Skip to 0 minutes and 8 secondsThere are different methods to prevent brute-forcing attacks. For this lab I'm going to use the iptables firewall. We need to add the rules to the firewall set.
Skip to 0 minutes and 40 secondsWe also need to load the new rules.
Skip to 0 minutes and 50 secondsLet's now go back to Kali and try to run our brute-forcing attack again.
Skip to 1 minute and 2 secondsAs you can see our attack is now being blocked and the tool will soon stop. In real life situations most attackers and bots will give up at this point as it will take them far too long to find valid log in credentials.
Secure the server
The SSH server needs to be configured to prevent such attacks. We will look into one possible way for doing that and test the scan again.
We will add two rules into the iptables firewall which will allow a maximum of four login attempts within 300 seconds. If that count is reached the IP will be blocked for 300 seconds. We need to add two rules to /etc/sysconfig/iptables. You can find the rules in the iptables file in the Downloads area which you can find at the bottom of this step.
Note: For this lab I am using a command line text editor. There are several available in Linux and it is up to you which one you will use. If you are already comfortable with Linux, you can use emacs. If you are relatively new though, pico or nano are good ones to start with (I will use nano for those of you who are just beginning).
© Coventry University. CC BY-NC 4.0