{"id":8674,"date":"2016-03-16T21:50:06","date_gmt":"2016-03-17T00:50:06","guid":{"rendered":"http:\/\/www.ethicalhacker.com.br\/site\/?p=8674"},"modified":"2022-04-24T12:47:33","modified_gmt":"2022-04-24T15:47:33","slug":"fail2ban-ataque-de-dicionario-no-ssh","status":"publish","type":"post","link":"https:\/\/www.ethicalhacker.com.br\/site\/2016\/03\/exploits\/fail2ban-ataque-de-dicionario-no-ssh\/","title":{"rendered":"Fail2ban  Ataque de Dicion\u00e1rio no SSH"},"content":{"rendered":"<p style=\"text-align: justify;\"><span id=\"result_box\" lang=\"pt\"><span class=\"hps\">Fail2ban<\/span> <span class=\"hps\">pro\u00edbe<\/span> <span class=\"hps\">os IPs<\/span> <span class=\"hps\">que mostram<\/span> certos&nbsp;<span class=\"hps\"> sinais<\/span> <span class=\"hps\">maliciosos, bem como<\/span>&nbsp;<span class=\"hps\">muitas<\/span>&nbsp; tentativas de <span id=\"result_box\" lang=\"pt\"><span class=\"hps\">autentica\u00e7\u00f5es<\/span><\/span>, atrav\u00e9s <span class=\"hps\">de senhas (BRUTE FORCE &#8211; ATAQUE DE DICION\u00c1RIO)<\/span>. <span class=\"hps\">Geralmente<\/span> <span class=\"hps\">Fail2Ban<\/span> <span class=\"hps\">\u00e9&nbsp;<\/span> <span class=\"hps\">usado <\/span><span class=\"hps\">para rejeitar<\/span> <span class=\"hps\">os endere\u00e7os IPs,<\/span> <span class=\"hps\">por um<\/span> <span class=\"hps\">determinado per\u00edodo de tempo<\/span>, embora trabalha com diferentes tipos <span class=\"hps\">de <\/span><span class=\"hps\">filtros<\/span> <span class=\"hps\">para v\u00e1rios servi\u00e7os<\/span>, como: <span class=\"hps\">(Apache<\/span>, <span class=\"hps\">ssh<\/span>, etc).<\/span><\/p>\n<p style=\"text-align: justify;\"><span class=\"hps\">Fail2Ban<\/span> <span class=\"hps\">\u00e9<\/span> <span class=\"hps\">capaz de<\/span> <span class=\"hps\">reduzir<\/span> as taxas <span class=\"hps\">de autentica\u00e7\u00f5es<\/span> por <span class=\"hps\">tentativas<\/span> <span class=\"hps\">incorretas, <\/span><span class=\"hps\">no entanto n\u00e3o<\/span> <span class=\"hps\">pode eliminar<\/span> <span class=\"hps\">os riscos<\/span> que apresentam as<span class=\"hps\"> autentica\u00e7\u00f5es (SENHAS)&nbsp; fracas<\/span>.<\/p>\n<p style=\"text-align: justify;\">Pequeno v\u00eddeo utilizando Fail2ban como prote\u00e7\u00e3o em ataque de dicion\u00e1rio (BRUTEFORCE) no SSH.<\/p>\n<p style=\"text-align: justify;\"><strong><span style=\"color: #ff0000;\">AVISO IMPORTANTE<\/span><br \/>\n<\/strong><\/p>\n<p style=\"text-align: justify;\">Utilize a ferramenta somente para fins profissionais e de forma \u00e9tica \u201cinvas\u00e3o de computador \u00e9 Crime\u201d!<\/p>\n<p>&nbsp;<\/p>\n<p style=\"text-align: center;\"><iframe loading=\"lazy\" src=\"https:\/\/www.youtube.com\/embed\/hsVHs6mLmkc\" title=\"YouTube video player\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture\" allowfullscreen=\"\" width=\"640\" height=\"360\" frameborder=\"0\"><\/iframe><\/p>\n<p>&nbsp;<\/p>\n<p>Um grande abra\u00e7o a todos !!!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Fail2ban pro\u00edbe os IPs que mostram certos&nbsp; sinais maliciosos, bem como&nbsp;muitas&nbsp; tentativas de autentica\u00e7\u00f5es, atrav\u00e9s de senhas (BRUTE FORCE &#8211; ATAQUE DE DICION\u00c1RIO). Geralmente Fail2Ban \u00e9&nbsp; usado para rejeitar os endere\u00e7os IPs, por um determinado per\u00edodo de tempo, embora trabalha com diferentes tipos de filtros para v\u00e1rios servi\u00e7os, como: (Apache, ssh, etc). Fail2Ban \u00e9 capaz [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":8677,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[89,100,21],"tags":[],"class_list":["post-8674","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-basico","category-diversos","category-exploits"],"_links":{"self":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/8674","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/comments?post=8674"}],"version-history":[{"count":24,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/8674\/revisions"}],"predecessor-version":[{"id":19323,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/posts\/8674\/revisions\/19323"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media\/8677"}],"wp:attachment":[{"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/media?parent=8674"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/categories?post=8674"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ethicalhacker.com.br\/site\/wp-json\/wp\/v2\/tags?post=8674"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}