LFD should recognize a non-malicious repeat login failure...

3 posts Page 1 of 1
biadmin
Junior Member
Posts: 6
Joined: 21 Feb 2018, 23:13


Hi,
I had an issue with the firewall blocking a client who's password was changed and her phone kept trying to login triggering the bad login attempts. Since the firewall on the server changed, it took me a while to figure out that is what was happening.

I think the firewall should not have blocked her IP over the cell phone issue. If making a brute force attack, one would not use the same password over and over, so if the requests are not coming in fast enough to constitute a DOS attack, it should be recognized as not a malicious login failure,

I realize this would require the logging of the password being used, but distinguishing this situation seems like a worthy thing to do.

Am I mistaken?
HOSTEDPOWER
Junior Member
Posts: 3
Joined: 26 Mar 2018, 21:59


If this could be detected properly somehow that would be huge improvement, however I doubt it can be done (easily) technically..
HOSTEDPOWER
Junior Member
Posts: 3
Joined: 26 Mar 2018, 21:59


If this could be detected properly somehow that would be huge improvement, however I doubt it can be done (easily) technically..
3 posts Page 1 of 1