How to temporary Block client who are Guessing a voucher code?
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.How to temporary Block client who are Guessing a voucher code?
This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
How to temporary Block client for 1hr who are Guessing a voucher code? after failed 3 attempt for example?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
Please refer to the attached photo, when you click "block", the clients will not connect to the SSID.
- Copy Link
- Report Inappropriate Content
TS probably means auto-block feature. If you have pretty big network, you cannot manually block every user, who is trying to hack your network. Something like if the user cannot authenticate via 5 attempts, it will block him for 30 minutes.
- Copy Link
- Report Inappropriate Content
Hi Mitya,
Thank you for your explaination about this. Omada Controller doesn't have this feature.
As you said, someone may try to guess the voucher code. But we needn't worry about this. Each voucher code is at least 6 digits. The probability that we can guess this code correctly is very, very small.
- Copy Link
- Report Inappropriate Content
Still no defense from brute force attack.
You can't brute force WPA/WPA2 (you need decades), while after you already connected to the network, you can brute force voucher. Don't you think, that controller can be also attacked by many attempts?
- Copy Link
- Report Inappropriate Content
Mitya, as an update: you can indeed brute-force WPA2 in just minutes using hashcat, that's why WPA3 has been developed. Nevertheless, any server/portal authentication method should have a limit to mitigate against brute-force attacks.
forrest, see for example the firmware of TL-WDR4300: it has a maximum limit for authentication in its web UI. When more than 10 login attempts have failed, the web UI will block further attempts to log in for next 2 hours. Such a limit would be a good feature for any portal-related auth mechanism, not only vouchers, but user passwords, too. At least the portal software should refuse further login attempts for some seconds if the previous login failed.
- Copy Link
- Report Inappropriate Content
Yes please consider this security feature on next controller update, some strangers on my network that keep on guessing voucher codes everyday and it really bothers me. At least temporary block them for a certain period of time if a no. of failed login attempts commited.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
From the log we can know that the client was trying to guess the voucher code. He tried many times but failed. As I said, the possibility that he gets it is very, very small. So we don't have to worry about it.
Thank you for your feedback. We will add this to our suggestion list.
- Copy Link
- Report Inappropriate Content
Just my 2cents as I've encountered this too, as forrest says, its very very small but its also very annoying to look at your logs and see 2 pages of 100 lists worth of failed authentications. From my experience some customers already entered the correct voucher but by some instance they are still in the enter voucher page and keep on entering the voucher code and it replied voucher expired without checking if they are already connected to the network/internet. Some are just very annoyingly keep on pressing the login for any bug/exploit/restart the server oC200 (for a no authentication bug (solve) in the old firmware of EAP). So as R1D2 said, its better to have a delay or number of attempts per login then delay then auto block for x numbers of mins/hrs.
- Copy Link
- Report Inappropriate Content
- Copy Link
- Report Inappropriate Content
Information
Helpful: 1
Views: 3770
Replies: 11
Voters 0
No one has voted for it yet.