Criteria for Blocking Devices in senhasegura

senhasegura has an embedded Host-based Intrusion Detection System (HIDS) using Wazuh, which prevents unauthorized access attempts to the system.

  1. Blocking Criteria:
  • SSH Authentication Failures:
    • The system monitors SSH connection attempts.
    • After three consecutive failed authentication attempts, the source IP will be automatically blocked.

This mechanism is essential to protect the senhasegura environment against potential brute force attacks and unauthorized accesses.

  1. Documentation and References:

For more information on configuring and managing the HIDS in senhasegura, refer to the following links:

  1. How to manage the server

  2. Host-based Intrusion Detection System (Wikipedia)