..::Block username after 3 failed authentications::..

[Alan DeKok]

Alfonso Alejandro Reyes Jiménez wrote:
>  Hi Everyone.
> 
> I was wondering if there's some way to block the brute force attack. for
> example block the username after 3 invalid password attempts.
> 
> This could be possible? if it's possible how?

  Store password tries in a database, and reject the user if he tries
more than 3 logins within a time.

  i.e. store data in a database.  FreeRADIUS is not a database.  Make
FreeRADIUS put information into the database, and read information from
the database.

  Alan DeKok.