Brute Force Adaptive Service

Murus
Post Reply
lurch99
Posts: 3
Joined: Wed Apr 22, 2015 11:47 pm

Brute Force Adaptive Service

Post by lurch99 » Thu Apr 23, 2015 3:47 pm

First of all, I think you've done a wonderful job wrapping a GUI around PF -- really nice product!

I have a question about the Brute Force Adaptive Service: this is simply a mechanism that checks how many connections are being made from the same origin within a specific period of time, correct?

In other words, there's no intelligent mechanism that checks whether the logins are failed logins vs. successful logins, right?

So a legitimate user with a valid password could in theory be blocked out if the settings were set on the low side, and connected via multiple computers behind NAT on the same public facing IP address.

This makes me wonder if "denyhosts" or "fail2ban" might work nicely with Murus, as they are checking the log for failed logins

basicmonkey
Posts: 5
Joined: Mon May 11, 2015 9:20 pm

Re: Brute Force Adaptive Service

Post by basicmonkey » Mon May 11, 2015 9:22 pm

I'm really interested in this service for my OS X server. Would have to be based on failed logins though as users are likely to connect a lot.

Post Reply