tor 2006-05-18 klockan 15:08 +0200 skrev alberto.avi@xxxxxxxxx: > In fact, I think that my Squid 2.5.STABLE10 system is open to brute > force password attack. > In this situation in the access.log I see "TCP_DENIED/407" error > messages but I don't know who is the user under attack. > I'd like to know the userid under attack to suspend it at LDAP level. Hmm.. the username should be there if it was an authentication request and not just an unauthenticated request. Verifying. Yes it is. Failed logins indicate the user name. Request without any login information don't.. Regards Henrik
Attachment:
signature.asc
Description: Detta =?ISO-8859-1?Q?=E4r?= en digitalt signerad meddelandedel
