Difference between revisions of "HIDS 171303"
From Atomicorp Wiki
(Created page with " {{Infobox |header1= Rule 171303 |label2 = Status |data2 = Active |label3 = Alert Message |data3 = Known brute force attacker. }} = Description = ASL has detected a known b...") |
Latest revision as of 13:33, 24 September 2014
| Rule 171303 | |
|---|---|
| Status | Active |
| Alert Message | Known brute force attacker. |
Contents |
[edit] Description
ASL has detected a known brute force attacker that is attempting to brute force accounts in your mail server.
[edit] Troubleshooting
[edit] Solutions
If you wish to prevent ASL from shunning on these events, simply set Active Response for the rule to off. This will of course allow this attacker to continue to brute force accounts in your mail server.
[edit] False Positives
None. Please do not report this as a false positive unless ASL is incorrectly reporting an event that is:
1) not exim
or
2) you know this is not a brute force attacker, and please provide your mail logs if you believe this is the case and any other information you have have to help us understand what is happening with your system.
[edit] Additional Information
[edit] Similar Rules
None.
[edit] Knowledge Base Articles
None.
[edit] External Articles
None.
