tor 2006-05-18 klockan 15:08 +0200 skrev alberto.avi@gmail.com:
> In fact, I think that my Squid 2.5.STABLE10 system is open to brute
> force password attack.
> In this situation in the access.log I see "TCP_DENIED/407" error
> messages but I don't know who is the user under attack.
> I'd like to know the userid under attack to suspend it at LDAP level.
Hmm.. the username should be there if it was an authentication request
and not just an unauthenticated request. Verifying. Yes it is. Failed
logins indicate the user name. Request without any login information
don't..
Regards
Henrik
This archive was generated by hypermail pre-2.1.9 : Thu Jun 01 2006 - 12:00:02 MDT