10 Oct
2008
10 Oct
'08
8:35 p.m.
On Fri, Oct 10, 2008 at 06:02:51PM +0100, Lu�s Miguel Silva wrote:
We are suffering a lot of attacks against our webmail servers and would like to use this to try and trigger an alarm against brute force connections.
syslog-ng is a great program, but it's not a IDS or IPS. try swatch, fail2ban, simple event correlator, snort, or some other program that is designed to work in the event monitor / trigger action space.