IP Reputation

Community forum to discuss cxs.
If you believe that there is a problem with your cxs installation and want support then, as a paid product, you should use the helpdesk after having consulted the documentation.
1 post Page 1 of 1
biadmin
Junior Member
Posts: 6
Joined: 21 Feb 2018, 23:13


Hi,
I had an issue with the firewall blocking a client who's password was changed and her phone kept trying to login triggering the bad login attempts. Since the firewall on the server changed, it took me a while to figure out that is what was happening.

If I enable IP Reputation, I have 3 concerns/questions.

1) If a client starts getting blocked and the cause is something like the situation above, how do I tell that is the cause of the access problem? Or if the client's IP gets reported because of some other server reporting it based on something like the situation above?

2) What prevents the situation above from from reporting, in this case, my client's IP as a bad actor?

3) Will white listed IP's get through even if they appear on one of the IP lists of bad actors?

I also will add a suggestion to the appropriate forum that I think the firewall should not have blocked her IP over the cell phone issue. If making a brute force attack, one would not use the same password over and over, so if the requests are not coming in fast enough to constitute a DOS attack, it should be recognized as not a malicious login failure, Am I mistaken?
1 post Page 1 of 1