[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: qpopper brute force attack

Carlos Acedo wrote:
I have received an attack to my pop3 server qpopper leading this to
crash, and every time I woke up it crashed again. Eventually I filtered
the attacker ip with iptables.

The attacker was trying to login with usual names with many attempts per
second (AKA brute force).

After the attack I'm not very confident to qpooper, so is there any good
alternatives to qpopper? what about xmail?

I've not used Xmail, but I use Dovecot (although only for myself as a single user) on one server, and Courier on a multi-user server (although considering the version of Dovecot in Etch when I upgrade it), although I have only had a couple of attempts on it.  I do use PAM to limit frequent connection attempts and PAM_abl to blacklist multiple failed logons though...



Gavin Westwood

http://hosting.solutium.co.uk - quality, affordable web hosting.

http://www.solutium.co.uk - IT Services and Support.

Reply to: