HIDS 3360

From Atomicorp Wiki
Jump to: navigation, search

Rule ID

3360

Status

Active rule currently published


Description

This rule detects mass SMTP Authentication failures against Postfix. The threshold is 10 failures over a 3600 second time frame from the same source IP.

False Positives

None


Tuning Recommendations

None

Retrieved from "https://wiki.atomicorp.com/wiki/index.php?title=HIDS_3360&oldid=4308"
Personal tools