home   |   about us   |   our network   |   services   |   affiliates   |   contact
 
Services
» Web Hosting
» Reseller Hosting
» Dedicated Servers
» Windows/ASP.net Hosting
» Managed Web Hosting
» Remote Backup / Storage
» Virtual Dedicated Servers
 
Support
» Support Desk
» Client Login
» Forums
» FAQs
» Help Files
» Acceptable Use Policy
» Client Testimonials
» Blog
 
Tutorials
» Dedicated Server Tutorial
» Website Optimization
» Search Engine Optimization
» Web Hosting Tutorials
» Web Programming Tutorials
» Networking Tutorials
» Virtual Server Tutorials
» Resources


How to install BFD (Brute Force Detection)

What is BFD (Brute Force Detection)?
BFD is a modular shell script for parsing applicable logs and checking for authentication failures. There is not much complexity or detail to BFD yet and likewise it is very straight-forward in its installation, configuration and usage. The reason behind BFD is very simple; the fact there is little to no authentication and brute force auditing programs in the linux community that work in conjunction with a firewall or real-time facility to place bans. BFD is available at: http://www.rfxnetworks.com/bfd.php

This guide will show you how to install and configure BFD to protect your system from brute force hack attempts.

Requirements:
- You MUST have APF Firewall Installed before installing BFD - it works with APF and requires some APF files to operate.
- Root SSH access to your server

Lets begin!
Login to your server through SSH and su to the root user.

1. cd /root/downloads or another temporary folder where you store your files.

2. wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz

3. tar -xvzf bfd-current.tar.gz

4. cd bfd-0.2

5. Run the install file: ./install.sh
You will receive a message saying it has been installed

.: BFD installed
Install path: /usr/local/bfd
Config path: /usr/local/bfd/conf.bfd
Executable path: /usr/local/sbin/bfd

6. Lets edit the configuration file: pico /usr/local/bfd/conf.bfd

7. Enable brute force hack attempt alerts:
Find: ALERT_USR="0" CHANGE TO: ALERT_USR="1"

Find: EMAIL_USR="root" CHANGE TO: EMAIL_USR="your@yourdomain.com"

Save the changes: Ctrl+X then Y

8. Prevent locking yourself out!
pico -w /usr/local/bfd/ignore.hosts and add your own trusted IPs
Eg: 192.168.1.1

Save the changes: Ctrl+X then Y

BFD uses APF' cli insert feature
and as such will override any allow_hosts.rules entries users have in-place.
So be sure to add your trusted ip addresses to the ignore file to prevent
locking yourself out.

9. Run the program!
/usr/local/sbin/bfd -s

 

Thanks to RFX Networks for creating another great script for the community.

 

Similar Articles : Compile 2.6.7, 2.6.8, 2.6.8.1, 2.6.9, 2.6.10, 2.6.11.6 Kernel w/module-init-tools, Rkhunter Installation, Detect and Clean a hacked server T0rnkit Tutorial, How to install KISS Firewall, How to Disable Telnet, How to install mod_security for Apache, How to install BFD (Brute Force Detection), How to install APF (Advanced Policy Firewall), E-mail Alert on Root SSH Login, Mask Your Web Server for Enhanced Security, Guide to Chkrootkit - checking for intruders, Creating a Welcome message for SSH logins, Disable Direct Root Login, RootCheck - Root Check, Changing APF log for TDP/UDP drop's
   
 

Quick Links: Debian Dedicated Servers, Direct Deposit Hosting, Unmetered Dedicated Servers, Virtual Dedicated Servers, Windows Server Management, High Traffic Web Hosting - Load Balanced Clusters, Windows 2008 Server Virtual Dedicated Servers

© Copyright 2003-2008
Crucial Paradigm

ABN 97 125 618 662