tor 2006-05-18 klockan 15:08 +0200 skrev [EMAIL PROTECTED]: > In fact, I think that my Squid 2.5.STABLE10 system is open to brute > force password attack. > In this situation in the access.log I see "TCP_DENIED/407" error > messages but I don't know who is the user under attack. > I'd like to know the userid under attack to suspend it at LDAP level.
Hmm.. the username should be there if it was an authentication request and not just an unauthenticated request. Verifying. Yes it is. Failed logins indicate the user name. Request without any login information don't.. Regards Henrik
signature.asc
Description: Detta är en digitalt signerad meddelandedel
