Is your feature request related to a problem? Please describe.
Right now everyone can connect to the server repeatedly as often as he wants to to try bruteforcing the public key which is needed to authenticate to the server. Besides that, denial-of-service attacks are prossible. That is due to the fact that rustdesk does not log (failed) authentication attempts (with source ip addresses) anywhere which would make it possible to use tools like fail2ban or crowdsec to ban repeated offenders.
Describe the solution you'd like
I'd like rustdesk-server to add an option to enable auth logging which would log (failed) authentication attempts to a logfile which could be used by above mentioned daemons to ban ip adresses which repeatedly fail to authenticate against the server.
Describe alternatives you've considered
I did enable debug logs by adding Environment="RUST_LOG=debug" to the systemd unit which is starting rustdesk-server according to the FAQ but since that logs all connections and doesnt differentiate between successful/failed authentications using fail2ban on it creates the risk of banning legitimate users. That risk gets even greater when considering the fact that a successfully established remote control session logs 8 lines containing the source ip address while an illegitimate connection (trying to connect with a wrong key specified in the Client settings under "network" -> "ID/Relay server" -> "Key") only logs 2 lines.
Is your feature request related to a problem? Please describe. Right now everyone can connect to the server repeatedly as often as he wants to to try bruteforcing the public key which is needed to authenticate to the server. Besides that, denial-of-service attacks are prossible. That is due to the fact that rustdesk does not log (failed) authentication attempts (with source ip addresses) anywhere which would make it possible to use tools like fail2ban or crowdsec to ban repeated offenders.
Describe the solution you'd like I'd like rustdesk-server to add an option to enable auth logging which would log (failed) authentication attempts to a logfile which could be used by above mentioned daemons to ban ip adresses which repeatedly fail to authenticate against the server.
Describe alternatives you've considered I did enable debug logs by adding
Environment="RUST_LOG=debug"to the systemd unit which is starting rustdesk-server according to the FAQ but since that logs all connections and doesnt differentiate between successful/failed authentications using fail2ban on it creates the risk of banning legitimate users. That risk gets even greater when considering the fact that a successfully established remote control session logs 8 lines containing the source ip address while an illegitimate connection (trying to connect with a wrong key specified in the Client settings under "network" -> "ID/Relay server" -> "Key") only logs 2 lines.