[Mailman-Users] Brute force attacks on mailman web ui
Robert Heller
heller at deepsoft.com
Mon Apr 16 13:26:09 EDT 2018
At Mon, 16 Apr 2018 09:46:21 -0500 fmouse at fmp.com wrote:
>
> On Sun, 2018-04-15 at 22:53 +0000, Steven Jones wrote:
> > We are currently under brute force attack on our mailman server's web
> > ui.
> >
> >
> > Is there anything / feature that Mailman has that can be used to
> > watch/monitor it?
>
> A related question would be whether there's any way to correlate failed
> web UI login attempts with IP addresses. It doesn't appear that at
> present Mailman 2 logs failed web UI attempts at all, although I may be
> missing something.
They might be in Apache's logs.
>
> If this were possible, a system-level utility such as fail2ban could be
> used to monitor logs and establish kernel filter rules to block these
> IPs.
>
--
Robert Heller -- 978-544-6933
Deepwoods Software -- Custom Software Services
http://www.deepsoft.com/ -- Linux Administration Services
heller at deepsoft.com -- Webhosting Services
More information about the Mailman-Users
mailing list