Brute force attacks are a major security threat to servers whereby the attacker (which is generally an automated software program) systematically checks all possible passwords and pass-phrases on trial and error basis until the correct one is found. Alternatively, the attacker can attempt to guess the key, which is typically created from the password using a key derivation function.
A defense against this is to limit the number of consecutive unsuccessful login attempts on the system to five after which the user-id is automatically locked by the server. Only the authorized administrator with privileges can unlock the user id.
The SBC system admin controls are enhanced with the addition of an account management object, bruteForceAttackOS (Brute Force Attack OS)
, to protect against Linux OS brute force attacks. This object allows the administrator to limit the number of consecutive failed OS login attempts from 1 to 10, with the default of 3.
On the SBC Main screen, navigate to All > System > Admin > Account Management > Brute Force Attack OS. The Brute Force Attack OS window is displayed.
Caption | ||||
---|---|---|---|---|
| ||||
Caption | ||||||||||
---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||
|