I am currently running Enerprise Premium version 7.58.
I have been seeing an uptick in brute force attacks from the outside attempting to log into valid email addresses on my mailenable server. The only methods in mailenable that I see to combat this are the user lockout (problem with this is the customer is the one that gets punished by having their account locked down) and the abuse detection and prevention.
How many attempts have to be made before the abuse detection and prevention actually kick in and lock out an address as it seems like it isn't doing its job. Also are there any other tools or options I can use to prevent these outside sources from constantly cracking away at a users password till they eventually crack their way in? Is there any way to establish tarpitting in mailenable to deter the attempts by slowing down their ability to keep trying logins over and over?
Andy
brute force attacks
-
- Site Admin
- Posts: 9738
- Joined: Mon Mar 22, 2004 4:44 am
- Location: Melbourne, Victoria, Australia
Re: brute force attacks
Hi,
For abuse detection and prevention values please see: http://www.mailenable.com/kb/content/ar ... D=me020610
Other than the security options available within MailEnable to help prevent Dos Attacks the next step is to stop them from connecting to the MailEnable server via a firewall or spam gateway that is specifically designed to stop Dos attacks.
For abuse detection and prevention values please see: http://www.mailenable.com/kb/content/ar ... D=me020610
Other than the security options available within MailEnable to help prevent Dos Attacks the next step is to stop them from connecting to the MailEnable server via a firewall or spam gateway that is specifically designed to stop Dos attacks.
Regards,
Ian Margarone
MailEnable Support
Ian Margarone
MailEnable Support
Re: brute force attacks
I am in the same situation, I have abuse detection turned on with a threshold of 5 and getting constant attempts to crack passwords, my system messages are littered with abuse detection entries every 10 minutes. I have had 6 passwords cracked this week, I will try enforce more complicated passwords.
Can anyone recommend a firewall or spam gateway that would deal with these kind of attacks?
Can anyone recommend a firewall or spam gateway that would deal with these kind of attacks?
Re: brute force attacks
pfSense firewall with postfix/postscreen forwarder package.
-
- Posts: 6
- Joined: Thu Oct 02, 2014 8:34 pm
Re: brute force attacks
http://www.scrolloutf1.com/
Open Source spam gateway based on Debian and works like a champ. Been using it for a few months now.
Open Source spam gateway based on Debian and works like a champ. Been using it for a few months now.
Re: brute force attacks
Hi,
The attacks can happen anytime and you even don't know about it. Well you may be not aware of Brute force attack and this is also very harmful. When it attacks you may don't know and therefore you should know about it. Well some of the tips are there which can help you to protect you from brute force attack.
See more on: http://www.combatpcviruses.com/brute-fo ... ots-at-bay
The attacks can happen anytime and you even don't know about it. Well you may be not aware of Brute force attack and this is also very harmful. When it attacks you may don't know and therefore you should know about it. Well some of the tips are there which can help you to protect you from brute force attack.
See more on: http://www.combatpcviruses.com/brute-fo ... ots-at-bay