1 Reply Latest reply on Jul 10, 2012 11:40 AM by Intruvert

    Brute force Threshold ?

      Hi,

       

      query regarding the Brute Force  threshold,

       

      snort and ips generic rule  has  the threshold for the bruteforce signature is  5 failed loging with 60 Seconds, what i have face the situation that this pattern of threshold is flooding so much of noise,

       

      The question opens to all What will be the threshold for the signature like >>> SSH: SSH Login Bruteforce Detected 

       

       

      Thanks