Quote:
Originally posted by AnnihilaT
That could be bruteforced just as well. The best thing (and what i do) is to install software that monitors the incoming http requests and if too many requests are made in $x amount of seconds then the ip gets firewalled out.
|
You can set the software to change the proxy after trying 5 user/pass combination. The zip i downloaded has more than 1500 proxies. So, blocking ip would not work.
Quote:
Originally posted by AnnihilaT
The other thing is to monitor your access logs and have software that watches for simultaneous access from different IP's with the same username and then kills that account or notifies you by email or mobile text message.
|
This would work if the cracked password is posted on a website.