[Samba] check accounts for known bad passwords

L.P.H. van Belle belle at bazuin.nl
Thu Jul 20 14:19:07 UTC 2017

Hai M-J. 

Still under attack..,, 

A better thing maybe if possible for you.. 
Restrict imap/pop ports to only allow ips from netherlands through your firewall. 

Now, if they are comming from within you own country, which makes it much more easy for legal steps. 

Do you have one attacker ip for me, i'll do some checks. 

And i found this: 
Just dont know if that wil work for you, you have to try it out. 



> -----Oorspronkelijk bericht-----
> Van: samba [mailto:samba-bounces at lists.samba.org] Namens mj via samba
> Verzonden: donderdag 20 juli 2017 15:52
> Aan: samba
> Onderwerp: [Samba] check accounts for known bad passwords
> Hi,
> Des anyone know if a script of some sort or way to check my 
> samba accounts for known bad passwords, such as "123321", 
> "1q2w3e", and such?
> We are currently the target by a botnet, trying out those 
> easy passwords on our imap server. While many (all?) of our 
> users have good complex paswords, I am not 100% sure about 
> *all* of them. If possible I'd like to disable their 
> accounts, in the case of such bad passwords.
> It would be good if such a snippet would bypass the 
> bad_password_count policies, etc, so that I could scan 
> accounts without them becoming locked due to too many failed 
> passwords.
> Anyone with an idea how to do this?
> MJ
> --
> To unsubscribe from this list go to the following URL and read the
> instructions:  https://lists.samba.org/mailman/options/samba

More information about the samba mailing list