Answered by the Webhosting Experts

Prevent Brute Force Attacks

While someone might not be targeting your site or server specifically, they will have automated tools that will try to guess random usernames and passwords that are common against your system. They’re essentially forcing their way to user only authorized area’s of a system, such as FTP accounts, e-mail accounts, databases, script based administration areas and root or any shell access are most common attempts.

They will try multiple login attempts, guessing usernames and passwords, trying to force their way onto your machine. We can see how Brute force attacks main service daemons such as ftp and shell.

Hackers can try to get into your system using a few different methods:

1) Manual login attempts, they will try to type in a few usernames and passwords.
2) Dictionary based attacks, automated scripts and programs will try guessing thousands of usernames and passwords from a dictionary file, sometimes a file for

usernames and another file for passwords.
3)Generated logins, a cracking program will generate random usernames set by the user. They could generate numbers only, a combination of numbers and letters or

other combinations.

How to identify if it is Brute force attack:
You can easily spot a brute force attempt by checking your servers log files. You will see a series of failed login attempts for the service they’re trying to break into.

# tail –f /var/log/secure

How to prevent a brute force attack:

There are a few main ways to stop a brute force attack:

1) restricting the amount of login attempts that a user can perform

2) banning a users IP after multiple failed login attempts

3) keep a close eye on your log files for suspicious login attempts

Tools to stop and prevent brute force hack attempts:
1) Never enable demo or guest accounts as they will be the first way an attacker will get access into your system and further exploit it.

2) Never have more than one user in the root group.

3)APF & BFD (rfxnetworks.com)
There are many different tools you can use to prevent and stop brute force hackers. The two of them we’ll focus on in this article are APF firewall and BFD (brute force detection) developed by rfxnetworks.

4)LogWatch (logwatch.org)
LogWatch is highly recommended tool that sends you daily reports of system activity including disk space, failed login attempts and much more. If you have a Cpanel server LogWatch *should* be installed by default.

Need More Personalized Help?

If you have any further issues, questions, or would like some assistance checking on this or anything else, please reach out to us from your my.hivelocity.net account and provide your server credentials within the encrypted field for the best possible security and support.

If you are unable to reach your my.hivelocity.net account or if you are on the go, please reach out from your valid my.hivelocity.net account email to us here at: support@hivelocity.net. We are also available to you through our phone and live chat system 24/7/365.