[Mailman-Users] Brute force attacks on mailman web ui
Mark Sapiro
mark at msapiro.net
Mon Apr 16 12:29:16 EDT 2018
On 04/16/2018 07:46 AM, Lindsay Haisley wrote:
>
> A related question would be whether there's any way to correlate failed
> web UI login attempts with IP addresses. It doesn't appear that at
> present Mailman 2 logs failed web UI attempts at all, although I may be
> missing something.
Mailman responds to invalid login attempts from the admin, admindb,
options and private CGIs with a 401 Unauthorized status. These are (or
should be) logged by the web server along with the IP address and other
info.
In addition, if a list's membership is private, i.e. available only to
members or the admin, failed attempts to log in to the options page or
obtain a password reminder are logged by Mailman in the mischief log,
but only login failures have the IP address.
--
Mark Sapiro <mark at msapiro.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list