dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
767
share rss forum feed


Danny

@verizon.net

Block IPs from brute force hack attempts

Hello, is it possible to block IPs that attempt to access my server through brute force. Currently I manually add the IP address as a host address, add that name to the address group, which is blocked at the firewall. I would love to have this done automatically by my zywalls ( I have both the 50 and 20)
Is this possible?

Thank you


Brano
I hate Vogons
Premium,MVM
join:2002-06-25
Burlington, ON
kudos:11

1 edit
It's not possible on USG, but you may be able to do it on your server.
What kind of server do you have? OS?
Check out »www.fail2ban.org


Danny

@verizon.net
I 'am running 2011 home server.
The windows firewall is disabled and I am using the firewall from AVG Antivirus Business Edition 2013.
I guess even some way to pull out X failed attempts and throw it into a txt file without me having to scan my eventlog would be great. My servers seems to be popular with Chinese and Russian brute force attacks.

Thanks

JPedroT

join:2005-02-18
kudos:1
This is up to your server to do, since the ZyWALL do not know if the connection was rejected or not.

But when you got a text file of IP's you want to block, writing a script that updates your firewall rules should be quite trivial.
--
"Perl is executable line noise, Python is executable pseudo-code."

deancollinsb

join:2013-06-09
reply to Brano
lol Brano...I hate to say it but yet again something you can do on Isa2003

I must sound like a broken record by now....


mozerd
Light Will Pierce The Darkness
Premium,MVM
join:2004-04-23
Nepean, ON

1 recommendation

said by deancollinsb:

lol Brano...I hate to say it but yet again something you can do on Isa2003

ISA [Internet Security and Acceleration Server] is a HIGH end product that offers a wealth of features and capabilities --- YOU cannot compare ISA server to ZyWALL USG regardless of model --- ISA server will be superior in every category -- but supporting ISA server is far more complex based on how many other "services" it compliments especially in the world of Microsoft integration. Most people here are Linux or Nix oriented and the ZyWALL USG line suits most people who are in love with the nix world. That is not to say that the USG line cannot work nicely in the Microsoft world --- it does --- but does not have the rich capabilities offered by the Microsoft security solution. TMG and UAG now replace ISA and for those in the know TMG is very expensive.

There is no reason in the world why you cannot keep using ISA server -- its still relevant regardless of the fact that its no longer supported.
--
David Mozer
IT-Expert on Call
Information Technology for Home and Business


Anav
Sarcastic Llama? Naw, Just Acerbic
Premium
join:2001-07-16
Dartmouth, NS
kudos:5
Thanks Mozerd. It was already made clear in other threads but this concise description may provide some clarity for those that need the help. .