Yes, you´re right, i am looking for fail2ban right now, but the captcha would be perfect, the first login user password and captcha, than the TOTP.
Thanks Nick. Em qui., 19 de mar. de 2020 às 15:29, Nick Couchman <[email protected]> escreveu: > On Thu, Mar 19, 2020 at 12:12 PM Guilherme Carvalho <[email protected]> > wrote: > >> Hello guys, i have a doubt, is it possible to setup a Captcha on the >> first login page?? >> > > I have no doubt this would be possible. There's no out-of-the-box way to > do it, today, but I would think an extension could be written to allow it > to function very similarly to TOTP or RADIUS with MFA. > > >> I´m using LDAP + TOTP, but the problems is, if somebody tried to connect >> many times with an user on the guacamole, this account got blocked on the >> AD, so many services will stop and i couldn´t connect. >> >> > I think Mike has suggested previously elsewhere that fail2ban might be a > good option for preventing these sorts of attacks as it will block access > to the server from that IP. Obviously if someone is intent on attacking > they will do so from multiple IPs, so it won't be perfect, but nothing is. > > -Nick > >>
