Difference between revisions of "HIDS 3360"
From Atomicorp Wiki
(Created page with "'''Rule ID''' 3360 '''Status''' Active rule currently published '''Description''' This rule detects mass SMTP Authentication failures against Postfix. The threshold is 1...") |
Latest revision as of 10:17, 4 December 2013
Rule ID
3360
Status
Active rule currently published
Description
This rule detects mass SMTP Authentication failures against Postfix. The threshold is 10 failures over a 3600 second time frame from the same source IP.
False Positives
None
Tuning Recommendations
None
