Auto black-listing IP addresses based on number of connection attempts. Is it possible.

Post your questions about SoftEther VPN software here. Please answer questions if you can afford.
Post Reply
MyronSz
Posts: 18
Joined: Mon Sep 16, 2019 7:34 pm

Auto black-listing IP addresses based on number of connection attempts. Is it possible.

Post by MyronSz » Mon Mar 16, 2020 2:37 pm

I think someone may read this and try and tell me that it's open source and I should try it myself. Sorry, I don't have the required level of coding expert to do this. This could possibly end up being a feature request?

Is it possible to configure SoftEther so if there are a user configured number of attempts to authenticate over a user configured period of time then when that connection failure attempt threshold is reached, the SoftEther server blacklists the IP address and then the SoftEther VPN administrator would have to either have to manually clear it from the last list or make an exception.

Possibly to allow IP addresses that have been auto-blacklisted to self-remove from the blacklist after a user specified period of time?

ddunston
Posts: 22
Joined: Fri Mar 13, 2020 11:33 pm

Re: Auto black-listing IP addresses based on number of connection attempts. Is it possible.

Post by ddunston » Mon Mar 16, 2020 3:52 pm

MyronSz wrote:
Mon Mar 16, 2020 2:37 pm
I think someone may read this and try and tell me that it's open source and I should try it myself. Sorry, I don't have the required level of coding expert to do this. This could possibly end up being a feature request?

Is it possible to configure SoftEther so if there are a user configured number of attempts to authenticate over a user configured period of time then when that connection failure attempt threshold is reached, the SoftEther server blacklists the IP address and then the SoftEther VPN administrator would have to either have to manually clear it from the last list or make an exception.

Possibly to allow IP addresses that have been auto-blacklisted to self-remove from the blacklist after a user specified period of time?
What OS are you running the server on? There is a tool called Fail2Ban that can be run on Linux and here is a configuration file you can use for it. I've never used this, however:

https://gist.github.com/Erutan409/c4d2d ... fdfad3db20

ddunston
Posts: 22
Joined: Fri Mar 13, 2020 11:33 pm

Re: Auto black-listing IP addresses based on number of connection attempts. Is it possible.

Post by ddunston » Mon Mar 16, 2020 3:54 pm

ddunston wrote:
Mon Mar 16, 2020 3:52 pm
MyronSz wrote:
Mon Mar 16, 2020 2:37 pm
I think someone may read this and try and tell me that it's open source and I should try it myself. Sorry, I don't have the required level of coding expert to do this. This could possibly end up being a feature request?

Is it possible to configure SoftEther so if there are a user configured number of attempts to authenticate over a user configured period of time then when that connection failure attempt threshold is reached, the SoftEther server blacklists the IP address and then the SoftEther VPN administrator would have to either have to manually clear it from the last list or make an exception.

Possibly to allow IP addresses that have been auto-blacklisted to self-remove from the blacklist after a user specified period of time?
What OS are you running the server on? There is a tool called Fail2Ban that can be run on Linux and here is a configuration file you can use for it. I've never used this, however:

https://gist.github.com/Erutan409/c4d2d ... fdfad3db20
As I replied, I thought about writing one for Powershell, but someone has already done it:

https://github.com/glasnt/wail2ban

MyronSz
Posts: 18
Joined: Mon Sep 16, 2019 7:34 pm

Re: Auto black-listing IP addresses based on number of connection attempts. Is it possible.

Post by MyronSz » Wed Mar 18, 2020 7:23 am

ddunston wrote:
Mon Mar 16, 2020 3:52 pm
MyronSz wrote:
Mon Mar 16, 2020 2:37 pm
I think someone may read this and try and tell me that it's open source and I should try it myself. Sorry, I don't have the required level of coding expert to do this. This could possibly end up being a feature request?

Is it possible to configure SoftEther so if there are a user configured number of attempts to authenticate over a user configured period of time then when that connection failure attempt threshold is reached, the SoftEther server blacklists the IP address and then the SoftEther VPN administrator would have to either have to manually clear it from the last list or make an exception.

Possibly to allow IP addresses that have been auto-blacklisted to self-remove from the blacklist after a user specified period of time?
What OS are you running the server on? There is a tool called Fail2Ban that can be run on Linux and here is a configuration file you can use for it. I've never used this, however:

https://gist.github.com/Erutan409/c4d2d ... fdfad3db20
Sorry for late reply and Thank-you for this information. I have the primary SoftEther VPN service running on Debian Linux and I have a back-up that I can bring up that's on a Windows 10 laptop I can wake-up remotely from hibernation.

Post Reply