Unable to block the ip who is trying to brute force #20166
sandraimmaculate
started this conversation in
General
Replies: 2 comments
-
what O/S is the machine being brute forced? |
Beta Was this translation helpful? Give feedback.
0 replies
-
Ubuntu
…On Wed, Dec 6, 2023, 1:13 AM sellarsj ***@***.***> wrote:
what O/S is the machine being brute forced?
—
Reply to this email directly, view it on GitHub
<#20166 (comment)>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/BBQQ5XWXKLILBL46A44N7Q3YH52PVAVCNFSM6AAAAAA7FWYM36VHI2DSMVQWIX3LMV43SRDJONRXK43TNFXW4Q3PNVWWK3TUHM3TONRYGM3DS>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Hi, https://documentation.wazuh.com/current/user-manual/capabilities/active-response/ar-use-cases/blocking-ssh-brute-force.html i followed correctly what is mentioned there is the official documentation but even though the attacker ip is not getting blocked. i have created a custom rule also for that
and added the rule id in ossec.conf file
Even though the IP address is not blocked,
Is there any extra configuration we have to do?
So please reply! and help me to solve this!
Beta Was this translation helpful? Give feedback.
All reactions