..::Block username after 3 failed authentications::..

Alfonso Alejandro Reyes Jiménez conesh at gmail.com
Fri Sep 3 23:33:31 CEST 2010


  Great, thanks for your advice.

El 03/09/2010 04:32 p.m., Alan DeKok escribió:
> Alfonso Alejandro Reyes Jiménez wrote:
>>   Hi Everyone.
>>
>> I was wondering if there's some way to block the brute force attack. for
>> example block the username after 3 invalid password attempts.
>>
>> This could be possible? if it's possible how?
>    Store password tries in a database, and reject the user if he tries
> more than 3 logins within a time.
>
>    i.e. store data in a database.  FreeRADIUS is not a database.  Make
> FreeRADIUS put information into the database, and read information from
> the database.
>
>    Alan DeKok.



More information about the Freeradius-Users mailing list