[OWASP_PHPSEC] isBruteForce ?

Shivam Dixit shivamd001 at gmail.com
Tue Sep 3 16:14:30 UTC 2013


Hello Rahul,

Sorry if I interpreted the brute force condition wrongly. I will explain
you my code, and the value of constants used in it is *not exactly
defined*as I don't have any documentation to decide what is correct
and what is
wrong, abbas will guide us on this. However consider this first :

Consider a scenario in which attacker uses a bot which is set such that it
will try to brute force at *0th second then 1st second, 2nd second, 3rd
second *and then *wait for 5 seconds* and again start from 0th second ,1st
, 2nd ... and so on. Essentially bot will try to make *4 attempts and then
halt for 5 seconds* and so on so forth. Will your brute force filter will
be able to detect such kind of attacks ?


On Tue, Sep 3, 2013 at 9:21 PM, rahul chaudhary <
rahul300chaudhary400 at gmail.com> wrote:

> Hello,
>
> The function definition and the comments, both are correct.
>
> It is written that the failed login attempt will be CONSIDERED for an
> attack, not declared that it IS AN ATTACK. Once marked, another value is
> checked, i.e the total login attempts. After checking both the values, we
> can make correct decision.
>
> Note: My method reduces false positives.
>
>

*Cheers,*
*Shivam*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp_php_security_project/attachments/20130903/41aaab68/attachment.html>


More information about the OWASP_PHP_Security_Project mailing list