I came up with the idea to create a class that will help you protect your server from brute force hackers. Chances aren't very big this will happen to you, but still, a good server should be prepared.
Well this release includes the base for it.
Explanation:
When a wrong password is entered, a new Entry is created, and added to a dictionary, every time a wrong password is entered, this entry will be updated and the TimesTried integer will increase by 1. When this integer reaches a maximum, which is integer MaxTrials in the Bruteforce class, the IP will be banned for 15 minutes.
Usage:
In the Main void (Load function) add Bruteforce.Start();
In your packet processor, check if the IP is banned, and also when a wrong password is used, so when the wrong password packet it sent, make sure it adds a trial for the IP connected.
Credits:
- InfamousNoone, I studied his sources before I made this, and I have a strong memory, so it did influence me for sure.
Code:
using System; using System.Collections.Generic; using System.Linq; using System.Threading; namespace AuthServer.Protection { /// <summary> /// Bruteforce Entry which holds all necessary information. /// </summary> public class BruteforceEntry { public string IPAddress; public int TimesTried; public DateTime Unbantime; public DateTime AddedTimeRemove; } public static class Bruteforce { public static int MaxTrials; public static IDictionary<string, BruteforceEntry> Entries = new Dictionary<string, BruteforceEntry>(); private static readonly ThreadStart ThreadStart = ThreadExecute; private static void ThreadExecute() { while (true) { lock (Entries) { DateTime now = DateTime.Now; foreach(BruteforceEntry be in Entries.Values.ToList()) { if (be.AddedTimeRemove <= now) Entries.Remove(be.IPAddress); else if (be.Unbantime <= now && be.Unbantime.Day == DateTime.Now.Day) Entries.Remove(be.IPAddress); } } Thread.Sleep(1500); } } /// <param name="value">Amount of false logins somebody can have before getting banned.</param> public static void Start(byte value = (byte) 11) { MaxTrials = value; new Thread(ThreadStart).Start(); } public static void AddTry(string IPAddress) { lock (Entries) { BruteforceEntry be; if (!Entries.TryGetValue(IPAddress, out be)) { be = new BruteforceEntry { IPAddress = IPAddress, AddedTimeRemove = DateTime.Now.AddMinutes(5), Unbantime = new DateTime() }; Entries.Add(IPAddress, be); } else { be.TimesTried++; if (be.TimesTried >= MaxTrials) be.Unbantime = DateTime.Now.AddMinutes(15); } } } public static bool IsBanned(string IPAddress) { bool isBanned = false; BruteforceEntry be; if (Entries.TryGetValue(IPAddress, out be)) isBanned = (be.Unbantime.Day == DateTime.Now.Day); return isBanned; } } }
- Do press thanks if you like this to show your appreciation, it might just be the reason I will release more.
- Do ask questions in this thread if there are problems.
- You are allowed to modify this.
~Bas.