https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/228485#M3221 <P>Is there any other option to secure or. block after 5 attempts? 2FW is already in use but customer get brute force everyday.. so I want to stop this. ATM I block everyday new IP address.</P> Mon, 30 Sep 2024 14:25:45 GMT SubZer0 2024-09-30T14:25:45Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/226796#M3218 <P><SPAN>Did anybody add Google Captcha to Mobile Access page? I fond this CheckPoint document: <A href="https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_MobileAccess_AdminGuide/Content/Topics-MABG/Google-reCAPTCHA-Challenge.htm" target="_blank">https://sc1.checkpoint.com/documents/R81.20/WebAdminGuides/EN/CP_R81.20_MobileAccess_AdminGuide/Content/Topics-MABG/Google-reCAPTCHA-Challenge.htm</A> </SPAN></P><P><SPAN>If you used did you have any problems?</SPAN></P> Mon, 16 Sep 2024 13:45:47 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/226796#M3218 SubZer0 2024-09-16T13:45:47Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/226832#M3219 <P>Moved this to the Remote Access space (which is also for Mobile Access Blade)</P> Mon, 16 Sep 2024 16:59:10 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/226832#M3219 PhoneBoy 2024-09-16T16:59:10Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/226869#M3220 <P>There are huge problems with the google captcha.&nbsp;</P><P>Ok, the technical details of this captcha are googles trade secret, so i can only describe an informed guess about what i observe.</P><P>The captcha claims some sort of "behaviour based" response. That seems to be just a misleading name for using all sorts of advertising trackers as input to the captcha process.</P><P>If a user cares for his privacy and uses Ad blockers, cookie managers, Javascript-filters, etc. Google will fight this and punish him. The captcha will never end, Google will deny access to your service.</P><P>On the other hand, if a careless user has a huge footprint on googles tracker databases, the captcha will not even show up and just pass the user.</P><P>So in the end, by using the captcha, you are rewarding carelessness, and punishing responsible behaviour.</P><P>This is not a "I am not a robot" thing, this is a "track me now" thing.</P><P>&nbsp;</P> Tue, 17 Sep 2024 05:12:27 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/226869#M3220 Matthias42 2024-09-17T05:12:27Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/228485#M3221 <P>Is there any other option to secure or. block after 5 attempts? 2FW is already in use but customer get brute force everyday.. so I want to stop this. ATM I block everyday new IP address.</P> Mon, 30 Sep 2024 14:25:45 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/228485#M3221 SubZer0 2024-09-30T14:25:45Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/228493#M3222 <P>I implement this in the radius server. Depending on environment, i block a user after x attempts, and unblock after y hours later. Or "tarpit" function, that is make every successive failed attempts excessively slower.</P><P>You can also use the SRC Ip adress of the request as a criteria, i think for that to work you have to enable the sending of extra radius attributes. Search knowledgebase for "Framed IP Address".&nbsp;</P><P>&nbsp;</P> Mon, 30 Sep 2024 14:51:22 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/228493#M3222 Matthias42 2024-09-30T14:51:22Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/228504#M3223 <P>You can configure a SmartEvent Automatic Reaction for this:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="image.png" style="width: 999px;"><img src="https://community.checkpoint.com/t5/image/serverpage/image-id/27924i2FDED18AB09351B4/image-size/large?v=v2&amp;px=999" role="button" title="image.png" alt="image.png" /></span></P> Mon, 30 Sep 2024 15:25:21 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/228504#M3223 PhoneBoy 2024-09-30T15:25:21Z https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/228768#M3224 <P><SPAN>Thanks for this. What are best practice config? I am thinking to set up after 5 connections in 10 seconds to block. </SPAN></P> Wed, 02 Oct 2024 15:14:03 GMT https://community.checkpoint.com/t5/SASE-and-Remote-Access/Google-reCAPTCHA-on-Mobile-Access/m-p/228768#M3224 SubZer0 2024-10-02T15:14:03Z