4. Logs for Addresses Using and Interface?

Logs for Addresses Using and Interface?

  • J

    Hi all - I'm sorry if this question is either painful or done to death; I'm a bit green/n00bly when it comes to all this.

    Have a (inherited I should say) pfsense firewall, which passes traffic to a Varnish web cache server, which serves our website.

    Recently we've been getting some password brute-force attempts at the website itself, and I'd like to know the IP address they originate from so I can block it.

    Is this easily enough determined this from pfsense somehow?

    Thanks for any and all replies!

    :)

    0

  • @JRA:

    Recently we've been getting some password brute-force attempts at the website itself, and I'd like to know the IP address they originate from so I can block it.

    Ask the 'varnish' admin, or even better : the web server admin. These have extended logs (normally) and they will show you the IP of the offending clients.
    If you use the "good old web server setup" then blocking becomes easily.

    0
Log in to reply
 

Products

Services

Support

News

Resources

Company

Our Mission

We provide leading-edge network security at a fair price - regardless of organizational size or network sophistication. We believe that an open-source security model offers disruptive pricing along with the agility required to quickly address emerging threats.

Subscribe to our Newsletter

Product information, software announcements, and special offers. See our newsletter archive for past announcements.

© Copyright 2002 - 2019 Rubicon Communications, LLC | Privacy Policy