This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Brute Force Attack

I’ve just checked my deleted items folder and I have loads of failed logins from the RED device from random public IP’s using different user names. This “seems” to point to someone trying to gain access to the RED device which could be pretty bad as it’s hooked up to a customer's live network.

Is there anything we can do to down the connection to the client whilst not in use and still have management access to RED?

This thread was automatically locked due to age.

Parents

0 BAlfson over 9 years ago

Hi, and welcome to the User BB!

loads of failed logins from the RED device from random public IP’s using different user names.

If you need more help than Scott gave above, show us an example of the message.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BAlfson over 9 years ago

Hi, and welcome to the User BB!

loads of failed logins from the RED device from random public IP’s using different user names.

If you need more help than Scott gave above, show us an example of the message.

Cheers - Bob

Sophos UTM Community Moderator
Sophos Certified Architect - UTM
Sophos Certified Engineer - XG
Gold Solution Partner since 2005

MediaSoft, Inc. USA
Cancel
Vote Up 0 Vote Down

Cancel

Children

No Data