Help
Technical Forum
Ask questions. Discover Answers.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Technical Forum Quicklinks: No Replies | Active-Not Solved | Recent Solutions
Custom Alert Banner

F5 AppWorld 2024 session proposal deadline extended to Friday, December 8th!

Brute force Outlook mail

Sanal_Babu
Nimbostratus
Nimbostratus

‎20-Mar-2019 13:12

We have brute force enabled for exchange login url and few users who has multiple mail accounts configured in single device are getting blocked with "Brute Force: Maximum login attempts are exceeded ". As per my understanding ASM Brute force is only looking for failed login attempts against the configured URL. But user account is valid and using right credentials. How F5 is tracking it as failed logins?

 

BF settings

 

Detection Period 60 Minutes Maximum Prevention Duration 60 Minutes Username Trigger: After 10 failed login attempts Action: Alarm and Captcha

 

User who have 3 mail boxes configured in a single device is having trouble since the connection initiating from a single IP address.

 

Any thoughts ?

 

Labels:
0 Kudos
1 REPLY 1

yuova
Nimbostratus
Nimbostratus

‎26-Jan-2023 02:26

hello ,

can you please share the configuration it doesn't work to me for owa .

i put the authentication login as " [ HTTPS] POST /owa/auth.owa "

0 Kudos
Copyright © 2023 Khoros, LLC