Questions tagged [brute-force-attacks]
194 questions
4
votes
1 answer
User account was locked out from exchange server - how to prevent in future?
I had a bizarre instance this morning and I'm hoping someone can help me shed some light as to what's happened.
A user complained about being locked out this morning. After resetting the password, we noticed that the account was almost…
![](../../users/profiles/50197.webp)
DKNUCKLES
- 4,028
- 9
- 45
- 60
4
votes
2 answers
How to stop or prevent Postfix / smtpd / Sasl brute forcing
There are numerous attempts to connect to my mail server in order to send mail either unauthenticated or to guess username and password to, I suppose, accomplish the same.
Should I fight against that, just like in ssh case, and how?
Just a note: I…
![](../../users/profiles/178855.webp)
Miloš Đakonović
- 640
- 3
- 9
- 28
4
votes
3 answers
Check IP who is visiting my site on nginx
I don't really want to know about this since I would like to keep it really private and give my visitor their privacy as much as possible (Not that my blog is popular though).
I just installed Ubuntu with nginx from Digital Ocean with the Ghost…
![](../../users/profiles/199627.webp)
alicoding
- 43
- 1
- 3
4
votes
3 answers
Prevent brute force attacks in Microsoft FTP Server (IIS6/7)
Looking over my ftp-server logfiles, I find a lot of brute force attacks, where the same IP-address tries 100s of username/password combinations.
Is there something I can do to make life harder on these brute force attackers? Something like an IP is…
![](../../users/profiles/1194.webp)
Kjensen
- 1,009
- 9
- 28
- 39
4
votes
1 answer
How can I stop brute force with IIS6 basic http authentication?
Is there a way to restrict incorrect login attempts and add some sort of timeout to stop basic auth being brute forced, using IIS?
![](../../users/profiles/85421.webp)
Andrew
- 53
- 3
4
votes
1 answer
Attempt to access SQL Server with the user SA
Possible Duplicate:
Attempt to access SQL Server with the user SA
I'm suffering an attempted invasion by brute force.
A bot is trying to figure out the sa password. How do I restrict logins 3 attempts in SQL Server?
Moreover, I would like to…
![](../../users/profiles/81852.webp)
ridermansb
- 215
- 3
- 9
4
votes
1 answer
How to use fail2ban to parse Nginx access log to count 404's and ban ip addresses?
How can I use fail2ban to parse Nginx access log to count 404's and 502's, and ban ip addresses with too many requests?
![](../../users/profiles/41493.webp)
deb
- 245
- 1
- 4
- 7
4
votes
2 answers
How to secure Outlook Web Access against Brute Force attack?
I'd like to secure Outlook Web Access with Exchange 2010 against a brute force attack using account lockout.
What is the best way to do this?
I have the following group policy:
Computer Configuration\Windows Settings\Security Settings\Account…
![](../../users/profiles/49995.webp)
SLY
- 1,286
- 1
- 13
- 28
4
votes
0 answers
Nginx: Rate limit failed basic auth attempts
Given a simple HTTP Basic Auth setup in Nginx (1.14.1 at time of writing) like this:
server {
...
location / {
auth basic "HTTP Auth Required";
auth basic user file "/path/to/htpasswd";
}
}
... how would one apply rate limiting to…
![](../../users/profiles/60165.webp)
JinnKo
- 411
- 3
- 7
3
votes
3 answers
How long should I make my SSL cert valid for?
* sgsax hates ssl certs
< Landon> indeed
< Landon> next time my servers cert expires I'm just going to make one
for 100 years or something ridiculously long
Is there anything wrong with the above reasoning? Obviously someone might…
![](../../users/profiles/919.webp)
jldugger
- 14,122
- 19
- 73
- 129
3
votes
3 answers
Remote users attempting to gain access to root mysqld
I have just reviewed my syslog file and notice a TON of entries of the following:
Aug 25 13:06:17 ssrv001 mysqld: 150825 13:06:17 [Warning] Access denied for user 'root'@'61.160.232.48' (using password: YES)
The ip is malicious as no one but…
![](../../users/profiles/238269.webp)
nullReference
- 263
- 1
- 3
- 10
3
votes
1 answer
Ban IP Address on unsuccessful login on Server 2003
I'm regularly under brute force attacks on my Windows Server 2003 with Citrix installed. How can I automatically ban IP addresses that have several unsuccessful login attempts ?
This question has already a couple of answers that work on Windows…
![](../../users/profiles/185321.webp)
Lorenz Meyer
- 430
- 2
- 9
- 25
3
votes
10 answers
Ubuntu Server SSH
I have a server with ubuntu. I do work on it over SSH. I had a problem with brute force attempts over port 22. I changed the port and I assumed it fixed the brute force problem. Am I right or are the attempts on another port just not logged anymore…
Rob
3
votes
5 answers
Is it typical to get brute force attack attempts on a brand new server?
I recently migrated to a new host, a VPS solution. From day one, I started getting WHM/cPanel notifications of brute force attack attempts via root on the main account, 3-4 times per day. I know this is more and more typical in general, but...
My…
![](../../users/profiles/171682.webp)
technoTarek
- 133
- 5
3
votes
1 answer
Apache / Ubuntu 9.04: How do I counter-threats and improve the security of my server environment?
Our server hosts over a thousand sites, and some of them seem to have been hijacked by malicious scripts. These scripts run actions normally performed by a legitimate user en masse, causing severe strees on our server and often requires us to…
![](../../users/profiles/141568.webp)
SFox
- 133
- 4