Re: Preventing brute force attacks...

From: Peter H. Coffin (no email)
Date: Fri Aug 01 2003 - 19:04:36 EDT

Next message: Wietse Venema: "Re: Postmap"
Previous message: Wietse Venema: "Re: Postmap"
Maybe in reply to: Rob Hutton: "Preventing brute force attacks..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Fri, Aug 01, 2003 at 06:36:51PM +0200, Tony Earnshaw wrote:
> Rob Hutton wrote:
>
> >Is there any built in mechanism for locking out an account for a specified
> >period in the case of an attempt to brute force the password with
> >SMTP-AUTH?
>
> TARPIT CONTROLS, sample-smtpd.cf. Was one of the first things I had to
> get working :)

Firewalling the offending IP for a week or two tends to get the message
across as well.

-- 
"This place is evil! We need weapons! Crossbows! Rocket Launchers! 
Rent-a-zilla!"
                 -- L33t Master Largo  www.megatokyo.com

Next message: Wietse Venema: "Re: Postmap"
Previous message: Wietse Venema: "Re: Postmap"
Maybe in reply to: Rob Hutton: "Preventing brute force attacks..."
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Invaluement Anti-Spam DNSBLs