2.
Now enter:
•
Name: HTTPLogin
•
Authentication Agent: HTTP
•
Authentication Source: Local
•
Interface: lan
•
Originator IP: lannet
3.
For Local User DB choose lan_users
4.
For Login Type choose HTML form
5.
Click OK
C. Set up an IP rule to allow authenticated users to browse the Web.
1.
Go to: Policies > Firewalling > Main IP Rules > Add > IP Rule
2.
Now enter:
•
Name: allow_http_auth
•
Action: NAT
•
Service: http-all
•
Source Interface: lan
•
Source Network: lan_users_net
•
Destination Interface any
•
Destination Network all-nets
3.
Click OK
8.2.8. Brute Force Protection
Overview
By default, NetDefendOS applies brute force protection to any authentication which involves the
validation of username/password credentials against a local user database (a database defined
within NetDefendOS and not an external database). This means that a management login via the
Web Interface or SSH is also protected by this feature.
This feature cannot be turned off by the administrator, nor are there any properties which can be
adjusted for this mechanism. However, the administrator does have methods available to
monitor the activity of the feature and that can allow them to see if such attacks are taking place
or have taken place
Protecting Against Brute Force Attacks
630
Chapter 8: User Authentication