VPS Hosting KNOWLEDGEBASE
1page_img1
How to install BFD (Brute Force Detection)

This guide will show you how to install and configure BFD to protect your system from brute force hack attempts.


Requirements: 

- You MUST have APF Firewall before installing BFD - it works with APF and requires some APF files to operate.

- Root SSH access to your server


Updated: April 13, 2005


Lets begin!

Login to your server through SSH and su to the root user.


1. cd /root/downloads or another temporary folder where you store your files.


2. wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz


3. tar -xvzf bfd-current.tar.gz


4. cd bfd-0.7


5. Run the install file: ./install.sh

You will receive a message saying it has been installed


.: BFD installed

Install path:    /usr/local/bfd

Config path:     /usr/local/bfd/conf.bfd

Executable path: /usr/local/sbin/bfd


6. Lets edit the configuration file: pico /usr/local/bfd/conf.bfd


7. Enable brute force hack attempt alerts:

Find: ALERT_USR="0"   CHANGE TO: ALERT_USR="1"    


Find: EMAIL_USR="root" CHANGE TO: EMAIL_USR="[email protected]


Save the changes: Ctrl+X then Y


8. Prevent locking yourself out!

pico -w /usr/local/bfd/ignore.hosts and add your own trusted IPs

Eg: 192.168.1.1


Save the changes: Ctrl+X then Y


BFD uses APF' cli insert feature

and as such will override any allow_hosts.rules entries users have in-place.

So be sure to add your trusted ip addresses to the ignore file to prevent

locking yourself out.


9. Run the program!

/usr/local/sbin/bfd -s


10. Customize your applicatoins brute force configuration

Check out the rules directory in your /usr/local/bfd


Here you'll find all kinds of pre-made rules for popular services such as Apache, and ProFTPD w00t!

If you have any clue about shell scripting you can customize them or create new rules for enhanced brute force detection and prevent attacks.

Customer Feedback...

1page_img1
Mark Rightson...
"This is by far the best service I have ever seen from a server hosting provider. Their virtual servers are no different than the dedicated server I moved from and they managed to import my dedicated server.. like magic! Thanks guys for the excellent service"
1page_img1
Bill Meyer...
"I got my first VMware server from vps-hosting.ca and I have to say I was very impressed. I realize I was wasting money on my dedicated server as these virtuals seem to perform extremely well. Also I really didn't expect to have the server up and running in 3 minutes which was great"