On Tue, Dec 22, 2009 at 4:44 PM, Karl Pearson <karlp@xxxxxxxxxxxxxxxx> wrote: > On Mon, December 21, 2009 1:30 am, Paul Lesniewski wrote: >> On Sun, Dec 20, 2009 at 3:16 AM, countryuser <gregrees10@xxxxxxxxxxx> >> wrote: >>> I have had someone try to hack Squirelmail 1.4.15 web page by sending >>> multiple user names 1 after another for an infinite time or until they >>> eventually crack it, it is a DoS for other users trying to login. Is >>> there >>> some way after say 3 attempts/failures to login to reject/block ip >>> number >>> for say 1 hour/day before another retry attempt from same ip number. >>> My >>> setup here is Debian Lenny, Postfix and Squirrelmail 1.4.15 >> >> 1) Upgrade. 1.4.15 is outdated and contains known security holes. >> 2) Install and configure the Lockdown plugin, optionally the CAPTCHA >> plugin and possibly the Restrict Senders plugin. > > You might want to look at fail2ban, which would be customizable for any > TCP service on the server. Currently I use it for SSH, but I'm pretty > sure it can be configured to watch failed logins for Dovecot, or > whatever IMAP server you are using behind the scenes. There's also information in the Squirrel Logger plugin on how to use fail2ban against SquirrelMail login failures logged with Squirrel Logger. -- Paul Lesniewski SquirrelMail Team Please support Open Source Software by donating to SquirrelMail! http://squirrelmail.org/donate_paul_lesniewski.php ------------------------------------------------------------------------------ This SF.Net email is sponsored by the Verizon Developer Community Take advantage of Verizon's best-in-class app development support A streamlined, 14 day to market process makes app distribution fast and easy Join now and get one step closer to millions of Verizon customers http://p.sf.net/sfu/verizon-dev2dev ----- squirrelmail-users mailing list Posting guidelines: http://squirrelmail.org/postingguidelines List address: squirrelmail-users@xxxxxxxxxxxxxxxxxxxxx List archives: http://news.gmane.org/gmane.mail.squirrelmail.user List info (subscribe/unsubscribe/change options): https://lists.sourceforge.net/lists/listinfo/squirrelmail-users
