#infosec Do bruteforce attacks really exist ?

The other day I sat down and just looked at various statistics on how the visitors ended up here in terms of referrers and keyword searches and one of the terms was “do bruteforce attacks really exist ?”.

This made me smile.

Syspeace has so far blocked over 2.77 Million bruteforce attacks against #windowsserver #msexhange #Sharepoint #remotedesktop #Citrix and #SQLServer worldwide so I dare say they really do exist and they’re very common.

We’ve also published a 30 day list of the most commonly attacked and attacking countries as reported by Syspeace installations around the world. It might be interesting read for you and it can be found here, Syspeace worldwide security staus center.

One of the features of Syspeace is for instance the Syspeace Global Blacklist that is distributed automatically to all Syspeace installations.
If an attacker has been deemed to have attacked X number of different Syspeace customers and Y number of times, it will be automatically put in the GBL and distributed to all other Syspeace installations, making them preemtively blocking the attacking IP address from ANY communicating with their servers that have Syspeace installed.

Any #Cloud service provider or any #outsourcing or #service provider or also any IT techs at a company knows there are hundreds and thousands of intrusion attacks every month but historically these attacks, also called dictionar attacks , have been very hard to deal with so in essence, they’ve given up. Some providers or companies actually don’t even bother turning on logging on the servers, simply turning a blind eye to the actual problem. From an operational point of view, security point of view and from the customers point of view this is of course not acceptable.

There are some previous posts on why it’s been so difficult on this blog for instance this one, Why firewalls, vpns, account lockout policies  and other bruteforce prevention methods aren’t enough.

After we launched Syspeace , service providers, Cloud providers and companies have been given a new, cost efficient, easy to set up and easy to use countermeasure against hacking attempts.

No need to change your infrastructure, hire costly consultants and launch a big, costly project.
Simply download Syspeace trial , install it in a minute and your #remotedesktop #msexhange #Sharepoint #windowsserver is protected.
It couldn’t be easier and frankly, it should be the part of any #Windowsserver Baseline security just as you’ve got antivirus, backups, patch management in place.

Enable logging on your Windows server as described in the Syspeace manual and see for yourself if you’re targeted. You might be surprised.

By Juha Jurvanen – Senior IT Consultant @ JufCorp


Syspeace - intrusion prevention for Windows servers