[Dovecot] No tcp wrappers, other ideas to help stop brute force attacks?
Ken A
ka at pacific.net
Wed Aug 30 23:42:46 EEST 2006
http://www.ossec.net/
fail2ban looks interesting too, but doesn't appear to allow
whitelisting? That could be bad..
Ken
Pacific.Net
David Rees wrote:
> I'm looking for a way to deny access to dovecot from certain IP
> addresses, basically to help prevent brute force attacks on the
> server.
>
> Right now I'm using denyhosts which scans /var/log/secure for
> authentication failures which then can add an entry to
> /etc/hosts.deny, but since dovecot doesn't have tcp wrappers support,
> that doesn't do anything.
>
> It doesn't look like I can run dovecot run xinetd.
>
> Any other ideas to help protect dovecot from brute force attacks? I
> don't think pam can help, can it?
>
> Otherwise I need to figure out a way to have denyhosts trigger
> iptables rules or something, or maybe there's another application that
> will work?
>
> -Dave
>
More information about the dovecot
mailing list