Hi, I run a minor website http://socct.org, unfortunately the acronym 
coincides with https://www.wikileaks.org/wiki/SOCCT_(military).  For the 
last two days the site is taking a multiple site brute force attacks. Apart 
from changing our name, any suggestions?  I have added an extension rule to 
rule 31510 so that if I get multiple 31510 alerts in short period from the 
same ip I block for longer which stopped getting alerts every ten minutes.

Thanks

-- 

--- 
You received this message because you are subscribed to the Google Groups 
"ossec-list" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to ossec-list+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to