Intrusion Prevention

LDAP.Login.Brute.Force

Description

This indicates multiple LDAP logon attempts occurring within a short period of time.
This may indicate that an attacker is attempting a brute force attack on a LDAP system (about 500 times in 5 seconds).

Affected Products

All LDAP servers

Impact

Impact of a successful attack could vary, with the worse case being a system compromise.

Recommended Actions

Adjust the threshold to your network.
Monitor the traffic from that network for any suspicious activity.