https://community.cisco.com/t5/network-security/cisco-asa-ips-vs-bruteforce/m-p/1657444#M56576 <P>Who can help me, I need device that will block bruteforce attack to our webmail servers, 5 wrong password input = block for 10 min, for example.</P><P>Can I use for this Cisco ASA IPS?</P> Sun, 10 Mar 2019 12:25:29 GMT kostyacroc 2019-03-10T12:25:29Z https://community.cisco.com/t5/network-security/cisco-asa-ips-vs-bruteforce/m-p/1657444#M56576 <P>Who can help me, I need device that will block bruteforce attack to our webmail servers, 5 wrong password input = block for 10 min, for example.</P><P>Can I use for this Cisco ASA IPS?</P> Sun, 10 Mar 2019 12:25:29 GMT https://community.cisco.com/t5/network-security/cisco-asa-ips-vs-bruteforce/m-p/1657444#M56576 kostyacroc 2019-03-10T12:25:29Z https://community.cisco.com/t5/network-security/cisco-asa-ips-vs-bruteforce/m-p/1657445#M56577 <HTML><HEAD></HEAD><BODY><P>Depending on how your specific webmail server works, perhaps you could use/tune:</P><P></P><UL><LI>SIG 6256.0 (HTTP Authorization Failure)</LI></UL><P>-or-</P><UL><LI>SIG 20020.0 (HTTP Authentication Brute Force Attempt)</LI></UL><P></P><P>Or, create a custom signature based off of one of the above.</P></BODY></HTML> Fri, 22 Jul 2011 19:32:05 GMT https://community.cisco.com/t5/network-security/cisco-asa-ips-vs-bruteforce/m-p/1657445#M56577 Dustin Ralich 2011-07-22T19:32:05Z