Hello,
I'm using Digest Authentication and H1 hash data (
H1=hash("userid":"realm":"password") ) are on an LDAP server.
My external authenticator read userid and realm from stdinput, make an
ldap search against LDAP server and then return to Squid the H1 hash on
stdoutput.
Can Squid notify me if the current user authentication go wrong ?
In fact, I think that my Squid 2.5.STABLE10 system is open to brute
force password attack.
In this situation in the access.log I see "TCP_DENIED/407" error
messages but I don't know who is the user under attack.
I'd like to know the userid under attack to suspend it at LDAP level.
Thank you for your attention.
Alberto.
