Dictionary attack

Unanswered Question
Dec 28th, 2007


We are using Pix 515E with 6.3(4) operating system. We are seeing lot of dictionary attacks on our servers which are having live IP's. Is it possible to stop dictionary attack using the PIX.

Also is there a way to block the user name and password if certain number of login attempts fail.

I am looking for a solution using the existing PIX. Pl advise.

Thanks in advance.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (1 ratings)

Not really much you can on the PIX. You will most likely need to harden the host SSH authentication (maybe deny after 3 failed attempts for each connection) and perhaps use IPS to detect the failed login attempts. If you can filter on source IP address for authorized SSH access from the Internet that will cut down on a lot of the SSH attempts.


This Discussion