How to protect ejabberd from bruteforce attacks?

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Posted by Sergey on Server Fault See other posts from Server Fault or by Sergey
Published on 2012-03-14T17:37:47Z Indexed on 2012/10/15 15:40 UTC
Read the original article Hit count: 423

Filed under:
|
|

It writes this in logs:

=INFO REPORT==== 2012-03-14 17:48:54 ===
I(<0.467.0>:ejabberd_listener:281) : (#Port<0.4384>) Accepted connection {{10,254,239,2},51986} -> {{10,254,239,1},5222}

=INFO REPORT==== 2012-03-14 17:48:54 ===
I(<0.1308.0>:ejabberd_c2s:784) : ({socket_state,tls,{tlssock,#Port<0.4384>,#Port<0.4386>},<0.1307.0>}) Failed authentication for USERNAME

=INFO REPORT==== 2012-03-14 17:48:54 ===
I(<0.1308.0>:ejabberd_c2s:649) : ({socket_state,tls,{tlssock,#Port<0.4384>,#Port<0.4386>},<0.1307.0>}) Failed authentication for USERNAME

It doesn't write IP with a failure.
And strings "Accepted connection" and "Failed auth.." may even not stand nearby (as I think on heavily loaded servers) to be able to use fail2ban.
What to do? And how jabber servers (using ejabberd) are protected?

© Server Fault or respective owner

facebook twitter digg google delicious technorati stumbleupon myspace wordpress linkedin gmail igoogle windows live tumblr viadeo yahoo buzz yahoo mail yahoo bookmarks favorites email print

Related posts about brute-force-attacks

Related posts about ejabberd

Categories cloud

.NET ASP.NET iphone linux python Windows mysql android sql windows-7 html c ruby-on-rails css objective-c ubuntu networking sql-server wpf asp.net-mvc ruby database Xml apache AJAX osx security regex django Performance 12.04 windows-xp mac web-development iphone-sdk vb.net Silverlight apache2 flash server perl best-practices email installation eclipse visual-studio algorithm windows-server-2008 winforms wcf firefox bash dns /Oracle