BRUTEFORCE RECORD ANALYSIS​

Malicious bots often use dictionaries of common names and phrases to find the correct username and password combination to hack an account. They systematically check as many possible login credentials as possible until they succeed. This type of attack is not very elegant and relies on doing many trial and error attempts to log in, which is why it is called a brute force attack. The most common targets for brute force attacks are email accounts and administrators of WordPress / Joomla / Drupal and access to FTP and SSH. These malicious bots usually use many different IP addresses to carry out their attacks.

Issues

FTP, SSH, CMS, and email accounts hacked

Too many failed login attempts

User complaints about closed accounts

The power of Analysis of log in Hayat Host

After you install its Life Host software, the Log Analysis module automatically recognizes the most common log files on your server and begins analyzing them in an efficient and easy-to-use manner.

This module will instantly block brute force attacks as well as many other types of attacks including SQL injection, directory traversal, spam attempts, WordPress user enumeration attack, reverse DDoS via xmlrpc.php, and more.

Host Life‘s log analysis does not require configuration and runs silently in the background, monitoring malicious IP addresses. When this module detects a malicious IP address, it is automatically graylisted by our reputable IP module in real time. We constantly update our IP rules and constantly monitor log files, ensuring you always have the latest protection on your server.

How do we differ from other log analysis solutions?

image-17

Frequent base updates

New log files and rule types are constantly added to our log analysis module for automatic detection.

image-47

false positive price

All crashes caused by newly added rules in Test mode will be applied first. Then, we carefully analyze it to make sure the false positive rate is low.

image-48

Friendship Resource

We use the most powerful techniques (Auditd and Aho-Corasick algorithm) to check log file changes and match patterns.

هجمات DoS

without settings

Host life log analysis starts automatically without any configuration required. Of course, you can configure the moderators and record the tracks as you like.

common questions

Host Life will automatically monitor the most common log files, such as Apache/Nginx access, error logs, system-wide logs, exim4 logs, post-repair logs, and more. If you wish, you can define custom log paths in the module config as well.

This module protects your sites and accounts (WordPress, Joomla, Magento, cPanel, etc.) on your servers (FTP, MySQL, Postfix, OpenSSH, etc.) against a wide range of attacks:

brute force
SQL injection
guide pass
Reflective DDoS Attacks
Autoshell Download Attempts
spam
code injection
WordPress User Count Attacks
XML-RPC attacks

Log file changes are monitored by system calls made by our Auditd feature, so log files don’t have to be open all the time. We also use the most efficient Aho-Corasick algorithm for pattern matching.

Unlike other solutions, we do not permanently blacklist every IP address. Instead, after blocking the IP, we add the IP to the Hyyat graylist.

If the attacks continue, the IP address will be blacklisted. On the other hand, if it is a real login attempt, the IP address can be removed from the gray list. IP addresses can be removed from our gray list in three different ways:

Successfully completes Hyyat Browser Integrity Check or CAPTCHA.

You manually remove the IP address from the gray list through your Host Life dashboard.

It gets automatically deleted if we haven’t seen any crashes from the IP for a while.

All rights reserved to Hayat Host 2022

blank