Project

General

Profile

Brute-force security precautions for Tigase

Hamid Alimohammadi
Added over 4 years ago

Hi,

I have a question, I appreciate for any idea.

Provided that there is not any firewall/UTM available in a network; Is there any script or any other tool as IDS or IPS for Brute-force attack against XMPP port 5222?

Thank you in advance.


Replies (4)

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 4 years ago

There are lots of security precautions designed and implemented in the Tigase XMPP Server. All levers and stages of data processing in Tigase are designed with security in mind. Of course number of different possible attacks is huge, so if you need specifics, please give us a more specific question.

Added by Hamid Alimohammadi over 4 years ago

Thank you very much for reply,

Actually, our first concern is Brute-fore attack, to be more specific, we are worried that some one might try to get the Tigase Admin password with Brute-force attack.

As you mentioned security is very broad topic, I thought there might be a few links/scripts focused on XMPP/Tigase server.

Thank you Again,

Avatar?id=6023&size=32x32

Added by Artur Hefczyc TigaseTeam over 4 years ago

Actually, we have very effective protection from admin accounts attacks. What we normally do is, admin accounts are usually created in a separate domain. Then Tigase accepts connections for this domain only on a specified TCP/IP port. Then you can restrict access to this port on your proxy on firewall only for selected range of IPs. This effectively protects your admin accounts.

Added by Hamid Alimohammadi over 4 years ago

Thank you for reply and support.

BR/Hamid A.

    (1-4/4)