Get Paid to Participate - up to $1 per post!     Twitter     Facebook     Google+
Hosting Discussion
 

Hosting Discussion > Web Hosting Forums > Web Hosting Discussion > What is a brute force attack?
forgot password?



Reply


Old
  Post #1 (permalink)   08-20-2017, 11:59 PM
HD Newbie
 
Join Date: Jun 2017
Location: India
Posts: 5
Send a message via Skype™ to breeze_host

Status: breeze_host is offline
What is a brute force attack?How can we prevent it on the server?

Please share your views
 
 
 


Old
  Post #2 (permalink)   08-21-2017, 02:21 AM
HD Master
 
Join Date: Jun 2013
Posts: 288

Status: RH-Calvin is offline
According to Google - Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.
 
 
 
The Following User Says Thank You to RH-Calvin For This Useful Post:
PeterShene (10-08-2017)


Old
  Post #3 (permalink)   08-21-2017, 01:28 PM
HD Community Advisor
 
SenseiSteve's Avatar
 
Join Date: Mar 2009
Location: Saint Louis
Posts: 4,975
Send a message via MSN to SenseiSteve

Status: SenseiSteve is online now
Strange question coming from a provider that sells everything from shared to dedicated and cloud services. In addition to RH-Calvin's response, for WordPress you could install the WordFence plugin to help.
 
 
 


Old
  Post #4 (permalink)   08-21-2017, 11:28 PM
HD Master
 
Join Date: Sep 2014
Location: India
Posts: 271
Send a message via Skype™ to 24x7server

Status: 24x7server is offline
If you've cPanel installed on the server then you can enable cPHulk Brute Force Protection setting in WHM.
__________________
www.24x7servermanagement.com
Server Management, Server Security, Server Monitoring.
Network Monitoring Team !! Skype: techs24x7
 
 
 


Old
  Post #5 (permalink)   08-22-2017, 06:04 AM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 5,006
Send a message via MSN to easyhostmedia

Status: easyhostmedia is online now
a brute force attack can just be a case of too many login attempts and you get locked out of the server.

How have you managed to operate a hosting business since 2009 and not know about Brute Force?
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 
The Following User Says Thank You to easyhostmedia For This Useful Post:
WPCYCLE (08-22-2017)


Old
  Post #6 (permalink)   08-22-2017, 12:48 PM
HD Newbie
 
Join Date: May 2014
Posts: 16

Status: prathyusha is offline
A large numbers of bots kind of thing from a software trying to login or bypass your site logins is bruteforce
 
 
 


Old
  Post #7 (permalink)   10-01-2017, 05:57 PM
HD Newbie
 
Join Date: Sep 2017
Location: UK
Posts: 5

Status: HostingMachines is offline
Quote:
Originally Posted by SenseiSteve View Post
Strange question coming from a provider that sells everything from shared to dedicated and cloud services. In addition to RH-Calvin's response, for WordPress you could install the WordFence plugin to help.
All port based brute force attacks are shutdown by the firewall. WaP firewalls do help Wordpress etc but they work from a database which is written to with each attack so I don't recommend.

LFD using Regex rules to detect xmlrpc attacks and similar are best imo
__________________
Hosting Machines | cPanel | WHM Reseller | Managed VPS
https://www.hostingmachines.co.uk
 
 
 


Old
  Post #8 (permalink)   10-03-2017, 05:22 AM
HD Addict
 
Join Date: Jan 2012
Posts: 166
Send a message via Skype™ to VPS9.net

Status: VPS9.net is offline
Brute force is a trial and error method used by application programs to decode encrypted data for passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force).
Brute force can prevent by following steps:
By reducing surface area
Not being Predictable
Safeguard by security shield.
__________________
VPS9.net - Affordable VPS, dedicated hosting packages.
OpenVZ VPS | XEN VPS | KVM VPS | Special Server | Best Hosting services
 
 
 


Old
  Post #9 (permalink)   10-04-2017, 01:10 PM
HD Newbie
 
Join Date: Oct 2017
Posts: 17

Status: pixelhosts is offline
Quote:
Originally Posted by RH-Calvin View Post
According to Google - Brute force (also known as brute force cracking) is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.
What he said lol ^^

in layman's terms its where someone uses a piece of software to try and crack your password where the software will attempt many different strings in a short amount of time.
 
 
 


Old
  Post #10 (permalink)   10-08-2017, 12:21 AM
HD Newbie
 
Join Date: Apr 2016
Location: kochi
Posts: 17

Status: Eric Thomas is offline
Brute force attack is a trial and error attempt to guess a password by trying all possible combinations of characters. If its a form or login attack, you can enable captcha to protect the forms from these type of attacks. For SSH you can have ssh port changed to a custom one.
 
 
 


Old
  Post #11 (permalink)   10-08-2017, 12:59 PM
HD Newbie
 
Join Date: Sep 2017
Location: Karnal
Posts: 18

Status: hostioo is offline
Brute force also known as brute force cracking is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.
__________________
Cloudlinux | CPanel | WHM | SMTP/IMAP/POP3 | Free SSL |
Unlimited Web Hosting | Unlimited Reseller Hosting and much more.
Hostioo.com
 
 
 


Old
  Post #12 (permalink)   10-08-2017, 01:51 PM
HD Wizard
 
easyhostmedia's Avatar
 
Join Date: Mar 2011
Location: Northumberland, UK
Posts: 5,006
Send a message via MSN to easyhostmedia

Status: easyhostmedia is online now
Quote:
Originally Posted by hostioo View Post
Brute force also known as brute force cracking is a trial and error method used by application programs to decode encrypted data such as passwords or Data Encryption Standard (DES) keys, through exhaustive effort (using brute force) rather than employing intellectual strategies.
Not really. any host can be locked out of their own servers if they have Brute Force enabled as all it means is that someone (could be you) have made too many failed login attempts.
__________________
Terry Robertson - CEO The Easyhost Media Group
Niceday Hosting - Affordable Hosting
PowerSSL - - We Secure your World
The Scamlist Forum - Fighting against scammers
 
 
 


Old
  Post #13 (permalink)   12-10-2017, 03:03 PM
HD Newbie
 
Join Date: Dec 2017
Posts: 4

Status: Evolution Host is online now
I'm assuming that we're considering brute force attacks against a service running on the internet. Offline cracking against a dump of stolen passwords which are hashed is another topic! None the less, here's my take on online attacks:

Usernames and Passwords
In terms of prevention/protection for brute force attacks, your first point of call should of course be secure passwords. Most brute force attacks will involve the use of a "dictionary", sometimes known as a "dictionary attack", wherein the attacker will use a list of commonly used words that are then "mangled". The idea being that a password such as secur3P4sswrd1234 would quickly be guessed since it consists of the word "secure" and "password" with various mangling applied. As long as you avoid common passwords and easily guessed passwords such as those derived from personal information that you may have posted online, you're off to a good start. It also helps to avoid default usernames such as "root" as the attacker would then also have to guess or find the username. If you're running an SSH server on a common port, it's likely that "sudo lastb | head" will show lots of failed login attempts for usernames like "admin", "root" etc due to SSH worms that will randomly attack your server.

Securing the service
Since brute force attackers rely upon the ability to try many passwords within a short space of time, we can almost entirely eliminate the risks by slowing down authentication attempts. The most common approach is to place a temporary block on the IP address or account after a set number of failed authentication attempts take place.

You could build this functionality into your applications, or if you have terminal/SSH access to your server and wish to secure existing software, fail2ban is a great tool. It's essentially a log monitor that can automatically block an IP address after a defined number of failed login attempts. It supports software such as OpenSSH, various FTP servers and various web servers out of the box.

Assuming that your passwords are strong, this strategy goes a long way towards securing your server and may even reduce the load on the server by blocking lots of junk requests.

If you're still concerned about the extremely small chance that an attacker could guess the correct password, or are concerned that given a long time (many months/years) the attacker could still succeed, password rotation and IP whitelisting can mitigate this risk.

Last edited by Evolution Host : 12-10-2017 at 03:14 PM.
 
 


Old
  Post #14 (permalink)   Today, 09:00 AM
HD Addict
 
Join Date: Nov 2008
Location: Central Indiana, USA
Posts: 213
Send a message via AIM to MikeDVB Send a message via MSN to MikeDVB Send a message via Skype™ to MikeDVB

Status: MikeDVB is offline
Quote:
Originally Posted by easyhostmedia View Post
Not really. any host can be locked out of their own servers if they have Brute Force enabled as all it means is that someone (could be you) have made too many failed login attempts.
What you quoted and then said "Not really," to was pretty much the definition of a brute force attack - so I'm not sure what you're saying not really to.

Sure - the company themselves could get locked out by brute force detection - but if that happens and they have no way around it I'm not sure I'd entirely trust them to properly run and manage their infrastructure.

There's always a way in - such as console access via VPN. If the provider doesn't have console access - which would be odd for a company remote from their hardware not to have.

What was it that you were saying "Not really," to?
__________________
Michael Denney - MDDHosting LLC - Professional Hosting Solutions
Cloud Shared Plans Check them out! Old plans still available.
Shared, Premium, Reseller, and VPS
http://www.mddhosting.com/
 
 
Reply

Thread Tools

New Post New Post   Old Post Old Post
Posting Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On
Sponsored By: