Use the Brute Force Attack OS window to configure options related to preventing brute force attacks against the Linux operating system (OS).
Brute force attacks are a major security threat to servers whereby the attacker (generally an automated software program) systematically checks all possible passwords and pass-phrases on a trial-and-error basis until the correct one is found. Alternatively, the attacker can attempt to guess the key, which is typically created from the password using a key derivation function. A defense against this is to limit the number of consecutive unsuccessful login attempts on the system, after which the user ID is automatically locked.
The SBC account management Brute Force Attack OS controls allow an administrator to limit the number of consecutive failed OS login attempts before the account is locked and to specify how long to keep the account locked.
On the SBC main screen, navigate to All > System > Admin > Account Management > Brute Force Attack OS. The Brute Force Attack OS window opens.
Figure 1: Brute Force Attack OS Window
Use the following table to set brute force attack OS options and then click Save.
Table 1: Brute Force Attack OS Paramters
Parameter | Description |
---|---|
OS State | Enable this flag to defend the Linux OS against brute force attacks. The options are:
|
Consecutive Failed OSAttempt Allowed | Specifies the number of consecutive failed login attempts allowed before the account is locked. The value ranges from 1 to 10 attempts and the default value is 3 attempts. |
Allow OSAuto Unlock | Enable this flag to automatically unlock the Linux OS account after a configurable number of seconds set by the Unlock OSTime parameter. The options are:
|
Unlock OSTime | Specifies the time interval after which the disabled Linux OS account will automatically unlock. The value ranges from 30 to 5400 seconds and the default value is 30 seconds. |