Configuring login attack prevention
The login attack prevention feature detects a login DoS attack if a user fails the maximum number of successive login attempts. The feature triggers the blacklist feature to add the user's IP to the blacklist. Following login attempts from the user is blocked for the block period. For login attack prevention to take effect, you must enable the global blacklist feature.
This feature can effectively prevent login DoS attacks.
To configure login attack prevention:
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Enable login attack prevention. | attack-defense login enable | By default, login attack prevention is disabled. |
3. Set the maximum number of successive login failures. | attack-defense login max-attempt max-attempt | The default value is three. |
4. Set the block period during which a login attempt is blocked. | attack-defense login block-timeout minutes | The default value is 60 minutes. |
5. Enable the global blacklist feature. | blacklist global enable | By default, the global blacklist feature is disabled. |