I think someone may read this and try and tell me that it's open source and I should try it myself. Sorry, I don't have the required level of coding expert to do this. This could possibly end up being a feature request?
Is it possible to configure SoftEther so if there are a user configured number of attempts to authenticate over a user configured period of time then when that connection failure attempt threshold is reached, the SoftEther server blacklists the IP address and then the SoftEther VPN administrator would have to either have to manually clear it from the last list or make an exception.
Possibly to allow IP addresses that have been auto-blacklisted to self-remove from the blacklist after a user specified period of time?
Auto black-listing IP addresses based on number of connection attempts. Is it possible.
-
- Posts: 19
- Joined: Mon Sep 16, 2019 7:34 pm
-
- Posts: 22
- Joined: Fri Mar 13, 2020 11:33 pm
Re: Auto black-listing IP addresses based on number of connection attempts. Is it possible.
What OS are you running the server on? There is a tool called Fail2Ban that can be run on Linux and here is a configuration file you can use for it. I've never used this, however:MyronSz wrote: ↑Mon Mar 16, 2020 2:37 pmI think someone may read this and try and tell me that it's open source and I should try it myself. Sorry, I don't have the required level of coding expert to do this. This could possibly end up being a feature request?
Is it possible to configure SoftEther so if there are a user configured number of attempts to authenticate over a user configured period of time then when that connection failure attempt threshold is reached, the SoftEther server blacklists the IP address and then the SoftEther VPN administrator would have to either have to manually clear it from the last list or make an exception.
Possibly to allow IP addresses that have been auto-blacklisted to self-remove from the blacklist after a user specified period of time?
https://gist.github.com/Erutan409/c4d2d ... fdfad3db20
-
- Posts: 22
- Joined: Fri Mar 13, 2020 11:33 pm
Re: Auto black-listing IP addresses based on number of connection attempts. Is it possible.
As I replied, I thought about writing one for Powershell, but someone has already done it:ddunston wrote: ↑Mon Mar 16, 2020 3:52 pmWhat OS are you running the server on? There is a tool called Fail2Ban that can be run on Linux and here is a configuration file you can use for it. I've never used this, however:MyronSz wrote: ↑Mon Mar 16, 2020 2:37 pmI think someone may read this and try and tell me that it's open source and I should try it myself. Sorry, I don't have the required level of coding expert to do this. This could possibly end up being a feature request?
Is it possible to configure SoftEther so if there are a user configured number of attempts to authenticate over a user configured period of time then when that connection failure attempt threshold is reached, the SoftEther server blacklists the IP address and then the SoftEther VPN administrator would have to either have to manually clear it from the last list or make an exception.
Possibly to allow IP addresses that have been auto-blacklisted to self-remove from the blacklist after a user specified period of time?
https://gist.github.com/Erutan409/c4d2d ... fdfad3db20
https://github.com/glasnt/wail2ban
-
- Posts: 19
- Joined: Mon Sep 16, 2019 7:34 pm
Re: Auto black-listing IP addresses based on number of connection attempts. Is it possible.
Sorry for late reply and Thank-you for this information. I have the primary SoftEther VPN service running on Debian Linux and I have a back-up that I can bring up that's on a Windows 10 laptop I can wake-up remotely from hibernation.ddunston wrote: ↑Mon Mar 16, 2020 3:52 pmWhat OS are you running the server on? There is a tool called Fail2Ban that can be run on Linux and here is a configuration file you can use for it. I've never used this, however:MyronSz wrote: ↑Mon Mar 16, 2020 2:37 pmI think someone may read this and try and tell me that it's open source and I should try it myself. Sorry, I don't have the required level of coding expert to do this. This could possibly end up being a feature request?
Is it possible to configure SoftEther so if there are a user configured number of attempts to authenticate over a user configured period of time then when that connection failure attempt threshold is reached, the SoftEther server blacklists the IP address and then the SoftEther VPN administrator would have to either have to manually clear it from the last list or make an exception.
Possibly to allow IP addresses that have been auto-blacklisted to self-remove from the blacklist after a user specified period of time?
https://gist.github.com/Erutan409/c4d2d ... fdfad3db20