>>> I've been playing around with the "login_max_processes_count" option in
>>> dovecot.conf, and while it seems to work great preventing issues when
>>> there is a dictionary-attack against POP3, it obviously had no affect on
>>> a recent FTP dictionary-attack... pwdb still flaked out, and you would
>>> have to login with root (since root is in shadow vs pwdb) to manually
>>> fix or wait for sometime after the attack has stopped (time enough for
>>> db_recover to do its thing).
>> As far as FTP and SSH dictionary attacks, it is easy to prevent them.
>> # 1. install the apf firewall
>> #2. install the bfd brute force detection
I'm of the same view that dictionary attacks should not affect any
system that has a proper firewall. I just use an iptables recipe that I
came up with on all my machines and have never had a single problem with
the issues discussed here!
Why can't we install a proper firewall with BQ? We already setup
iptables as a packet counter so it wouldn't be any more work than
updating a few files... although I guess we would need to build a GUI
Just my 0.02 GBP