We are happy to announce that Vesta is back under active development as of 25 February 2024. We are working on v1 candidate and expect to engage more with the community over the coming months. We are committed to open source, and we encourage contributors to help us build the future of Vesta.
Attack BF Cracking Exim
Attack BF Cracking Exim
Hello everyone,
Here I find that I am needing some help. In these days I have received constant attacks by brute force. There are some that have implemented solution for this? I found this, but not if it's really what I need.
https://github.com/Exim/exim/wiki/BlockCracking
Fail2ban then blocks 2 failed attempts, but it seems a kind of botnet that always changes the IP address. I leave this log as an example ....
I will appreciate your help, greetings.
/var/log/exim/reject.log
[/size]
Here I find that I am needing some help. In these days I have received constant attacks by brute force. There are some that have implemented solution for this? I found this, but not if it's really what I need.
https://github.com/Exim/exim/wiki/BlockCracking
Fail2ban then blocks 2 failed attempts, but it seems a kind of botnet that always changes the IP address. I leave this log as an example ....
I will appreciate your help, greetings.
/var/log/exim/reject.log
Code: Select all
2016-10-31 15:18:23 dovecot_login authenticator failed for (http://www.pasealaliga.com.ar) [200.58.115.221]: 535 Incorrect authentication
2016-10-31 15:18:56 dovecot_login authenticator failed for (lawofattractionforkids.com) [64.235.42.4]: 535 Incorrect authentication
2016-10-31 15:19:10 dovecot_login authenticator failed for (dhgifts.com) [103.16.230.86]: 535 Incorrect authentication data (set_id
2016-10-31 15:19:23 dovecot_login authenticator failed for (goktugduman.com) [159.253.33.114]: 535 Incorrect authentication data (s
2016-10-31 15:19:54 dovecot_login authenticator failed for (jscscc.com) [114.215.189.151]: 535 Incorrect authentication data (set_i
2016-10-31 15:20:34 dovecot_login authenticator failed for (toto-weiyu.com) [123.1.180.22]: 535 Incorrect authentication data (set_
2016-10-31 15:21:07 dovecot_login authenticator failed for (pikehsalumni.com) [184.168.192.61]: 535 Incorrect authentication data (
2016-10-31 15:21:12 dovecot_login authenticator failed for (http://www.maracayproactiva.org.ve) [190.202.87.180]: 535 Incorrect authentica
2016-10-31 15:21:25 dovecot_login authenticator failed for (seagullpublishers.in) [182.50.130.73]: 535 Incorrect authentication dat
2016-10-31 15:21:27 dovecot_login authenticator failed for (ausbery.com) [118.123.20.122]: 535 Incorrect authentication data (set_i
2016-10-31 15:21:52 dovecot_login authenticator failed for (aiqiyidiaosu.com) [112.121.182.58]: 535 Incorrect authentication data (
2016-10-31 15:21:58 dovecot_login authenticator failed for (hoskingaustralia.com.au) [103.20.20.48]: 535 Incorrect authentication d
2016-10-31 15:21:58 dovecot_login authenticator failed for (9thfarnboroughscoutgroup.org.uk) [188.64.187.170]: 535 Incorrect authen
2016-10-31 15:22:08 dovecot_login authenticator failed for (vemaybay.me) [125.212.209.48]: 535 Incorrect authentication data (set_i
2016-10-31 15:22:42 dovecot_login authenticator failed for (dpu.linggakab.go.id) [124.40.255.177]: 535 Incorrect authentication dat
2016-10-31 15:23:18 dovecot_login authenticator failed for (citybrite.com) [202.65.135.196]: 535 Incorrect authentication data (set
2016-10-31 15:23:30 dovecot_login authenticator failed for (huetax.fr) [83.167.38.19]: 535 Incorrect authentication data (set_id=pr
2016-10-31 15:23:33 dovecot_login authenticator failed for (m.39hx.net) [210.209.80.103]: 535 Incorrect authentication data (set_id