[Feature Request] Block brute-force hacking attempts

Discuss newly added features or request new features.
Post Reply
FKuypers
Posts: 20
Joined: 04 Jun 2013, 04:55

[Feature Request] Block brute-force hacking attempts

Post by FKuypers » 04 Dec 2014, 22:29

Hi,

I just saw in my message log that someone it trying to break into my NZBGET machine. It would be great if we could have an option to prevent people from logging in after a certain number of failed login attempts:
Thu Dec 04 19:05:14 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:99admin11)
Thu Dec 04 19:05:15 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:SCOPIA100)
Thu Dec 04 19:05:17 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:TANDBERG)
Thu Dec 04 19:05:19 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:eLaStIx.2oo7)
Thu Dec 04 19:05:22 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:elastix456)
Thu Dec 04 19:05:23 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:epicrouter)
Thu Dec 04 19:05:23 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:passworm)
Thu Dec 04 19:05:24 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:scopia100)
Thu Dec 04 19:05:26 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:sesam)
Thu Dec 04 19:05:26 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:setup)
Thu Dec 04 19:05:27 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:system)
Thu Dec 04 19:05:27 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (antek:antek)
Thu Dec 04 19:05:28 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (asteriskuser:eLaStIx.asteriskuser.2oo7)
Thu Dec 04 19:05:29 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (comcast:1234)
Thu Dec 04 19:05:29 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (dlink:Taitell)
Thu Dec 04 19:05:30 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (draytek:1234)
Thu Dec 04 19:05:32 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (freePBX:fpbx)
Thu Dec 04 19:05:34 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (ipecs:2222)
Thu Dec 04 19:05:35 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (maint:admin)
Thu Dec 04 19:05:38 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (maint:passworm)
Thu Dec 04 19:05:38 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (manager:webpw)
Thu Dec 04 19:05:39 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (n/a:admin)
Thu Dec 04 19:05:44 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:)
Thu Dec 04 19:05:46 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:1111)
Thu Dec 04 19:05:49 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:1234)
Thu Dec 04 19:05:49 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:Cisco)
Thu Dec 04 19:05:51 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:admin)
Thu Dec 04 19:05:51 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:administrator)
Thu Dec 04 19:05:53 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:askozia)
Thu Dec 04 19:05:56 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:eLaStIx.2oo7)
Thu Dec 04 19:05:58 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:gohigh)
Thu Dec 04 19:06:00 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:mysecret)
Thu Dec 04 19:06:02 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:passs)
Thu Dec 04 19:06:05 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (sa:sa)
Thu Dec 04 19:06:14 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (teles:tcs-ag)
Thu Dec 04 19:06:15 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (termnal:root)
Thu Dec 04 19:06:16 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (test:test)
Thu Dec 04 19:06:16 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (voip:1234)
Thu Dec 04 19:06:17 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:secret)
Thu Dec 04 19:06:18 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:portal)
Thu Dec 04 19:06:25 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (rouser:default)
Thu Dec 04 19:06:27 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (nnguest:nnguest)
Thu Dec 04 19:06:29 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (monitor:monitor)
Thu Dec 04 19:06:30 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (superuser:superuser)
Thu Dec 04 19:06:31 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (user:welcome)
Thu Dec 04 19:06:36 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (:admin)
Thu Dec 04 19:06:36 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (:)
Thu Dec 04 19:06:37 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (administrator:administrator)
Thu Dec 04 19:06:38 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:slapshot)
Thu Dec 04 19:06:39 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:router)
Thu Dec 04 19:06:40 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (Polycom:456)
Thu Dec 04 19:06:41 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (POLYCOM:POLYCOM)
Thu Dec 04 19:06:48 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:mysecret)
Thu Dec 04 19:06:49 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:1234)
Thu Dec 04 19:06:51 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (:12345678)
Thu Dec 04 19:06:58 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:123)
Thu Dec 04 19:07:00 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:99admin11)
Thu Dec 04 19:07:00 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (tech:12345678)
Thu Dec 04 19:07:00 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (ADMIN1:0000)
Thu Dec 04 19:07:01 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (ADMIN2:9999)
Thu Dec 04 19:07:03 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:root)
Thu Dec 04 19:07:03 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (it5k:itpassw)
Thu Dec 04 19:07:04 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:samsung)
Thu Dec 04 19:07:05 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (user:user)
Thu Dec 04 19:07:06 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (Admin:Admin)
Thu Dec 04 19:07:10 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (antek:antek)
Thu Dec 04 19:07:13 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (super:super)
Thu Dec 04 19:07:17 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (user:1234)
Thu Dec 04 19:07:18 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (user:12345)
Thu Dec 04 19:07:19 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (user:123456)
Thu Dec 04 19:07:22 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:sesam)
Thu Dec 04 19:07:22 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (admin:banana)
Thu Dec 04 19:07:23 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (termnal:root)
Thu Dec 04 19:07:23 2014 WARNING Request received on port 81 from 62.210.205.155, but username or password invalid (root:gohigh)
Any chance this can be implemented...

Thanks,

Frank

vergessen
Posts: 23
Joined: 19 Feb 2014, 15:36

Re: [Feature Request] Block brute-force hacking attempts

Post by vergessen » 05 Dec 2014, 02:18

wouldn't it make more sense to move it behind a firewall to handle that or put it fully in defense mode and use a ssh tunnel or vpn to get onto the local network?

Uskdara
Posts: 4
Joined: 06 Jan 2015, 23:42

Re: [Feature Request] Block brute-force hacking attempts

Post by Uskdara » 06 Jan 2015, 23:44

The AuthorizedIP section should feature a prominent warning to users about the possible security risks of running a public-facing web server.

MrCorleone
Posts: 10
Joined: 05 Aug 2017, 17:35

Re: [Feature Request] Block brute-force hacking attempts

Post by MrCorleone » 05 Aug 2017, 17:38

I am in agreement with the idea of blocking brute-force attempts...

In the meantime, could someone help me with using FAIL2BAN and create a jail for NZBGet?

I understand how to create the jail, I am not sure how to setup the regex for the logs and log paths...

Post Reply

Who is online

Users browsing this forum: No registered users and 27 guests