Hello I have seen in the last 3 days a bruteforce login for one email account. The method is very smart , as every connection come from a different unique ip (almost 99% are unique). I have count until now aproximative 2000 ip that are trying to guess the password. The most of them are from Ukraine and Russia, but they are from all over the world, and i can't block all ip's from a country because we have some business contacts in those areas. (for the record : i have seen now for the first time unusual rutable ipv4 addresses like 2.133.199.0 or 186.9.248.255 )
Can you provide a tip how to block this smart attack from assp? I don't want to use another tool , if it's not allready in assp , there should be a method that count the number of bad auth for an account and make one trigger that allow only ip's from some specific country .... it's hard to think about a proper way to block this. I will make a script that take all the classes from one country that i don't trust and limit all connection to one per 10 min. Perhaps assp could introduce something like this. I hope someone could help about how to mitigate this attack. Thank you for your time and very hard and good work , Fritz and Thomas and all people that have a contribute to assp. ------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees _______________________________________________ Assp-test mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/assp-test
