[Mailman-Users] Brute force attacks on mailman web ui
Lindsay Haisley
fmouse at fmp.com
Mon Apr 16 10:46:21 EDT 2018
On Sun, 2018-04-15 at 22:53 +0000, Steven Jones wrote:
> We are currently under brute force attack on our mailman server's web
> ui.
>
>
> Is there anything / feature that Mailman has that can be used to
> watch/monitor it?
A related question would be whether there's any way to correlate failed
web UI login attempts with IP addresses. It doesn't appear that at
present Mailman 2 logs failed web UI attempts at all, although I may be
missing something.
If this were possible, a system-level utility such as fail2ban could be
used to monitor logs and establish kernel filter rules to block these
IPs.
--
Lindsay Haisley | "The first casualty when
FMP Computer Services | war comes is truth."
512-259-1190 |
http://www.fmp.com | -- Hiram W Johnson
More information about the Mailman-Users
mailing list