Brute Force attacks trying to login to an email account
cphulk is detecting a massive attempt to access an email account (around 5 times per second, nonstop).
The attack comes from IPs from neighbour countries, so we just cant block any range of IPs. They also use a roundrobin, with only 2 attacks per IP.
The account is not in use anymore, but we cant just delete it (it still receives valid emails).
Any idea what to do to stop this hammering?
Regards,
Martin R.
Re: Brute Force attacks trying to login to an email account
If the account isn't in use anymore, why not delete the account and set a forward to another account. If the account doesn't exist, it can still receive forwards to an existing account. With the account no longer existing, it cannot be brute force attacked any longer then.
cPResources: Support Options | More Support Options | Forums Search | cPanel.net Site Search | Mailing Lists(Alt) | Docs
-- Tristan, Forums Technical Analyst, cPanel Tech Support
Submit a ticket | Check an existing ticket
LinkBack URL
About LinkBacks
Reply With Quote