Results 1 to 2 of 2

Thread: Avoiding Brutal Force Attacks

  1. #1
    Join Date
    May 2007
    Location
    Brazil
    Posts
    19
    Rep Power
    8

    Default Avoiding Brutal Force Attacks

    Hello everybody!

    I tried brutal force attack in my own server. I was outside the private network. I got a very good attack rate though. The avarage was 22tries/sec. I also tried the same attack in several different servers. I.E. Hotmail and other free ones. All of them blocked my IP address after trying a few times. It seems to be the best kind of protection, although I don't know where this protection is made.

    Another server I tryed the attack offered a low rate of attaks per second (less than 2/sec). It complicates the attack but it is still possible.

    I know that a good password policy is a huge issue to be considered, but it's hard get the users to understand it. When they have a strong password, they write it down and leave the note beside their computer. :S

    Yet, Zimbra offers the option of blocking the account after X failed loggins for Y time. If this issue is enabled, someone can keep blooking some account on purpose (terrorism).


    What would be the best way to prevend this kind of attack? How do the free servers block the ip address?


    Thanks in advance.

    Tilinho

  2. #2
    Join Date
    Oct 2005
    Location
    Thatcher, AZ
    Posts
    5,606
    Rep Power
    21

    Default

    All account logins are logged to /opt/zimbra/log/audit.log
    We log IP as well.
    You can use that to block an IP or IP range at your firewall.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •