Softex Hosting and Email Services

12 Nov 2014, 13:46

Understanding what is Brute Force Protection with Softex !!

Untitled

Greetings,
A Common practice for Hackers looking to hack into different organizations websites and email accounts is about using a systematic try and error approach to try and figure out (Guess) the user password. In such scenarios, the hacker writes a small application that start trying different characters for the password. for example if the hacker wants to hack the email: someone@gmail.com , it will start trying to log into the mentioned email and try the following password : "aaaa" , "aaab", "aaac" , "aaad" and then "baaa" , "baab", "baac" , etc.

through this approach which is called "Brute force attack" , the hacker eventually will take a long time but will be able to break through and find the right password for such email. The question is how do we at "Softex" Helps our customers from such types of attacks. In face we have a brute Force Protection mechanism on all of our servers that work as following :
When anybody is logging on Softex Server with more than 25 wrong passwords from the Same IP within a short time, Our Servers automatically blocks this IP for 30 minutes. during this 30 minutes if the hacker keeps trying and guessed the password correctly , the system will not let him in. If he still tries wrong passwords, Softex Servers will automatically block him with more penalties (another 30 minutes with each 20 wrong passwords he tries).

This is how we protect our customers against Brute Force Attacks , but sometimes such mechanism fires back at us , how is this possible ??? we will let you know how below 

imaging that a company having 10 computers having different email boxes on the same domain hosted with Softex, since they are all working on the same office Network , they are all sharing the Same IP while accessing the internet and their emails accounts. Imagine that one of these users had his email password changed for some reason but he did not know about it , he will keep trying to log into his email with the wrong credentials via Outlook for more than 25 times before calling the IT Guy. Our Brute Force Protection mechanism will kick in and will block this IP since it is seen as potential threat, at this point all of the users in the same company (Sharing the same office IP) will suddenly stop working and all of them will get wrong email passwords message.

This can be diagnosed and solved easily by any of the following means:

1. First of all you must make sure your company is facing a Brute force Issue, best way to test is try to access your email box via Mobile Connection (You must not use the Office WIFI network since it is already black list), you need to test your email box access with another 3G internet connection. if it works , then you have fallen in a brute force connection.

2. The good thing about Brute force connection is that if you changed your network IP , everybody will work back without problems , so you can try restarting your internet Modem (Router) to make sure your network takes a new outside IP Range and then the server will let you in with the new IP without problems.

3. If step #2 did not work well, you can either choose to call us via phone and advise us about the situation , once you advised us , within 30 minutes our Server admins will log into the server and force clearing of the Brute force and make your IP History Clean , once done, everything should be working back normally.



But Beware :
if you have still having the same issue of one of your team trying to log in with wrong credentials to his email box, he might get you blocked again within a few minutes. So you need to make sure everybody is using their latest email passwords, if you do not know them , you can ask us to change the passwords for the Email boxes you need and we will do it for you. Thus making sure you are accessing your email boxes without problems.


For More information about Softex Hosting plans, please make sure to check our website :
http://www.softexsw.com/en/hosting-services

in Case you need support or needs to ask us about any information regarding Similar situations, please find our contact details below:
http://www.softexsw.com/en/contact


Below a Small screenshot about how our System manages and Tracks the failed Login attempts (just to make sure we are protecting you at the best of our abilities)

Enjoy the view