• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Question about preventing brute force attacks with ISA

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> General >> Question about preventing brute force attacks with ISA Page: [1]
Login
Message << Older Topic   Newer Topic >>
Question about preventing brute force attacks with ISA - 4.Feb.2008 5:49:04 PM   
j.b.

 

Posts: 1
Joined: 4.Feb.2008
Status: offline
Hi, I'm fairly new to the ISA world. You could say i'm also new to the security world aswell. Recently I've been reviewing the logs for my FTP site, (running on IIS 6.0 server in DMZ beehind ISA 2004) and have noticed repeated brute force attacks. The IP of the attacker is constantly changing so i can't block specific IP's. I'd love to hear some thoughts from some of you ISA guru's out there, on what I can do to resolve this issue.

Thanks.

< Message edited by j.b. -- 4.Feb.2008 11:57:29 PM >
Post #: 1
RE: Question about preventing brute force attacks with ISA - 5.Feb.2008 12:02:39 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Good question. No firewall is going to protect you against brute force attacks. The key to preventing a successful brute forece attack is to insure password complexity requirements.

HTH,
Tom

_____________________________

Thomas W Shinder, M.D.

(in reply to j.b.)
Post #: 2
RE: Question about preventing brute force attacks with ISA - 5.Feb.2008 7:46:46 PM   
ferrix

 

Posts: 547
Joined: 16.Mar.2005
Status: offline
Having an account lockout in place is helpful to slow down or frustrate a brute force.  Especially if it looks externally like the attempts are still "working" when the acct is locked.

(in reply to tshinder)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> General >> Question about preventing brute force attacks with ISA Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts