brute force attacks

Discussion forum for Enterprise Edition.
Post Reply
avogt
Posts: 1
Joined: Fri Oct 31, 2014 6:55 pm

brute force attacks

Post by avogt »

I am currently running Enerprise Premium version 7.58.

I have been seeing an uptick in brute force attacks from the outside attempting to log into valid email addresses on my mailenable server. The only methods in mailenable that I see to combat this are the user lockout (problem with this is the customer is the one that gets punished by having their account locked down) and the abuse detection and prevention.

How many attempts have to be made before the abuse detection and prevention actually kick in and lock out an address as it seems like it isn't doing its job. Also are there any other tools or options I can use to prevent these outside sources from constantly cracking away at a users password till they eventually crack their way in? Is there any way to establish tarpitting in mailenable to deter the attempts by slowing down their ability to keep trying logins over and over?

Andy

MailEnable-Ian
Site Admin
Posts: 9738
Joined: Mon Mar 22, 2004 4:44 am
Location: Melbourne, Victoria, Australia

Re: brute force attacks

Post by MailEnable-Ian »

Hi,

For abuse detection and prevention values please see: http://www.mailenable.com/kb/content/ar ... D=me020610

Other than the security options available within MailEnable to help prevent Dos Attacks the next step is to stop them from connecting to the MailEnable server via a firewall or spam gateway that is specifically designed to stop Dos attacks.
Regards,

Ian Margarone
MailEnable Support

twun
Posts: 24
Joined: Tue Dec 16, 2014 6:42 pm

Re: brute force attacks

Post by twun »

I am in the same situation, I have abuse detection turned on with a threshold of 5 and getting constant attempts to crack passwords, my system messages are littered with abuse detection entries every 10 minutes. I have had 6 passwords cracked this week, I will try enforce more complicated passwords.

Can anyone recommend a firewall or spam gateway that would deal with these kind of attacks?

Philb
Posts: 50
Joined: Fri Jul 25, 2003 11:02 pm
Location: Sydney, NSW, Australia

Re: brute force attacks

Post by Philb »

pfSense firewall with postfix/postscreen forwarder package.

jmills1986
Posts: 6
Joined: Thu Oct 02, 2014 8:34 pm

Re: brute force attacks

Post by jmills1986 »

http://www.scrolloutf1.com/
Open Source spam gateway based on Debian and works like a champ. Been using it for a few months now.

stephanic
Posts: 1
Joined: Tue Aug 30, 2016 7:55 am

Re: brute force attacks

Post by stephanic »

Hi,
The attacks can happen anytime and you even don't know about it. Well you may be not aware of Brute force attack and this is also very harmful. When it attacks you may don't know and therefore you should know about it. Well some of the tips are there which can help you to protect you from brute force attack.
See more on: http://www.combatpcviruses.com/brute-fo ... ots-at-bay

Post Reply