Hi guys,
I want to use DI to prevent brute-force attack on http and https. but according to this documentation:
http://www.juniper.net/techpubs/software/screenos/screenos6.2.0/ce_v4.pdf (page 152)
HTTPS is not supported. Is there a workaround for this?
My output of get attack HIGH:HTTP:ANOM is showing me:
device-> get attack HIGH:HTTP:ANOM
GROUP "HIGH:HTTP:ANOM" is pre-defined. It has the following members
ID Name Type Defined
1050287 HTTP:OVERFLOW:HEADER anomaly pre-defined
1050289 HTTP:OVERFLOW:INV-CHUNK-LEN anomaly pre-defined
1050290 HTTP:OVERFLOW:CHUNK-OVERFLOW anomaly pre-defined
1050291 HTTP:OVERFLOW:CONTENT-OVERFLOW anomaly pre-defined
1050292 HTTP:OVERFLOW:URL-OVERFLOW anomaly pre-defined
1050250 HTTP:INVALID:INVLD-AUTH-CHAR anomaly pre-defined
1050251 HTTP:INVALID:INVLD-AUTH-LEN anomaly pre-defined
1053971 HTTP:EXPLOIT:BRUTE-SEARCH anomaly pre-defined
So i dont see TTP:EXPLOIT:BRUTE-FORCE as i see in page ( 152)
I assume HTTP:EXPLOIT:BRUTE-SEARCH is not the same as (HTTP Brute Force Login Attemp) failed_logins/ HTTP:EXPLOIT:BRUTE-FORCE
Will this work?
Thx in advance