Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Dictionary attack

Hai,

We are using Pix 515E with 6.3(4) operating system. We are seeing lot of dictionary attacks on our servers which are having live IP's. Is it possible to stop dictionary attack using the PIX.

Also is there a way to block the user name and password if certain number of login attempts fail.

I am looking for a solution using the existing PIX. Pl advise.

Thanks in advance.

Regards,

Raghavan.

1 REPLY
New Member

Re: Dictionary attack

Not really much you can on the PIX. You will most likely need to harden the host SSH authentication (maybe deny after 3 failed attempts for each connection) and perhaps use IPS to detect the failed login attempts. If you can filter on source IP address for authorized SSH access from the Internet that will cut down on a lot of the SSH attempts.

173
Views
4
Helpful
1
Replies
CreatePlease to create content