Results 1 to 3 of 3

Thread: tickets about brute force attacks

  1. #1
    Join Date
    Oct 2017
    Posts
    12

    Question tickets about brute force attacks

    Hi,
    I get a lot of tickets like
    subject:
    Brute-Force Attack detected in service log from IP(s) 185.222.209.14, 91.200.12.174, 91.200.12.218

    content:
    A brute force attack has been detected in one of your service logs.

    IP 185.222.209.14 has 650 failed login attempts: exim2=650
    IP 91.200.12.174 has 335 failed login attempts: exim2=335
    IP 91.200.12.218 has 339 failed login attempts: exim2=339

    Check 'Admin Level -> Brute Force Monitor' for more information
    http://help.directadmin.com/item.php?id=404


    with the same ip, why the system don't block them?
    how can I stop it? or how to stop the tickets created about that?

    thank you

  2. #2
    Join Date
    Aug 2015
    Posts
    277
    Detecting and preventing brute force login attacks:
    https://help.directadmin.com/item.php?id=404

    How to block IPs with Brute Force Monitor in DirectAdmin using CSF?
    https://help.poralix.com/articles/ho...irectadmin-bfm

    I trust my brute force attack blocking system, I don't need to see all of the BFM messages.
    https://help.directadmin.com/item.php?id=549
    Kind regards, Fred

    Alentejo Webdesign
    Webdesign with Passion is what we do
    Web development, Hosting, Speed Optimizing & More......

  3. #3
    Join Date
    Jun 2012
    Posts
    626
    I also use this method mentioned above
    https://help.poralix.com/articles/ho...irectadmin-bfm
    i think thats zEitEr site/documents but may be wrong.
    but its worked well for me, I keep eye on csf/lfd and brute force monitor in DA anyways so don't need tons of emails/tickets
    Dave M

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •