Does hosts.deny work against SMTP RCPT brute force attacks

aceyzeriat · Aug 23, 2007

Hello

I have had trouble with SSH / FTP hackers trying brute force attacks but that was easily solved with Denyhost.

Now I have a more tricky attack,
A hacker trying every combination of mail adresse on one of the domaine I host.
Each attempt comes from a different server

After a while I noticed the servers are indeed cyclic so there is a finite number of servers to ban from connecting to my SMTP.

Is there an easy way to ban a an URL from connecting to my SMTP ?

Thanks,
Arnaud

falko · Aug 24, 2007

You can use fail2ban for this ( http://www.howtoforge.com/fail2ban_debian_etch ). It uses iptables rules to block hackers...

Tripple2 · Aug 26, 2007

I'm using Blockhosts. Very easy setup.

http://www.aczoom.com/tools/blockhosts/

Log in or Sign up

Does hosts.deny work against SMTP RCPT brute force attacks

aceyzeriat New Member

falko Super Moderator Howtoforge Staff

Tripple2 New Member

Share This Page

Log in or Sign up

Does hosts.deny work against SMTP RCPT brute force attacks

aceyzeriat New Member

falko Super Moderator Howtoforge Staff

Tripple2 New Member

Share This Page

Useful Searches