Skip main navigation

Secure the server

Secure the server
There are different methods to prevent brute-forcing attacks. For this lab I’m going to use the iptables firewall. We need to add the rules to the firewall set.
We also need to load the new rules.
Let’s now go back to Kali and try to run our brute-forcing attack again.
As you can see our attack is now being blocked and the tool will soon stop. In real life situations most attackers and bots will give up at this point as it will take them far too long to find valid log in credentials.
The SSH server needs to be configured to prevent such attacks. We will look into one possible way for doing that and test the scan again.
We will add two rules into the iptables firewall which will allow a maximum of four login attempts within 300 seconds. If that count is reached the IP will be blocked for 300 seconds. We need to add two rules to /etc/sysconfig/iptables. You can find the rules in the iptables file in the Downloads area which you can find at the bottom of this step.
Note: For this lab I am using a command line text editor. There are several available in Linux and it is up to you which one you will use. If you are already comfortable with Linux, you can use emacs. If you are relatively new though, pico or nano are good ones to start with (I will use nano for those of you who are just beginning).
This article is from the free online

Basics of Network Security

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education