>I just had a chilling thought. What if..
>
>Does the portmaster 2e ComOs care about repeated hacking attempts
>from its WAN or LAN ports? Say some clever programmer were to repeatedly
>do a brute force attack on the device, :
>
> login: !root
> password: aaab
> login: !root
> password: aaac
> login: !root
> password: aaad
>
>and so on and on. Q:
> a) how would we identify the attack is taking place?
On a pm3 with ComOS v3.8b13 +, all admin logins are accounted for in the
RADIUS accounting logs.
> b) is it possible to stop it?
Yes,
1. By blocking telnet access to your portmaster at your router. Note:
It won't prevent your users from trying to hack the portmaster.
2. Adding a filter that allows only certain computers to access the PM via
the telnet port.
Scot
-
To unsubscribe, email 'majordomo@livingston.com' with
'unsubscribe portmaster-users' in the body of the message.
Searchable list archive: <URL:http://www.livingston.com/Tech/archive/>