NoMachine Support

Your questions answered

Knowledge Base

Searching in: Articles & FAQs
Filter the search results
Applies to:
Last update:
Searching in: Articles & FAQs
ID: AR09R01096
Applies to: NoMachine Software
Added on: 2020-09-11
Last update: 2020-09-11
How to protect NoMachine connections against massive brute force attacks and DDoS

One of the possibility to protect your business or service from massive DoS (Denial of Service) or DDoS (Distributed Denial of Service) attacks, is to limit the number of concurrent connections that can be accepted in a given interval of time.

NoMachine client connections by NX protocol

In order to mitigate DoS attach for NoMachine connections by NX protocol, it's possible to activate the following keys in the server configuration file (available since NoMachine v. 6.11.2):

1) Specify the maximum number of concurrent connections that nxd, the NoMachine service in charge of accepting connections by NX protocol, should accept:

NXdConnectionsLimit ""

2) Specify the maximum number of connections that nxd should accept in a given interval of time:

NXdConnectionsIntervalLimit ""

3) Specify in seconds the given interval of time:

NXdConnectionsInterval ""

A practical example:

NXdConnectionsLimit "8"
NXdConnectionsIntervalLimit "4"
NXdConnectionsInterval "1"

NoMachine will accept up to 8 concurrent connections by NX protocol and only up to four connections per second.

 

On Linux and macOS, as an alternative, it's possible to adopt a third party software like Fail2ban (https://www.fail2ban.org/) to prevent brute force attack, you may find an example here: https://www.nomachine.com/AR05P00983


NoMachine client connections by SSH protocol

In this case we recommend to use on Linux and macOS a third party program designed to mitigate (D)DoS attacks, like Fail2ban.
 


NoMachine connections by the web

Since v. 6.10.2, the NoMachine built-in Apache web server, nxhtd, includes the mod_evasive module, https://github.com/jzdziarski/mod_evasiv).

One of the possibility to protect your business or service from massive DoS or DDoS Distributed Denial of Service) attacks, is to limit the number of concurrent connections that can be accepted in a given interval of time.