Microsoft Exchange login attempts and IPS

Unanswered Question
May 23rd, 2008

I have clients running Exchange Server 2003. More than one of them are plagued by (presumably) scripted attempts to log in to their SMTP server, using a long list of common American names.

Please forgive what is undoubtedly a basic question--but can the IPS features in the Cisco PIX 501 be used to fend off an attack like this? And if so, can you point me in the right direction for configuring this feature?

Thanks much,

Zac Mutrux

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
suschoud Mon, 05/26/2008 - 11:20


unfortunately,the ids feature in pix is not advanced enough to locate such attacks.

I would suggest aip-ssm module in asa's or a dedicated ids/ips box to take care of millions of attacks and vulnerabilities ot there.



Cisco TAC.

zacmutrux Mon, 05/26/2008 - 11:43

Well that's too bad, but thanks for your reply just the same.



This Discussion