I'm making a program where the user logs into the server with a username and password only the server knows. They have 4 tries to get the correct username and password. If they do not enter the correct login information in 4 tries, the server will close connection to the client.
The next part of the program which I need help with is permanently banning the user from connecting for further attempts. When the user is logging in for the first time and gets all 4 attempts wrong, their ip address is written to a file called "userIP.txt".
What I tried to do was read the file and if it matches the user's IP address, they will be banned from the program. It doesn't work - when they come back to the program it lets them log in again.
I know this may not be the best way to ban a user from the server, but my assignment requires me to ban their ip address.
Actually, banning by IP address is sort of a last-resort solution. IP addresses are not reliable indicators of identity. For example, for years, every computer on the mousetech.com LAN looked to the Internet like it had the IP address of 192.168.14.19. Because they were all behind a NAT firewall.
More commonly, one locks out login IDs, and there you have a choice - reject further login attempts for a fixed period or lock the account until it's manually reset. Linux also puts a delay into the login process so that the amount of time it takes to crack using a brute-force (dictionary-style) approach becomes prohibitively long.
I have many apps on my machines, so one of my first lines of defense is a process called "fail2ban". This utility monitors messages going to the system logfiles such as attempts to access forbidden ports or make "cracker" HTTP URL requests. When fail2ban sees a pattern of abuse, it adds the source IP harvested from the log message to a blacklist used by the firewall. So if someone attempts a port-scan, I slam the door on them. And, alas, on any given day there are literally thousands of ill-intentioned requests aimed at each of my public servers.
When it comes to destroying a civilization, gas chambers cannot hold a candle to echo chambers.
Men call me Jim. Women look past me to this tiny ad:
global solutions you can do at home or in your backyard