I want to restrict user logins as a result of brute force attacks.
Currently I can find a list of users quite easily with metasploit, which means I could easily start trying to access the CIFS shares by just trying combinations until I find a password that works.
FreeBSD allows me to put a delay into the login on failed attempts, and a lockout after a number of failed attempts, but my attempts to add these settings are currently being reset when FreeNAS is rebooted and in any case don't seem to be having any effect.
I have not found any provision in Samba to add these features.
Can someone either point me at the right thread or tell me the right question to ask. I'm not getting very far at the moment.
Thanks
Currently I can find a list of users quite easily with metasploit, which means I could easily start trying to access the CIFS shares by just trying combinations until I find a password that works.
FreeBSD allows me to put a delay into the login on failed attempts, and a lockout after a number of failed attempts, but my attempts to add these settings are currently being reset when FreeNAS is rebooted and in any case don't seem to be having any effect.
I have not found any provision in Samba to add these features.
Can someone either point me at the right thread or tell me the right question to ask. I'm not getting very far at the moment.
Thanks
