force cracking Mysql PHP brute-force script (Note: The Code shows that the user name is a variable. Generally, the database account does not change, so the user name does no

as: vLan) mutual access, the network IP can be accessed through the Internet. In general, the application server accesses the database server by accessing the intranet IP, and the database maintenance is operated from the Internet via an extranet IP. Automated brute force hack tool one way is to scan directly to an extranet IP address, discover that a default port is serving the database, and then guess th

Before reading this article, I would like to briefly understand what ModSecurity is, And ModSecurity is an engine for intrusion detection and prevention. It is mainly used for Web applications, so it can also be called Web application firewall. I believe many commercial WAF signature developers have also referred to the ModSecurity rules. Background: Last week, the Wordpress website suffered a large-scale brute-fo