Comments

• Your close as stated above don't want to give the answer out loud incase of wondering eyes. The test I tried yesterday up to this point has stopped all attempts because of "domain" visibility that is the key. If you go through your SMA you will figuer it out. I can't say they aren't trying they just aren't getting any…

  in Is anyone getting hammered by password spray attacks recently? Comment by mwatson536 April 7
• Thanks for the info I was able to decipher what you were talking about at least with the domains. Testing now. Cheers

  in Is anyone getting hammered by password spray attacks recently? Comment by mwatson536 April 6
• So you worked out a way to slow or stop these on the fly? Would love to know how without having to take the time to deal with support as I am a 1 man show here. But I understand you reasoning. Cheers

  in Is anyone getting hammered by password spray attacks recently? Comment by mwatson536 April 3
• Totally agree, it seems like a no brainer to me.

  in Is anyone getting hammered by password spray attacks recently? Comment by mwatson536 March 27
• One saving grace for us is we require 2FA for VPN use so we at least have that extra layer. We are seeing the attacks between midnight and 5AM from what I have gathered from the logs. We do use Geo/IP filters from the NSA which is catching a a lot I also reduced the amount of connections in the firewall rule for the SMA…

  in Is anyone getting hammered by password spray attacks recently? Comment by mwatson536 March 26
• Yes we are seeing a huge amount of invalid user logins on our SMA since last week. They are like 1 every second there has got to be a way to stop this.

  in Is anyone getting hammered by password spray attacks recently? Comment by mwatson536 March 26