IDS settings for Rules
Question asked by Martin Schaible - 8/6/2021 at 4:30 AM

I  like to overhaul my IDS Rules. After analyzing the logs, the are not so effective as i thought.
Like any other mail server, also the SMTP login attacks are the most seen attack. A lot of attackers are not in a hurry, they try to login easy and relaxed every 90 or 120 seconds to avoid waking up the IDS.

How are your settings for eg. SMTP for "Denial of Service" and "Password Brute Force"?


Reply to Thread