LFD should recognize a non-malicious repeat login failure...

Post Reply
biadmin
Junior Member
Posts: 6
Joined: 21 Feb 2018, 23:13

LFD should recognize a non-malicious repeat login failure...

Post by biadmin »

Hi,
I had an issue with the firewall blocking a client who's password was changed and her phone kept trying to login triggering the bad login attempts. Since the firewall on the server changed, it took me a while to figure out that is what was happening.

I think the firewall should not have blocked her IP over the cell phone issue. If making a brute force attack, one would not use the same password over and over, so if the requests are not coming in fast enough to constitute a DOS attack, it should be recognized as not a malicious login failure,

I realize this would require the logging of the password being used, but distinguishing this situation seems like a worthy thing to do.

Am I mistaken?

HOSTEDPOWER
Junior Member
Posts: 3
Joined: 26 Mar 2018, 21:59

Re: LFD should recognize a non-malicious repeat login failure...

Post by HOSTEDPOWER »

If this could be detected properly somehow that would be huge improvement, however I doubt it can be done (easily) technically..

HOSTEDPOWER
Junior Member
Posts: 3
Joined: 26 Mar 2018, 21:59

Re: LFD should recognize a non-malicious repeat login failure...

Post by HOSTEDPOWER »

If this could be detected properly somehow that would be huge improvement, however I doubt it can be done (easily) technically..

Post Reply