POP3 Brute-Force Protection
POP3 Protection Overview
RdpGuard protects your POP3 server from brute-force attacks.
It works with POP3 ports or logs on your server to detect and blocks attacker's IP addresses when the number of failed login attempts from the single IP address reaches a set limit.
Check the instructions below to learn how to enable and configure POP3 protection.
To Enable and Configure POP3 Protection
Start RdpGuard Dashboard and click on the link next to POP3
POP3 Protection Link in RdpGuard Dashboard
POP3 Settings dialog will open:
POP3 Detection Engine Settings
Monitoring method for POP3 protocol
The following monitoring methods are supported for POP3 protocol:
- Traffic based monitoring
- Log based monitoring
Traffic based monitoring works with any POP3 servers, SSL/TLS connections are not supported.
Log based monitoring works with particular POP3 server's logs. SSL/TLS connections are supported.
Traffic based monitoring
The following traffic based monitoring methods are supported
- Raw Sockets - Does not work on Windows Server 2008 or with firewalls.
- WinPcap - Works on all Windows Editions, WinPcap must be installed.
You may specify multiple comma-separated ports for POP3 traffic monitoring.
Log based monitoring
Log based POP3 Monitoring
The following POP3 servers are supported for now:
- Kerio Connect
Log files directory
Specify log files directory used by selected POP3 server.