Jake Vickers wrote:
On 04/09/2010 05:26 PM, Eric Shubert wrote:
Jake Vickers wrote:
On 04/09/2010 11:25 AM, madmac wrote:
Is there then a way to secure squirrelmail, or any other webmail prog.
This is a default install of qmail with the ISO.
Not having it is not an option, as most of the clients can only use
webmail as they are on the road daily.
Thanks
I use fail2ban to monitor for brute-force attacks. Works on pop3 as
well.
fail2ban is good for brute-force attacks all right, but useless if a
password is sniffed. Best to be sure that no passwords travel the
internet in the clear.
True - I run everything using SSL myself.
I normally do not see too many passwords sniffed. I can provide gigs
worth of logs of brute force attempts. ;)
Yeah, I've only seen pw sniffed once.
Lots of "script kiddies" out there though. I shut off pop3 entirely, and
users use pop3-ssl. Haven't noticed any brute-force attacks on IMAP, or
SMTP for that matter (doesn't mean there haven't been any though).
--
-Eric 'shubes'
---------------------------------------------------------------------------------
Qmailtoaster is sponsored by Vickers Consulting Group
(www.vickersconsulting.com)
Vickers Consulting Group offers Qmailtoaster support and installations.
If you need professional help with your setup, contact them today!
---------------------------------------------------------------------------------
Please visit qmailtoaster.com for the latest news, updates, and packages.
To unsubscribe, e-mail: qmailtoaster-list-unsubscr...@qmailtoaster.com
For additional commands, e-mail: qmailtoaster-list-h...@qmailtoaster.com
