 | DictDefencePython program that is able to stop dictionary attacks of all sorts |
| Download | |
DictDefence Ranking & Summary
Advertisement
- License:
- GPL
- Price:
- FREE
- Publisher Name:
- Jason Deiman
- Publisher web site:
- http://stuffivelearned.org/doku.php?id=programming:python:dictdefence
- Operating Systems:
- Mac OS X
- File Size:
- 40 KB
DictDefence Tags
DictDefence Description
Python program that is able to stop dictionary attacks of all sorts DictDefence is a program written in Python to stop dictionary attacks of all sorts. It is based on the idea behind the Script Kiddie Defence Script, but is a much larger, more extensible project. The basic idea behind DictDefence is the automated blocking of Script Kiddies that run dictionary based attacks on your servers. Every system administrators out there has definitely seen the lines in your logs where it is a long listing of some IP trying to log in with a ton of different usernames.That is where DictDefence steps in. DictDefence monitors logfiles or, even better, a FIFO and logs invalid accesses based upon Perl Compatible Regular Expressions (PCREs). Once an IP goes over your defined threshold, that IP is banned using one of (currently) 3 different means, instantly stopping the dictionary attack. This is designed to work on *nix systems only.Backends:· MySQL - The ubiquitous database. Widespread availability and about a zillion tools for using it.· SQLite - Small, simple, portable and easy to use. This is the default database to be used with DictDefence. NOTE: You can't use this with FreeBSD (see the warning below)Blocking Methods:· Null Routing - Simple and available on everything. DictDefense simply routes the bad IP to 127.0.0.1.· PF - The Berkeley Packet Filter. Originally for OpenBSD, but is now available on most of the BSD distros. My personal weapon of choice.· IPTables - If you are running a Linux distribution, chances are you have this running and ready to go.Readers:· You can read from as many files, simultaneously as you would like. Preferably, attach to a FIFO (named pipe) and let DictDefence hum away forever. It also has the ability to read from regular log files and will attach to the new files upon log rotation (similar to tail -F). What's New in This Release: · Fixed an issue where multiple emails and database entries could occur on a permanent ban.
DictDefence Related Software