[Info-vax] intrusion detection
koehler at spock.koehler.athome.net
koehler at spock.koehler.athome.net
Sun Mar 22 12:57:36 EDT 2009
In article <49ba3625$0$6682$703f8584 at textnews.kpn.nl>, joukj <joukj at hrem.nano.tudelft.nl> writes:
>
> The attack seems to come from one Ip-adress using different usernames to
> get access to the pop-server. Should the detection system not block
> the whole access from this host and not per user? As it is configured
> now they can keep trying to get in (and waist bandwith because the will
> not succeed)
VMS does not like to block a legitimate user just beause someone
else is misbehaving. Most likely the bandwidth would not change
appreciably if only the VMS system itself is doing evasion.
More information about the Info-vax
mailing list