hamlin11
asked on
Windows 2003 Server - I have people attempting to break into my email server - what is my proper response?
I've checked my email server logs, and I'm getting a lot of attempts to break in via brute-force + dictionary attacks.
I know the IP's that are doing it - is there an easy way for me to A) Block these IPs B) Automatically detect and block new ones in the future without affecting my email clients
Thanks
I know the IP's that are doing it - is there an easy way for me to A) Block these IPs B) Automatically detect and block new ones in the future without affecting my email clients
Thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
They're trying a variety of logins & passwords on a specific domain.
I'll block the IP on my firewall - do you think I should add an IP-Filter on the server itself or should I configure the hardware firewall outside my server?
Thanks for the tips
I'll block the IP on my firewall - do you think I should add an IP-Filter on the server itself or should I configure the hardware firewall outside my server?
Thanks for the tips
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Ok, I'll configure the hardware firewall.
Do you have any comments on the second part of my question -- Is there some way to either alert me via email when a cracker is trying to get in - or auto-block an IP that tries to access too much?
Thanks
P.S., my email server software does not have this functionality
Do you have any comments on the second part of my question -- Is there some way to either alert me via email when a cracker is trying to get in - or auto-block an IP that tries to access too much?
Thanks
P.S., my email server software does not have this functionality
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER