|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
Expect script that simulates a SSH brute force attack
Post 302913210 by Corona688 on Thursday 14th of August 2014 01:15:55 PM
08-14-2014
That sounds a lot better, yes. 
Surely you could modify it for what you liked.
I don't know much about expect myself unfortunately.
Perhaps this expect loop will be useful to you. Not the same problem, but shows loops.
Surely you could modify it for what you liked.I don't know much about expect myself unfortunately.
Perhaps this expect loop will be useful to you. Not the same problem, but shows loops.
Last edited by Corona688; 08-14-2014 at 02:24 PM..
This User Gave Thanks to Corona688 For This Post:
|
|
9 More Discussions You Might Find Interesting
1. UNIX for Advanced & Expert Users
Hi,
I'm trying find out if there is a way to stop a brute force attack on a Webmail site. I'm trying to setup a webmail access, but I would like to prevent too many invalid logins from the same IP.
I've looked into Snort, but I was wondering if there was an application level firewall that can... (1 Reply)
Discussion started by: nitin
1 Replies
2. UNIX for Advanced & Expert Users
Im currently experiancing a brute force attack on my server
Nov 26 15:27:04 ws096 saslauthd: do_auth : auth failure:
Nov 26 15:27:13 ws096 saslauthd: do_auth : auth failure:
Nov 26 15:27:22 ws096 saslauthd: do_auth : auth failure:
Nov 26 15:27:29 ws096... (4 Replies)
Discussion started by: mcraul
4 Replies
3. Shell Programming and Scripting
Guys,
I know this is tricky.. I'm trying to write a script to pull info from a MMI device.
Following script logins into the server and then changes to super user. Opens MMI session and then exits out. I need to run the command under the MMI session "dsp_alarm_span all" Is there any other way to... (2 Replies)
Discussion started by: miltonrods
2 Replies
4. Shell Programming and Scripting
Ok, i don't know if anyone else here have had to deal with something like this before, but here's my situation.
I have about 1000+ servers I need to log into to do something.
What i need to do is to log into each server, go to a certain directory on each of the servers, copy the files that... (3 Replies)
Discussion started by: SkySmart
3 Replies
5. Shell Programming and Scripting
How would I write an expect script to automate ssh and what file extention do expect files use? (11 Replies)
Discussion started by: Prodiga1
11 Replies
6. Shell Programming and Scripting
Hi all,
I want to connect to some host with "ssh". I have googled and got some commands of "expect" and "spawn". I was not aware of these commands and tried below script.
$ cat auto.sh
set host xx.xx.xx.xx
set password abcd@1234
set user root
spawn ssh $user@$host
expect "*?assword:*"... (4 Replies)
Discussion started by: divya bandipotu
4 Replies
7. Shell Programming and Scripting
How can I pass password in SSH command without using expect in a shell program.
I don't have expect installed on my Solaris server.
#!/bin/bash
ssh user@hotname (how to supply pass in script?:wall:)
Experts please help its very urgent.
Shrawan Kumar Sahu (4 Replies)
Discussion started by: ss135r
4 Replies
8. Cybersecurity
How to protect DDoS and brute force attack.
I want to secure my server and block attacker. (1 Reply)
Discussion started by: romanepo
1 Replies
9. Shell Programming and Scripting
Dear All,
I have a requirement where I have to SFTP or SCP a file in a batch script. Unfortunately, the destination server setup is such that it doesn't allow for shell command line login. So, I am not able to set up SSH keys. My source server is having issues with Expect. So, unable to use... (5 Replies)
Discussion started by: ss112233
5 Replies
LEARN ABOUT CENTOS
fail2ban
FAIL2BAN(1) General Commands Manual FAIL2BAN(1) NAME
fail2ban - a set of server and client programs to limit brute force authentication attempts. DESCRIPTION
Fail2Ban consists of a client, server and configuration files to limit brute force authentication attempts. The server program fail2ban-server is responsible for monitoring log files and issuing ban/unban commands. It gets configured through a simple protocol by fail2ban-client, which can also read configuration files and issue corresponding configuration commands to the server. For details on the configuration of fail2ban see the jail.conf(5) manual page. A jail (as specified in jail.conf) couples filters and actions definitions for any given list of files to get monitored. For details on the command-line options of fail2ban-server see the fail2ban-server(1) manual page. For details on the command-line options and commands for configuring the server via fail2ban-client see the fail2ban-client(1) manual page. For testing regular expressions specified in a filter using the fail2ban-regex program may be of use and its manual page is fail2ban- regex(1). LIMITATION
Fail2Ban is able to reduce the rate of incorrect authentications attempts however it cannot eliminate the risk that weak authentication presents. Configure services to use only two factor or public/private authentication mechanisms if you really want to protect services. A local user is able to inject messages into syslog and using a Fail2Ban jail that reads from syslog, they can effectively trigger a DoS attack against any IP. Know this risk and configure Fail2Ban/grant shell access accordingly. FILES
/etc/fail2ban/* AUTHOR
Manual page written by Daniel Black and Yaroslav Halchenko REPORTING BUGS
Report bugs to https://github.com/fail2ban/fail2ban/issues COPYRIGHT
Copyright (C) 2013 Copyright of modifications held by their respective authors. Licensed under the GNU General Public License v2 (GPL). SEE ALSO
fail2ban-server(1) fail2ban-client(1) fail2ban-regex(1) jail.conf(5) Fail2Ban March 2013 FAIL2BAN(1)