On Mon, 2018-04-16 at 11:06 -0700, Mark Sapiro wrote:
> On 04/16/2018 10:45 AM, Lindsay Haisley wrote:
> >
> > Apache will log the access, with IP addresse, but to the best of my
> > knowledge it won't log a Web UI login failure since this is an internal
> > matter for Mailman.
>
>
> As I said i
On 04/16/2018 10:45 AM, Lindsay Haisley wrote:
>
> Apache will log the access, with IP addresse, but to the best of my
> knowledge it won't log a Web UI login failure since this is an internal
> matter for Mailman.
As I said in my prior reply, all Mailman login failures return a 401
status. Just
On 16-Apr-18 07:38, Rich Kulawiec wrote:
> On Mon, Apr 16, 2018 at 09:08:43AM +0200, mailman-admin wrote:
>> Brute Force attempts can only be mitigated by e.g. fail2ban.
> Nope. There are other ways.
>
> Brute force attacks can be pre-emptively blocked by nearly everyone
> operating a Mailman inst
On Mon, 2018-04-16 at 13:26 -0400, Robert Heller wrote:
> > > Is there anything / feature that Mailman has that can be used to
> > > watch/monitor it?
> >
> > A related question would be whether there's any way to correlate failed
> > web UI login attempts with IP addresses. It doesn't appear that
At Mon, 16 Apr 2018 09:46:21 -0500 fmo...@fmp.com wrote:
>
> On Sun, 2018-04-15 at 22:53 +, Steven Jones wrote:
> > We are currently under brute force attack on our mailman server's web
> > ui.
> >
> >
> > Is there anything / feature that Mailman has that can be used to
> > watch/monitor it
On 04/16/2018 07:46 AM, Lindsay Haisley wrote:
>
> A related question would be whether there's any way to correlate failed
> web UI login attempts with IP addresses. It doesn't appear that at
> present Mailman 2 logs failed web UI attempts at all, although I may be
> missing something.
Mailman r
On Sun, 2018-04-15 at 22:53 +, Steven Jones wrote:
> We are currently under brute force attack on our mailman server's web
> ui.
>
>
> Is there anything / feature that Mailman has that can be used to
> watch/monitor it?
A related question would be whether there's any way to correlate failed
On 4/15/2018 5:53 PM, Steven Jones wrote:
We are currently under brute force attack on our mailman server's web
ui.
Is there anything / feature that Mailman has that can be used to
watch/monitor it?
Can you elaborate on how they are attacking?
If it's a detectable pattern, I suggest you inves
On Mon, Apr 16, 2018 at 09:08:43AM +0200, mailman-admin wrote:
> Brute Force attempts can only be mitigated by e.g. fail2ban.
Nope. There are other ways.
Brute force attacks can be pre-emptively blocked by nearly everyone
operating a Mailman instance. (I say "nearly" for specific reasons
that w
Hi
Am 16.04.2018 um 00:53 schrieb Steven Jones:
> Hi,
>
> We are currently under brute force attack on our mailman server's web ui.
> Is there anything / feature that Mailman has that can be used to
> watch/monitor it?
> Sadly I think we'll have to remove it off the Internet.
>
>
This is
10 matches
Mail list logo