similar to: Recommendations on intrusion prevention/detection?

<div dir='auto'>Usually I use pfsense as main firewall with snort blocking all kind of scans and others.<div dir="auto"><br></div><div dir="auto">Fail2ban triggering after 3 unsuccessful tries and for last iptables if Linux or ipfw If Freebsd</div><div dir="auto"><br></div><div

On 2020-04-22 5:29 a.m., Johannes Rohr wrote: > Dear all, > > what are the key strategies for intrusion prevention and detection with > dovecot, apart from installing fail2ban? > It is a pity that the IMAP protocol does not support 2 factor > authentication, which seems to stop 90% of intrusion attempts in their > tracks. Without it, if someone has obtained your password and

<div dir='auto'>Iptables or ipfw you always can create tables / chains and feed those with desirable IP's to ban.<div dir="auto"><br></div><div dir="auto">Something like fail2ban does. Make a big list, remove one or other IP.</div><div dir="auto"><br></div><div dir="auto">On my setup, I

> On 22. Apr 2020, at 19.14, Michael Peddemors <michael at linuxmagic.com> wrote: > The three most common attack vectors, (and attack volumes have never been higher) are: > > * Sniffed unencrypted credentials > (Assume every home wifi router and CPE equipment are compromised ;) > * Re-used passwords where data is exposed from another site's breach > (Users WANT to

I block all my email ports except 25 from countries where I am not going to be sending or receiving email. I also block many datacenters, but blocking Digital Ocean, Vultur and AWS will get you 90%of the way there. You will need to use 587, that is no auth on 25. Again no blocking on 25, just block the other email ports. I get maybe one attempt to log into my email account a week. Yeah not as

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> Those plugins can be resurrected with simple `git revert`. </div> <div> <br> </div> <div> Are you planning on open sourcing your client id authetication plugin? </div> <div> <br> </div>

So I am on of the many users with qmail, and using vpopmail auth, I guess chatting with some other guys in the other mailing list we will convert to mysql driver but this is a lot of work for many people. I do understand dropping things out but a valid solutions needs to be proposed. Remo > On Mar 18, 2020, at 06:49, Michael Peddemors <michael at linuxmagic.com> wrote: > >

Am 23.06.2020 um 07:33 schrieb Bernardo Reino: > If you use postfix a "workaround" is to temporarily disable postscreen, > which IIRC is the one (rightly) complaining about the improper pipelining. > > Cheers, > Bernardo Reino No, submitting on SMTP port 25 would be the wrong step. There's submission on port 587 or submissions (formerly called smtps) on port 465

Is 2 factor authentication possible on dovecot? -- Member - Liberal International This is doctor@@nl2k.ab.ca Ici doctor@@nl2k.ab.ca Yahweh, Queen & country!Never Satan President Republic!Beware AntiChrist rising! Look at Psalms 14 and 53 on Atheism https://www.empire.kred/ROOTNK?t=94a1f39b New Brunswick Save The PRovince Vote Liberal 14 Sept!!

I'm looking for some beta testers to provide feedback on an Asterisk intrusion detection & prevention program we're releasing soon. As a quick overview, the program provides: - banning based on geographic location of source IP (Continent, country, region, city, etc) - detection and banning based on channels in use by a user - detection and banning based on rate of dialing - detection

Situation: We are providing hosting services. I've grown tired of the various kiddie scripts/dictionary attacks on various services. The latest has been against vsftpd, on systems that I can't easily control vs. putting strict limits on ssh. We simply have too many users entering from too many networks many with dynamic IP addresses. Enter.... thinking about LIDS or Log Based

It installed correctly, however when trying to run, I briefly get a window appearing, and then it crashes. A trace reveals: <snip> fixme:ole:MSFT_DoTypeInfo Assign constructor/destructor memid fixme:ole:CoRegisterMessageFilter stub wine: Unhandled exception, starting debugger... Could not stat /mnt/fd0 (No such file or directory), ignoring drive A: Could not stat /mnt/fd0 (No such file or

Hi, Any one got Oracle client running under wine? I am trying to get a VB application run under wine. I got to the point where it asks for Oracle Client. I tried to run the native windows installer, but failed. Any one with a better way? Possibly adding some dlls and some entries in registry? raj

On 2020-04-22 18:45, Sami Ketola wrote: > Actually by far the biggest source of stolen credentials is > viruses/trojans harvesting them. i tryed blacklist all ips that got passwords errors, but that ends in big shorewall blrules so i turn it over to just add whitelist into blrules where ips is known custommers that dont abuse server, that way my shorewall got alot smaller config files

<!doctype html> <html> <head> <meta charset="UTF-8"> </head> <body> <div> <br> </div> <blockquote type="cite"> <div> On 22/04/2020 19:56 Benny Pedersen < <a href="mailto:me@junc.eu">me@junc.eu</a>> wrote: </div> <div> <br>

Hi! Dovecot is now a nearly 20 year old product, and during that time it has accumulated many different features and plugins in its core repository. We are starting to gradually remove some of these parts, which are unused, untested or deprecated. We will provide advance notification before removing anything. To start, the following features are likely to be removed in next few releases of

Hi! Dovecot is now a nearly 20 year old product, and during that time it has accumulated many different features and plugins in its core repository. We are starting to gradually remove some of these parts, which are unused, untested or deprecated. We will provide advance notification before removing anything. To start, the following features are likely to be removed in next few releases of

Hello, I would like to implement some kind of two factors authentication, in Dovecot. I am thinking about using the post login script, to check for unusual behaviour, like say, a different country / IP address or an unusual hour. I already wrote a simple shell script that check these factors, but now, I have some options for the following, and I need to know your opinion if this is feasible or

Greetings, We're in the process of upgrading our Dovecot server to new hardware and new expanded storage.? We planned on using an NFS share for the mail storage, as we're running Postfix / Dovecot on a VM and wanted to separate out the mail storage from the VM for backup reasons. I read as much as I could find on line regarding configuring Dovecot to use NFS, and set it up as best I

Hi! We appreciate the feedback we have received from everyone, and we have discussed it internally. The features we are removing are deprecated and should not have been used anymore. They all have alternatives that work equally well if not better. For the authentication drivers, you can use passwd, pam and Lua as replacements for most of them. Lua in particular allows good integration with just