[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [ISSForum] Password stealing attacks



Yes it will. The signature is HTTP_Auth_Failed. It triggers on an
excessive (configurable) number of failed login attempts within a
configurable period of time. It tracks failures per source IP.

-----Original Message-----
From: issforum-bounces@xxxxxxxxxxxxxxxx On Behalf Of Gijo Thomas
Sent: Tuesday, January 11, 2005 9:05 PM
To: issforum@xxxxxxxxxxxxxxxx
Subject: [ISSForum] Password stealing attacks


Hi All,

Will network sensor pickup password stealing attacks? If someone does a
Bruit force on my web servers, will my network sensor sitting at the web
gateway pick up the same?


Thanks and regards

Gij Thomas.
_______________________________________________
ISSForum mailing list
ISSForum@xxxxxxx

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to
https://atla-mm1.iss.net/mailman/listinfo/issforum

To contact the ISSForum Moderator, send email to mod-issforum@xxxxxxx

The ISSForum mailing list is hosted and managed by Internet Security
Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.

_______________________________________________
ISSForum mailing list
ISSForum@xxxxxxx

TO UNSUBSCRIBE OR CHANGE YOUR SUBSCRIPTION, go to https://atla-mm1.iss.net/mailman/listinfo/issforum

To contact the ISSForum Moderator, send email to mod-issforum@xxxxxxx

The ISSForum mailing list is hosted and managed by Internet Security Systems, 6303 Barfield Road, Atlanta, Georgia, USA 30328.