Why Brute Force Protection is critical for Hosting Gurus?

02/03/2017

A Common practice for Hackers looking to hack into different organizations websites and email accounts is about using a systematic try and error approach to try and figure out (Guess) the user password. In such scenarios, the hacker writes a small application that start trying different characters for the password. for example if the hacker wants to hack the email: someone@gmail.com , it will start trying to log into the mentioned email and try the following password : "aaaa" , "aaab", "aaac" , "aaad" and then "baaa" , "baab", "baac" , etc.

Through this approach which is called "Brute force attack" , the hacker eventually will take a long time but will be able to break through and find the right password for such email. The question is how do we at "Softex" Helps our customers from such types of attacks. In face we have a brute Force Protection mechanism on all of our servers that work as following :
When anybody is logging on Softex Server with more than 25 wrong passwords from the Same IP within a short time, Our Servers automatically blocks this IP for 30 minutes. during this 30 minutes if the hacker keeps trying and guessed the password correctly , the system will not let him in. If he still tries wrong passwords, Softex Servers will automatically block him with more penalties (another 30 minutes with each 20 wrong passwords he tries).
This is how we protect our customers against Brute Force Attacks , but sometimes such mechanism fires back at us , how is this possible ???

We will let you know how below.

Imagine a company having 10 users having different email boxes on the same domain hosted with Softex, since they are all working on thesameofficeNetwork , they are all sharing the Same IP while accessing the internet and their emails accounts. Imagine that one of these users had his email password changed for some reason but he did notknowaboutit , he will keep trying to log into his email with the wrong credentials via Outlook for more than 25 times before calling the IT Guy. Our Brute Force Protection mechanism will kick in and will block this IP since it isseenaspotential threat, at this point all of the users in the same company (Sharing the same office IP) will suddenly stop working and all of them will get wrong email passwords message.
How we resolve it at Softex and how to resolve it in general is mentioned below since this article is a part of our article published on Softex Software House Web hosting Forums, you can read the full version here

 Finally, We would like you to visit Softex Website
and know more about Market Control Online


للمزيد من المعلومات