DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Security

OpenBSD Security Functionally paranoid!

 
 
Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1   (View Single Post)  
Old 25th June 2011
Dr-D's Avatar
Dr-D Dr-D is offline
Port Guard
 
Join Date: Jun 2011
Posts: 43
Default Brute force attacks

I have a question regarding brute force attacks on PC's behind my OpenBSD firewall but after thinking about I think I've answered my own question. But I'll ask just to verify.

My question was this:
Can brute force VNC attacks be handled like SSH? I have an OpenBSD firewall with port forwarding to two Windows boxes. I'm the only one who should ever be connecting to these systems from where ever in the world I happen to be so what I would like to do is give myself two attempts to connect, just in case caps lock is on or a typo on the first attempt. If the second attempt fails then it should completely ignore/block any more attempts for the next five minutes or however long I wish for it wait then allow me to try again after that amount of time has elapsed. Is this possible?

Answer to my own question:
No this isn't possible because the OpenBSD firewall is simply forwarding the connection to the appropriate PC behind the firewall and it is therefore the responsibility of the Windows PC accepting the connection to enforce such a rule set.

Did I ask and answer my own question correctly? Below is a copy of my pf.conf file in case it has any relevance.

#######################
# pf.conf
# macros
int_if="xl0"
ext_if="xl1"
whs="192.168.0.50"
pc1="192.168.0.20"
pc2="192.168.0.21"

# options
set block-policy drop
set loginterface $ext_if
set skip on lo

# match rules
match in all scrub (no-df)
match out on egress inet from !(egress) to any nat-to (egress:0)

# filter rules
block in log
pass out quick
antispoof quick for { lo $int_if }
pass in on egress inet proto tcp to (egress) port 443 rdr-to $whs synproxy state
pass in on egress inet proto tcp to (egress) port 5900 rdr-to $pc1 synproxy state
pass in on egress inet proto tcp to (egress) port 5901 rdr-to $pc2 synproxy state
pass in log on $int_if
#######################
Reply With Quote
 

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ssh brute force attacks sniper007 FreeBSD Security 21 12th June 2011 01:28 AM
pf.conf and some questions about brute attacks Daffy OpenBSD Security 10 27th March 2011 08:38 AM
Air Force may suffer collateral damage from PS3 firmware update J65nko News 1 13th May 2010 12:00 PM
attacks DDoS Sam OpenBSD Security 6 18th December 2009 12:07 AM
pf.conf brute force rule ijk FreeBSD Security 6 11th August 2008 04:54 PM


All times are GMT. The time now is 10:54 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick