One of our customers is using Advanced ETL Processor to stop brute force attacks on their Windows SFTP server
Here is how it works:
- Every time malicious users tries to connect to the server, the IP address is written into the windows event log.
- Advanced ETL processor scans event log and saves a list of IP addresses into the text file.
- Advanced ETL processor executes PowerShell script and blocks the IP address in Windows Firewall.
To view the example follow the steps below
- Download and install Advanced ETL Processor [Link]
- Download and Unzip example[Link]
- Create a new directory and call it Scripts
- Create a new transformation and open .ats file
- Double click on the Reader object and select computer name
- Double click on the Writer object and set the connection name to "Script"
- Save transformation
- Create a new package and open .wfp file
Double click on transformation and select 0013 Extract IP Addresses
- Run the package by pressing the green arrow.
Please contact us if you need help with transforming the data
|Visit ETL Tools Forum|