BFD (Brute Force Detection) is a free software tool to help you prevent brute force attacks on your dedicated server.  A brute force attack is most commonly used to gain root access to the server by using password-guessing technology.  BFD will detect multiple login attempts and prevent the attackers from escalating into a brute force attack.

Before you can install BFD, you need to have APF Firewall installed on your server.  BFD works in conjunction with APF to offer you a comprehensive security solution.  To install BFD, follow these simple steps:

1. Login to your server via SSH and become root.
2. Create a temporary directory to store the downloaded files.

mkdir /root/myfiles
cd /root/myfiles

3. Download BFD from rfxnetworks:

wget http://www.rfxnetworks.com/downloads/bfd-current.tar.gz

4. Upack the compressed archive and then change to the new directory:

tar -xvzf bfd-current.tar.gz
cd bfd-1.4

5. Execute the install file:

./install.sh

It should come up with a message such as this:

.: BFD installed
Install path: /usr/local/bfd
Config path: /usr/local/bfd/conf.bfd
Executable path: /usr/local/sbin/bfd

Be sure to read the documentation for information about configuring the software and using APF’s firewall rules in conjunction with it.  Once you have configured it to your liking, you can run the program with:

/usr/local/sbin/bfd -s

BFD is a free and open source modular shell script created by R-fx Networks.  In addition to APF and BFD, R-fx Networks provides a number of other free and open source security solutions for
dedicated servers, including LES (Linux Environment Security) and LMD (Linux Malware Detect).

By: Tavis J. Hampton