Web lists-archives.com

Re: [Samba] check accounts for known bad passwords




Hi,

Yes it seems we are interesting.

Following your advise, I have just started blocking whole countries, based on info found here:

https://www.iplocation.net/

(started with china, and now also Venezuela, the Korea's Sudan, Indonesie and India.

That seems to help astonishingly good, thanks!

MJ

On 07/20/2017 04:19 PM, L.P.H. van Belle via samba wrote:
Hai M-J.

Still under attack..,,

A better thing maybe if possible for you..
Restrict imap/pop ports to only allow ips from netherlands through your firewall.

Now, if they are comming from within you own country, which makes it much more easy for legal steps.

Do you have one attacker ip for me, i'll do some checks.

And i found this:
https://www.mylinuxplace.com/samba-password-complexity-check/
Just dont know if that wil work for you, you have to try it out.


Greetz,

Louis


-----Oorspronkelijk bericht-----
Van: samba [mailto:samba-bounces@xxxxxxxxxxxxxxx] Namens mj via samba
Verzonden: donderdag 20 juli 2017 15:52
Aan: samba
Onderwerp: [Samba] check accounts for known bad passwords

Hi,

Des anyone know if a script of some sort or way to check my
samba accounts for known bad passwords, such as "123321",
"1q2w3e", and such?

We are currently the target by a botnet, trying out those
easy passwords on our imap server. While many (all?) of our
users have good complex paswords, I am not 100% sure about
*all* of them. If possible I'd like to disable their
accounts, in the case of such bad passwords.

It would be good if such a snippet would bypass the
bad_password_count policies, etc, so that I could scan
accounts without them becoming locked due to too many failed
passwords.

Anyone with an idea how to do this?

MJ

--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba




--
To unsubscribe from this list go to the following URL and read the
instructions:  https://lists.samba.org/mailman/options/samba