Displaying 5 results from an estimated 5 matches for "wa9nui".
Did you mean:
wa9nuie
2017 Jul 20
3
under some kind of attack
...e question on this subject:
I would like to create a fail2ban filer, that scans for these lines:
> Jul 20 11:10:09 auth: Info: ldap(user1,60.166.35.162,<cDFXHbxUQgA8piOi>): invalid credentials (given password: password)
> Jul 20 11:10:19 auth: Info: ldap(user2,61.53.66.4,<V+nyHbxU+wA9NUIE>): invalid credentials (given password: password)
(as you can see, I have enabled auth_verbose_passwords to do this,
making me very uncomfortable...)
Anyway: since there are only a few password variations, I would like to
block anyone using those passwords.
(since the connections are over...
2017 Jul 20
0
under some kind of attack
...uld like to create a fail2ban filer, that scans for these lines:
>
>> Jul 20 11:10:09 auth: Info:
>> ldap(user1,60.166.35.162,<cDFXHbxUQgA8piOi>): invalid credentials
>> (given password: password)
>> Jul 20 11:10:19 auth: Info: ldap(user2,61.53.66.4,<V+nyHbxU+wA9NUIE>):
>> invalid credentials (given password: password)
>
> (as you can see, I have enabled auth_verbose_passwords to do this,
> making me very uncomfortable...)
>
> Anyway: since there are only a few password variations, I would like to
> block anyone using those pass...
2017 Jul 20
1
under some kind of attack
> I would like to create a fail2ban filer, that scans for these lines:
>
>> Jul 20 11:10:09 auth: Info: ldap(user1,60.166.35.162,<cDFXHbxUQgA8piOi>): invalid credentials (given password: password)
>> Jul 20 11:10:19 auth: Info: ldap(user2,61.53.66.4,<V+nyHbxU+wA9NUIE>): invalid credentials (given password: password)
>
> (as you can see, I have enabled auth_verbose_passwords to do this,
> making me very uncomfortable...)
>
> Anyway: since there are only a few password variations, I would like to
> block anyone using those passwords.
With a...
2017 Jul 20
3
under some kind of attack
...filer, that scans for these lines:
>>
>>> Jul 20 11:10:09 auth: Info:
>>> ldap(user1,60.166.35.162,<cDFXHbxUQgA8piOi>): invalid credentials
>>> (given password: password)
>>> Jul 20 11:10:19 auth: Info:
>>> ldap(user2,61.53.66.4,<V+nyHbxU+wA9NUIE>): invalid credentials (given
>>> password: password)
>>
>> (as you can see, I have enabled auth_verbose_passwords to do this,
>> making me very uncomfortable...)
>>
>> Anyway: since there are only a few password variations, I would like
>> to block...
2017 Jul 19
3
under some kind of attack
Hi Robert,
On 07/18/2017 11:43 PM, Robert Schetterer wrote:
> i guess not, but typical bots arent using ssl, check it
>
> however fail2ban sometimes is to slow
I have configured dovecot with
auth_failure_delay = 10 secs
I hope that before the 10 sec are over, dovecot will have logged about
the failed login attempt, and fail2ban will have blocked the ip by then.
MJ