Korbinian, I'm sorry if I wasn't clear: I didn't plan on blocking anymore permanently, just add "one second delays" if some IP was flooding me to render brute force attacks useless and impractical.
Could you please explain "cachapta" / provide a link to an article? Regards, Johannes Korbinian Bachl wrote: >Bad idea - some ISPs and proxys would be locked out... cachapta would be >solution of choice here. > >Regards > >Korbinian > > > > > >>-----Ursprüngliche Nachricht----- >>Von: [EMAIL PROTECTED] >>[mailto:[EMAIL PROTECTED] Im Auftrag >>von Johannes Fahrenkrug >>Gesendet: Montag, 6. November 2006 14:01 >>An: wicket-user@lists.sourceforge.net >>Betreff: [Wicket-user] Prevent Brute Force and the like >> >>Hi! >> >>I'd like to prevent brute force attacks on the login page of >>my wicket application. What would be the best approach? This >>is what I'm thinking about doing: Record when the last >>request for the loginpage from a certain IP came in and only >>handle the request when at least a second or two have passed. >>This would have to be done application wide because when an >>attacker uses a tool like cURL a new session is created with >>each request. >> >>So what would you guys suggest? >> >>- Johannes >> >>-------------------------------------------------------------- >>----------- >>Using Tomcat but need to do more? Need to support web >>services, security? >>Get stuff done quickly with pre-integrated technology to make >>your job easier Download IBM WebSphere Application Server >>v.1.0.1 based on Apache Geronimo >>http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&; >> >> >dat=121642 > > >>_______________________________________________ >>Wicket-user mailing list >>Wicket-user@lists.sourceforge.net >>https://lists.sourceforge.net/lists/listinfo/wicket-user >> >> >> > > >------------------------------------------------------------------------- >Using Tomcat but need to do more? Need to support web services, security? >Get stuff done quickly with pre-integrated technology to make your job easier >Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo >http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 >_______________________________________________ >Wicket-user mailing list >Wicket-user@lists.sourceforge.net >https://lists.sourceforge.net/lists/listinfo/wicket-user > > > ------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642 _______________________________________________ Wicket-user mailing list Wicket-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/wicket-user
