Skip to Content

Solved: How do I secure and limit SSL-VPN unknown user login (Brute force attack)?

This article how to process when there is brute force attack on SSL-VPN login attempts with random users/unknown users and how to protect from SSL-VPN brute-force logins.

Attacker is trying to use dynamic IP address and random admin user account to login via SSL-VPN.

Solution

In this situation, process as below:

Step 1: Use strong passwords for all accounts:

This includes password rules like in this example:

  • Passwords must have a minimum length of 12 characters.
  • Passwords must contain numbers.
  • Passwords must contain special characters.
  • Passwords must contain upper ‘-‘ and lowercase letters.
  • Passwords must have an age below 8 weeks.

Step 2: Implement Two-factor authentication for all accounts:

Two-factor authentication prevents an attacker from being able to log in to an account only with a username and password.

With the third factor, the attacker needs access to additional information like the smartphone (in case of push token) or a 6-digit number (in case of mobile or hardware Tokens).

Step 3: Ensure, that admin users have no access to the SSL-VPN portal.

It is recommended to differentiate user accounts that are allowed to access VPN solutions and administrative accounts that are only allowed to access the administrative interfaces.

Step 4: Change the listening Port for the SSL-VPN portal.

Using another port is an easy but effective measurement if an attacker is only probing the default port of an application.

Do not forget to change the port on all VPN clients too. Otherwise, the connection will break.

Step 5: Limit the count of failed login attempts until the user is banned.

Step 6: Restrict the source IP address area.

If users only need access to the SSL-VPN portal from a specific source address or range, it is possible to limit the allowed source addresses to those addresses nd also restrict users based on country or geography addresses.

Alex Lim is a certified IT Technical Support Architect with over 15 years of experience in designing, implementing, and troubleshooting complex IT systems and networks. He has worked for leading IT companies, such as Microsoft, IBM, and Cisco, providing technical support and solutions to clients across various industries and sectors. Alex has a bachelor’s degree in computer science from the National University of Singapore and a master’s degree in information security from the Massachusetts Institute of Technology. He is also the author of several best-selling books on IT technical support, such as The IT Technical Support Handbook and Troubleshooting IT Systems and Networks. Alex lives in Bandar, Johore, Malaysia with his wife and two chilrdren. You can reach him at [email protected] or follow him on Website | Twitter | Facebook

    Ads Blocker Image Powered by Code Help Pro

    Your Support Matters...

    We run an independent site that is committed to delivering valuable content, but it comes with its challenges. Many of our readers use ad blockers, causing our advertising revenue to decline. Unlike some websites, we have not implemented paywalls to restrict access. Your support can make a significant difference. If you find this website useful and choose to support us, it would greatly secure our future. We appreciate your help. If you are currently using an ad blocker, please consider disabling it for our site. Thank you for your understanding and support.