7
CSF block force attacks on Exim
CSF / LFD block force attacks on Exim Centos
1. Backup /etc/csf/csf.conf
2. Make sure this exist in /etc/csf/csf.conf
LF_DAEMON = "1"
LF_CSF = "1"
SMTP_BLOCK = "1"
SMTPAUTH_LOG = "/var/log/exim/reject.log" SMTPRELAY_LOG = "/var/log/exim_mainlog" POP3D_LOG = "/var/log/maillog" IMAPD_LOG = "/var/log/maillog" SCRIPT_LOG = "/var/log/exim_mainlog"If reject.log not exist replace with log file with "Incorrect authentication data" messages 3. Restart LFD
csf --lfd restart4. Restart csf
csf -rOutput in /etc/csf/csf.deny
212.129.11.11 # lfd: (smtpauth) Failed SMTP AUTH login from 212.129.11.11<br />(FR/France/212-129-63-54.example.com): 5 in the last 3600 secs - Mon Jun 26 08:10:47 2017
rated 7 times
(7)
(0)
comments: 0 / hits: 3078
/ 4 years ago, mon, jun 26, 17, 09:21:15
More From
» Plain Text
Comments
There are no comments for this Snippet yet
Only authorized users can post. Please sign in first, or register a free account
Posted
paki
Member since Sep 7, 2016
Total Code Snippets: 12
Total Comments: 0
Location: n/a