What is Brute Force Attack? and How to Prevent Brute Force Attacks?

What is Brute Force Attack? and How to Prevent Brute Force Attacks?

Brute force attacks are very basic, contrary to what one might think, it has become very easy to carry out this type of attack using simple tools like Fireforce, Cain & Abel and John the Ripper.

How does an attack by brute force and how to protect it?

The principle of the attack consisting of trying several times to find the password of an application by testing all possible combinations of characters until the discovery of the password.

The brute force attack can also be cleaned using a dictionary with the same principle. The data are drawn from a list that contains all the possible values of a password, which is why, always avoid using words in a dictionary in your passwords.

This attack exploits the fact that the web server handles HTTP requests independently of each other. To defend itself, first you have to know identify the attacker, hinder and slow in his attack.

1. Identify the attacker

The solution to identify the attacker is to mark him by giving him a cookie, or to use his IP address, whereas unfortunately these two techniques are no longer sufficient, because the hacker can change his IP address, Using a proxy or simply rebooting the connection modem.

Block the IP address of the attacker

If you notice an IP address makes an extreme number of bad connection attempts, then configure your Apache server to block this IP address. Apache has orders to prevent access to these addresses is using the guidelines <Directory>, <Files > and <Location>, which is why you can use User-agent , or the information in the en- HTTP headers.

To deny access to an IP address you can use: deny from 20.1.2.3

Or for all IP addresses beginning with 10.0: deny from 10.1

This is the most effective way to block a user remotely through the web server that handles HTTP requests.

Block the attacker with the Cookie

If an attacker has entered ten attempts, we create a cookie that will allow us to mark it when it returns to the site. This cookie should block it for X minutes. It is a small protection that is simple and that will save you some difficult situations.

The script is as follows:

<? Php

if ($ _COOKIE [ 'counter'] 10) {

header ( "HTTP / 1.0 404 Not Found" quot;);

die ();

}

setcookie ( 'counter', $ _ COOKIE [ 'counter'] + 1, time () + 3600); 

?>

Sure, the script is basic but terribly effective against this type of attacks!

What I can say is that the brute force attack is more likely to fail if you react faster. To make the work of hackers more difficult, you can also add the timer, an extra layer of protection.

2. Delay

Timing is a complementary technique that consists in preventing attempts more than 2 attempts in a row by n seconds. Your visitors will see no change if you take a 2-second margin, while the robot that has to enter hundreds of attempts per second will be delayed. Then you reduce the speed of attack.

To add the timeout, there are functions sleep () and usleep () used in PHP

The function  sleep () is expressed in second and usleep () in microseconds.

Here is an example:

sleep (1); // Pause for a second

usleep (1000000); // Pause for a second
Lucid Kit

Related Posts
Leave a reply
Captcha Click on image to update the captcha .