Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Feature Request - Auto Blocklist

See original GitHub issue

Regarding #223, might be worthwhile to setup a rate limiting scheme that will block an IP after X failed login attempts in under Y minutes for Z minutes long…

Example: 5 failed logins under 5 minutes, block the IP for 60 minutes, or until system restarts.

IE: in-memory solution to reduce complexity.

// on connect, all protocols
  // check block-list for IP
  // if found, check for staleness
    // if stale, remove, continue
    // if active drop connection, use appropriate error code?

// upon failed login attempt
  // check failed logins list for IP, or add array to list
  // remove stale/older than Y entries.
  // add current entry
  // if more than X entries, add IP to block-list

Issue Analytics

State:
Created 5 years ago
Comments:10 (9 by maintainers)

Top GitHub Comments

2reactions

paulchabotcacommented, Dec 27, 2018

I was about to re-setup an ENiGMA system. I can write down my process into a rough how to. If I will look at the logs as well to see about creating some enigma regex’s for fail2ban if needed. Honestly, I agree with @NuSkooler in that fail2ban exists… it’s amazing, no need to re-invent the wheel.

1reaction

NuSkoolercommented, Dec 28, 2018

@SemperFu There appear to be many alternatives to fail2ban for Windows such as IPBan. Attempting to block IP’s at the application layer is really nothing more than a gimmick.

Failed login attempts already disconnect, lock the account, etc. (#'s configurable)