user192702

Asked: 2013-11-06 06:53:02 +0800 CST2013-11-06 06:53:02 +0800 CST 2013-11-06 06:53:02 +0800 CST

Watchguard XTM blocking login attempts

routinely I'm seeing lots of login attempts to my mail server trying out various login names starting from A to Z coming from the one IP on one day and another IP on another day. Is there any means to detect this type of activities and block accordingly? I asked Watchguard and it appears they don't support this on their XTM series. Anything else I can do other than to have a super long password?

1 Answers

Voted

HBruijn
2013-11-06T08:02:38+08:002013-11-06T08:02:38+08:00
This is a typical example of the "background noise" you'll find on most servers exposed to the internet.

A common solution is to have a script parse your log files to find those repeat offenders and then block the originating ip-adresses in the servers local firewall.

fail2ban is one such example.
0

Watchguard XTM blocking login attempts

Can you pass user/pass for HTTP Basic Authentication in URL parameters?

Ping a Specific Port

Check if port is open or closed on a Linux server?

How to automate SSH login with password?

How do I tell Git for Windows where to find my private RSA key?

What's the default superuser username/password for postgres after a new install?

What port does SFTP use?

Command line to list users in a Windows Active Directory group?

What is a Pem file and how does it differ from other OpenSSL Generated Key File Formats?

How to determine if a bash variable is empty?