New Feature: Imunify360 blocks server ports under attack

new-im-feature

We are happy to announce a new feature for Imunify360.

Active Response is an OSSEC feature re-engineered by us to block specific server ports under attack.

This gives us significantly fewer false positives, and improves the detection and blocking of aggressive brute force requests. It's only available for Imunify360 version 4.0, currently in beta and due for release before the end of March 2019.

 To activate Active Response, follow these steps.

1. Edit the configuration file: /etc/sysconfig/imunify360/imunify360.config

2. Add the these lines to it:

OSSEC:
    active_response: true

3. Restart the Imunify360 agent:

service imunify360 restart


That's it. Now, Imunify360 will detect sustained attacks on any ports, blocking only those specifically being targeted. You can read more about in our technical documentation.

If you have any feedback on this or any other features, please This email address is being protected from spambots. You need JavaScript enabled to view it..

[Threat Intelligence Report] Remote Code Execution...
Imunify360 V4.0—New Features Preview
 

Comments

No comments made yet. Be the first to submit a comment
Already Registered? Login Here
Guest
Wednesday, 20 March 2019

Captcha Image