February 16, 2014 / by Johan / ids/ips, IT securiy, syspeace / 0 comments
In what scenarios Syspeace is useful for preventing brute force attacks? Do I need it if I’ve only got a Windows workstation? Syspeace is an intrusion prevention software mainly targeted for Windows Servers, SBS Server, RDS TS Servers, RDWeb, Sharepoint Servers, SQL Server, Exchange, Sharepoint, Citrix and so on but it will also run on […]
Read more
Troubleshooting Syspeace
January 16, 2015 / by Johan / brute force, cloud security, ids/ips, syspeace / 0 comments
An interesting support case came to our attention recently. A customer claimed that Syspeace wouldn’t block according to the rules. The bruteforce attacks would continue , even after they should have been blocked. We checked the ususal culprits (verify that the .Net is fully patched, that the customer is running the latest Syspeace version, verify […]
Read more
Troubleshooting Syspeace and why source IP addresses aren’t always resolved by Windowsserver in eventid 4625
January 16, 2015 / by Johan / cloud security, ids/ips, Uncategorized / 0 comments
Syspeace monitors failed logins attempts on Windows systems Sometimes though, the event (Eventid 4625 or eventid 529 and a few other security events we monitor) doesn’t actually contain the source IP address thus leaving Syspeace with nothing to block. If there’s no IP address to block, it can’t be put into to the Windows Frewall […]
Read more
#infosec How to block an ongoing dictionary attack / brute force attack against Windows Servers, #MSexchange and more
October 7, 2014 / by Johan / cloud security, ids/ips, IT securiy, syspeace, windowsserver / 0 comments
How to block an intrusion attack against Windows Servers for free If your server or data center is targeted by a brute force attack a.k.a dictionary attacks , it might be hard to figure out how to quickly make it stop. If the attack is from a single IP address you’d probably block it in […]
Read more
How to battle slowgrind #bruteforce attacks against #msexchange #windows server #remotedesktop #sharepoint with #Syspeace
August 11, 2014 / by Johan / cloud security, ids/ips, syspeace / 0 comments
Syspeace automatically blocks attacks that occur according to the rules. The default rule is that if an intruder fails to login more than 5 times within 30 minutes, the intruders IP address is blocked, tracked and reported for 2 hours and simply is denied any access to the server. A new trend though has emerged […]
Read more
#infosec #cloudsecurity #Syspeace – Host Intrusion Prevention Software on an external #Windowsserver #VPS in the #Cloud #IaaS #PaaS
June 3, 2014 / by Johan / brute force, cloud security, ids/ips, syspeace / 0 comments
Syspeace – Host Intrusion Prevention Software on an external Windows Server VPS in the Cloud There are many variations of IaaS / PaaS / Cloud services. Some are public clouds and some are hybrids and some are private. There’s also the possibility rent an external VPS and use as a server at quite a few […]
Read more
#infosec #cloudsecurity #Syspeace – Host Intrusion Prevention Software on an external #Windowsserver #VPS in the #Cloud #IaaS #PaaS
June 3, 2014 / by Johan / brute force, cloud security, ids/ips, syspeace / 0 comments
Syspeace – Host Intrusion Prevention Software on an external Windows Server VPS in the Cloud There are many variations of IaaS / PaaS / Cloud services. Some are public clouds and some are hybrids and some are private. There’s also the possibility rent an external VPS and use as a server at quite a few […]
Read more
#Infosec When and where is Syspeace useful for intrusion prevention ?
February 16, 2014 / by Johan / ids/ips, IT securiy, syspeace / 0 comments
In what scenarios Syspeace is useful for preventing brute force attacks? Do I need it if I’ve only got a Windows workstation? Syspeace is an intrusion prevention software mainly targeted for Windows Servers, SBS Server, RDS TS Servers, RDWeb, Sharepoint Servers, SQL Server, Exchange, Sharepoint, Citrix and so on but it will also run on […]
Read more
#infosec Securing your #WinServ and #MSExchange with an acceptable baseline security
February 16, 2014 / by Johan / cloud security, infosec, IT securiy, syspeace, windowsserver / 0 comments
Securing your Windows Server with a baseline security In short, to have an acceptable baseline security for any Windows server you need to think all of the things below in this list. Sadly enough, even if you follow all of these steps, you’re still not secured forever and ever. There’s no such thing as absolute […]
Read more
A walkthrough of getting #Syspeace licenses and how it works
November 27, 2013 / by Johan / cloud security, ids/ips, syspeace / 0 comments
Getting #Syspeace licenses and how it works. From time to time we get an email from customers that have bought their Syspeace licenses and they ask for the license key that they expect to get in an email. Here’s a walkthrough of how #Syspeace licensing actually works. First you install a #Syspeace trial, register a […]
Read more
Syspeace for internal brute force protection on Windows Servers
September 25, 2013 / by Johan / brute force, cloud security, ids/ips, infosec, windowsserver / 0 comments
After installing Syspeace , the tech guys started getting notifications that their Exchange Server was trying to login to another server and it was rejected. There was no reason for this server to do so whatsoever and it had not been noticed earlier so it’s hard to say when it actually started. After disabling the […]
Read more