[Dovecot] No tcp wrappers, other ideas to help stop brute force attacks?
John Peacock
jpeacock at rowman.com
Wed Aug 30 23:00:43 EEST 2006
David Rees wrote:
> Got any suggestions on an IDS which may be suitable? Can't really be
> part of the firewall as the firewall in this case is a separate system
> and doesn't have the capability to detect failed dovecot logins,
> especially if they are using SSL.
I'm still trying to figure that out for myself. ;-) Not knowing what
firewall you are using, at least some of them support programmatically
adding forbidden hosts (I know that Watchguard does).
As far as IDS's, Snort:
http://www.snort.org/
is one of the better known ones, and as soon as I can figure out how to
slow the rotation of the Earth to provide for 50 hour days, I'll have
some time to check it out... :0
John
--
John Peacock
Director of Information Research and Technology
Rowman & Littlefield Publishing Group
4501 Forbes Boulevard
Suite H
Lanham, MD 20706
301-459-3366 x.5010
fax 301-429-5748
More information about the dovecot
mailing list