Two security questions / ideas I wanted to bring for discussion.
Is it possible to disable admin login completely, or at least lock down the IP addresses to private network IP only as permitted for admin login?
I would also like to protect Subsonic against brute force attacks. I suppose that if failed logins were logged to a file, we could implement integration to RFXN's Brute Force Detect + Advanced Policy Firewall, or even ConfigServer Firewall. Both APF and CSF are powerful front ends for iptables functionality, generally built into modern linux kernels.
RFXN's Brute Force Detect / BFD
RFXN's Advanced Policy Firewall / APF
ConfigServer's ConfigServer Firewall / CSF
Brute Force Detection and or disabling Admin direct login
Moderator: moderators
2 posts
• Page 1 of 1
Brute Force Detection and or disabling Admin direct login
by Tanner Williamson » Thu Mar 17, 2011 2:10 am
Tanner Williamson https://www.tannerwilliamson.com/
- Tanner Williamson
- Posts: 51
- Joined: Mon Dec 14, 2009 7:30 am
by GJ51 » Thu Mar 17, 2011 6:30 am
That's not possible at this time as far as I know. I just use a complex password, such as, xg3uRdOv1L3k and trust that nobody's really interested enough in wasting the time it would take to crack it just to hear some music.
Even when I had links to my sites posted as part of my signature here on the forums, I never had any problems with unauthorized intrusions.
Even when I had links to my sites posted as part of my signature here on the forums, I never had any problems with unauthorized intrusions.
Gary J
http://bios-mods.com
http://www.maplegrovepartners.com
http://theaverageguy.tv/category/tagpodcasts/cyberfrontiers/
http://bios-mods.com
http://www.maplegrovepartners.com
http://theaverageguy.tv/category/tagpodcasts/cyberfrontiers/
-
GJ51 - Posts: 3492
- Joined: Wed Oct 20, 2010 11:58 pm
- Location: Western New York
2 posts
• Page 1 of 1
Who is online
Users browsing this forum: No registered users and 28 guests