V-001 - SSH Brute Force Simulation
Related Risk
Target Controls
Objective
Validate that administrative access controls detect and mitigate repeated unauthorized login attempts.
Description
Simulate multiple failed SSH login attempts to reproduce a brute-force behavior.
Execution Method
- attempt SSH connections using invalid credentials
- repeat attempts multiple times from the same source IP
Expected Outcome
- failed login attempts are logged
- CrowdSec detects abnormal behavior
- source IP is blocked or banned
Observed Outcome
(To be filled)
Detection Result
(To be filled)
Conclusion
(To be filled)
Evidence
- SSH logs
- CrowdSec alerts / decisions
Notes
- depends on CrowdSec configuration
- no centralized logging yet