Exchange attack about

sonkam · May 25, 2024, 7:43pm

Hello, we are using exchange 2019 cu14 but
It does not prevent crowdsec exchange smtp receive attacks, especially after cu14 has passed.

Has there been a change regarding this? We have installed crowdsec v1.6.1 now, but the situation is the same.

Error logs are as follows and account accounts are locked due to these attacks.

event id: 1035
Inbound authentication failed with error LogonDenied for Receive connector Client Frontend.

Can I ask for your support and information?

SassySiren · June 24, 2024, 12:36pm

Hello there

It is important to confirm if microsoft and crowdsec have issued any updates and fixes lately that may resolve technical problems and holes in security.
Also, you may be able to reduce these risks by going over the setup of your receive connectors and making sure they follow set safety rules.

Topic		Replies	Views
Postfix scenrios - SASL LOGIN authentication failed crowdsec	6	1114	May 8, 2024
Adding new smtp parser for failed logins crowdsec	1	780	June 21, 2022
Nginx: failed basic auth attempts aren't banned crowdsec	9	1556	January 13, 2022
Tainted collection-scenario for custom setting crowdsec	3	1138	September 7, 2022
New to crowdsec, looking for anti basic-auth bruteforce crowdsec	5	804	March 22, 2021

Exchange attack about

Related Topics