Re: [Mailman-Users] Brute force attacks on mailman web ui

On Mon, 2018-04-16 at 11:06 -0700, Mark Sapiro wrote: > On 04/16/2018 10:45 AM, Lindsay Haisley wrote: > >  > > Apache will log the access, with IP addresse, but to the best of my > > knowledge it won't log a Web UI login failure since this is an internal > > matter for Mailman. > > > As I said i

Re: [Mailman-Users] Brute force attacks on mailman web ui

On 04/16/2018 10:45 AM, Lindsay Haisley wrote: > > Apache will log the access, with IP addresse, but to the best of my > knowledge it won't log a Web UI login failure since this is an internal > matter for Mailman. As I said in my prior reply, all Mailman login failures return a 401 status. Just

Re: [Mailman-Users] Brute force attacks on mailman web ui

On 16-Apr-18 07:38, Rich Kulawiec wrote: > On Mon, Apr 16, 2018 at 09:08:43AM +0200, mailman-admin wrote: >> Brute Force attempts can only be mitigated by e.g. fail2ban. > Nope. There are other ways. > > Brute force attacks can be pre-emptively blocked by nearly everyone > operating a Mailman inst

Re: [Mailman-Users] Brute force attacks on mailman web ui

On Mon, 2018-04-16 at 13:26 -0400, Robert Heller wrote: > > > Is there anything / feature that Mailman has that can be used to > > > watch/monitor it? > >  > > A related question would be whether there's any way to correlate failed > > web UI login attempts with IP addresses. It doesn't appear that

Re: [Mailman-Users] Brute force attacks on mailman web ui

At Mon, 16 Apr 2018 09:46:21 -0500 fmo...@fmp.com wrote: > > On Sun, 2018-04-15 at 22:53 +, Steven Jones wrote: > > We are currently under brute force attack on our mailman server's web > > ui. > > > > > > Is there anything / feature that Mailman has that can be used to > > watch/monitor it

Re: [Mailman-Users] Brute force attacks on mailman web ui

On 04/16/2018 07:46 AM, Lindsay Haisley wrote: > > A related question would be whether there's any way to correlate failed > web UI login attempts with IP addresses. It doesn't appear that at > present Mailman 2 logs failed web UI attempts at all, although I may be > missing something. Mailman r

Re: [Mailman-Users] Brute force attacks on mailman web ui

On Sun, 2018-04-15 at 22:53 +, Steven Jones wrote: > We are currently under brute force attack on our mailman server's web > ui. > > > Is there anything / feature that Mailman has that can be used to > watch/monitor it? A related question would be whether there's any way to correlate failed

Re: [Mailman-Users] Brute force attacks on mailman web ui

On 4/15/2018 5:53 PM, Steven Jones wrote: We are currently under brute force attack on our mailman server's web ui. Is there anything / feature that Mailman has that can be used to watch/monitor it? Can you elaborate on how they are attacking? If it's a detectable pattern, I suggest you inves

Re: [Mailman-Users] Brute force attacks on mailman web ui

On Mon, Apr 16, 2018 at 09:08:43AM +0200, mailman-admin wrote: > Brute Force attempts can only be mitigated by e.g. fail2ban. Nope. There are other ways. Brute force attacks can be pre-emptively blocked by nearly everyone operating a Mailman instance. (I say "nearly" for specific reasons that w

Re: [Mailman-Users] Brute force attacks on mailman web ui

Hi Am 16.04.2018 um 00:53 schrieb Steven Jones: > Hi, > > We are currently under brute force attack on our mailman server's web ui. > Is there anything / feature that Mailman has that can be used to > watch/monitor it? > Sadly I think we'll have to remove it off the Internet. > > This is