Does hosts.deny work against SMTP RCPT brute force attacks
I have had trouble with SSH / FTP hackers trying brute force attacks but that was easily solved with Denyhost.
Now I have a more tricky attack,
A hacker trying every combination of mail adresse on one of the domaine I host.
Each attempt comes from a different server
After a while I noticed the servers are indeed cyclic so there is a finite number of servers to ban from connecting to my SMTP.
Is there an easy way to ban a an URL from connecting to my SMTP ?
You can use fail2ban for this ( http://www.howtoforge.com/fail2ban_debian_etch ). It uses iptables rules to block hackers...
I'm using Blockhosts. Very easy setup.
|All times are GMT +2. The time now is 15:21.|
Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.