Important note about SSL VPN compatibility for 20.0 MR1 with EoL SFOS versions and UTM9 OS. Learn more in the release notes.

How to create a sample rule for password spraying attacks

Since today we have been experiencing massive password spraying attacks on many Sophos firewalls, especially on the VPN portal, which listens to port 443. Apparently these are attacks from Russia with the IP 92.53.65.166.

How can I create a rule to prevent this? I would be glad if you could help me with an example.

I would be very happy if you could explain with a screenshot.



Added TAGs
[edited by: Raphael Alganes at 11:56 PM (GMT -7) on 8 Sep 2024]
Parents
  • Within "administration / device access / Local service ACL exception rule" you can allow only the needed countries for portal access ... or block russia.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Reply
  • Within "administration / device access / Local service ACL exception rule" you can allow only the needed countries for portal access ... or block russia.


    Dirk

    Systema Gesellschaft für angewandte Datentechnik mbH  // Sophos Platinum Partner
    Sophos Solution Partner since 2003
    If a post solves your question, click the 'Verify Answer' link at this post.

Children
No Data