Hi Am 16.04.2018 um 00:53 schrieb Steven Jones: > Hi, > > We are currently under brute force attack on our mailman server's web ui. > Is there anything / feature that Mailman has that can be used to > watch/monitor it? > Sadly I think we'll have to remove it off the Internet..... > >
This is not a mailman specific problem. Brute Force attempts can only be mitigated by e.g. fail2ban. It monitors your log files and will block access for IPs that try to login too often with invalid credentials for a short time. This will only catch IPs which try multiple times. A DDoS with constantly changing IPs will still hurt you. Kind regards, Christian Mack ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
