HIDS 3360

From Atomicorp Wiki
Jump to: navigation, search

Rule ID

3360

Status

Active rule currently published


Description

This rule detects mass SMTP Authentication failures against Postfix. The threshold is 10 failures over a 3600 second time frame from the same source IP.

False Positives

None


Tuning Recommendations

None

Personal tools