-
Notifications
You must be signed in to change notification settings - Fork 6
Stop Bruteforce
The script checks the logs and blocks the ip address depending on the specified parameters. The Protect-FromBruteforce cmdlet returns the instances of IPAddress that match the search parameters.
Stop-Bruteforce
[-Attemts <int>]
[-Last <float>]
[-Expire]
[-WhatIf]
List of parameters for Stop-Bruteforce:
Attempts selects by the number of failed login attempts specified in the parameter.
Last specifies the time period in hours for which the log should be fetched.
Expire removes all previously entered ip addresses from the "Stop-Bruteforce" firewall rule.
Whatif shows the result of execution without creating or changing firewall rules.
Script will block all ip addresses that have made a mistake in entering a username or password 10 times in the last hour.
Stop-Bruteforce -Attempts 10 -Last 1Script blocks all ip addresses that have made a mistake in entering a username or password 10 times in the last hour and clears the list of previously blocked IP addresses.
Stop-Bruteforce -Attempts 10 -Last 1 -Expire