Brute Force Detection

Put up a barrier between you and the bad guys with Brute Force Detection (BFD), published by Rfx Networks (www.rfxn .com/projects/brute-force-detection/). This free software tool helps defend against brute force hacking attacks on dedicated web servers.

Brute force attacks are characterized by their scattergun approach, such as using the entire dictionary as username and password inputs — methodically seeking the correct combination that will allow access to web server roots — or to paysite members areas.

Brute force attacks are characterized by their scattergun approach, such as using the entire dictionary as username and password inputs.

BFD detects these multiple, malicious login attempts, blocking the hacker’s efforts.

According to R-fx Networks, BFD is a modular shell script for parsing application logs and checking for authentication failures.

“It does this using a rules system where application specific options are stored including regular expressions for each unique auth format,” the company website says. “The regular expressions are parsed against logs using the ‘sed’ tool (stream editor) which allows for excellent performance in all environments.”

BFD employs a log tracking system that allows logs to be parsed from their last read point, boosting the performance of BFD, as it is not constantly reading the same log data.

BFD can be leveraged to block attackers using tools such as APF, Shorewall, raw IP tables, IP route or custom commands. A customizable email alerting system and simple flat text files are added benefits, as is the attack pool “where trending data is stored on all hosts that have been blocked including which rule the block was triggered by.”

By default, a cron job executes BFD once every three minutes, but this can be as little as one minute without causing any performance issues.

“Although cron execution does not permit BFD to act in real time, the log tracking system ensures it never misses a beat in authentication failures,” the BFD website notes. “Further, using cron provides a reliable frame work for consistent execution of BFD in a very simplified fashion across all *nix platforms.”

BFD is free to use, but its ongoing development is dependent on public contributions and donations, so a small usage gratuity is requested.

Related:  

Copyright © 2024 Adnet Media. All Rights Reserved. XBIZ is a trademark of Adnet Media.
Reproduction in whole or in part in any form or medium without express written permission is prohibited.

More Articles

opinion

To Cloud or Not to Cloud, That Is the Question

Let’s be honest. It just sounds way cooler to say your business is “in the cloud,” right? Buzzwords make everything sound chic and relevant. In fact, someone uninformed might even assume that any hosting that is not in the cloud is inferior. So what’s the truth?

Brad Mitchell ·
opinion

Upcoming Visa Price Changes to Registration, Transaction Fees

Visa is updating its fee structure. Effective April 1, both the card brand’s initial nonrefundable application fee and annual renewal fee will increase from $500 to $950. Visa is also introducing a fee of 10 cents for each transaction, and 10 basis points — 0.1% — on the payment volume of certain merchant accounts.

Jonathan Corona ·
opinion

Unpacking the New Digital Services Act

Do you hear the word “regulation” and get nervous? When it comes to the EU’s Digital Services Act (DSA), you shouldn’t worry. If you’re complying with the most up-to-date card brand regulations, you can breathe a sigh of relief.

Cathy Beardsley ·
opinion

The Perils of Relying on ChatGPT for Legal Advice

It surprised me how many people admitted that they had used ChatGPT or similar services either to draft legal documents or to provide legal advice. “Surprised” is probably an understatement of my reaction to learning about this, as “horrified” more accurately describes my emotional response.

Corey D. Silverstein ·
profile

WIA Profile: Holly Randall

If you’re one of the many regular listeners to Holly Randall’s celebrated podcast, you are already familiar with her charming intro spiel: “Hi, I’m Holly Randall and welcome to my podcast, ‘Holly Randall Unfiltered.’ This is the show about sex, the adult industry and the people in it.

Women In Adult ·
trends

What's Hot Now: Leading Content Players on Trending Genres, Monetization Strategies

The juggernaut creator economy hurtles along, fueled by ever-ascendant demand for personality-based authenticity and intimacy — yet any reports of the demise of the traditional paysite are greatly exaggerated.

Alejandro Freixes ·
opinion

An Ethical Approach to Global Tech Staffing

One thing my 24-year career as a technologist working to support the online adult entertainment industry has taught me about is the power of global staffing. Without a doubt, I have achieved significantly more business success as a direct result of hiring abroad.

Brad Mitchell ·
opinion

Finding the Right Payment Partner

Whenever I am talking with businesses that are just getting started, one particular question comes up a lot: “How do I get a merchant account?” It’s a simple question, but it has a complicated answer.

Jonathan Corona ·
opinion

The Taxman Cometh for Every Business

February may be the month of romance, but it is also a time when we need to think about something that inspires very little love: taxes. April is not far away, and the taxman is always waiting. This year, federal and most state income taxes are due Monday, April 15.

Cathy Beardsley ·
opinion

The Continuous Journey of Legal Compliance in Adult

The adult entertainment industry is teeming with opportunity but is also fraught with challenges, from anticipating consumer behavior to keeping up with technological innovation. The most labyrinthine of all challenges, however, is the world of legal compliance.

Corey D. Silverstein ·
Show More