Options/Customize

Using Dynamic Screening, MDaemon can track the behavior of incoming connections to identify suspicious activity and then respond accordingly. You can block an IP address (or range of addresses) from connecting when it fails authentication a specified number times within a specified amount of time. You can also freeze the accounts attempting to authenticate when they fail too many times too quickly. Also, when an IP address is blocked or an account is frozen, it is not permanent. The connecting IP address will be blocked for the number of minutes, hours, or days that you specify, and frozen accounts can be "thawed" automatically after a specified amount of time, or manually by the admin.

System Options

Enable Authentication Failure Tracking

When this option is enabled, the Dynamic Screening service will track authentication failures for the protocols designated on the Protocols tab and perform actions determined by the options on the Auth Failure Tracking tab. This option is enabled by default.

Enable Dynamic Screening Blacklist

This option turns on the Dynamic Screening service's ability to black list IP addresses and ranges. You can manage the blacklist from the Dynamic Blacklist tab. The blacklist option is on by default.

Enable Dynamic Screening Whitelist

This option turns on the Dynamic Screening service's Dynamic Whitelist feature, which you can use whitelist IP addresses and ranges, to exclude them from Dynamic Screening. The whitelist is on by default.

Logging Options

Log level

Dynamic Screening supports six levels of logging, from the highest to lowest amount of data logged:

Debug

This is the most extensive log level. Logs all available entries, and is typically only used when diagnosing a problem.

Info

Moderate logging. Logs general operations, warnings and errors.

Warning

Warnings, errors, critical errors, and startup/shutdown events are logged.

Error

Errors, critical errors, and startup/shutdown events are logged.

Critical

Critical errors and startup/shutdown event are logged.

None

Only startup and shutdown events are logged.

View/Analyze Log File

Click this button to open the Dynamic Screening log file in the MDaemon Advanced Log Viewer.

Log Auth Failure data at startup

This option enables the writing of all authentication failure data that is currently stored by Dynamic Screening to the log file at startup. This is disabled by default.

Log Blacklist data at startup

Enables the writing of all Dynamic Blacklist data that is currently stored to the log file at startup. This is disabled by default.

Log Whitelist data at startup

Enables the writing of all Dynamic Whitelist data that is currently stored to the log file at startup. This is disabled by default.

Log all whitelist hits

This option adds an entry to the Dynamic Screening log each time an inbound connection is from an address that is on the Dynamic Whitelist.

Log all blacklist hits

This option adds an entry to the Dynamic Screening log each time an inbound connection is from an address that is on the Dynamic Blacklist.

Log all trusted IP list hits

This option adds an entry to the Dynamic Screening log each time an inbound connection is from a Trusted IP address.

Log all Location Screen hits

This option adds an entry to the Dynamic Screening log each time an inbound connection is refused due to Location Screening.

Log all failed authentications

This option adds an entry to the Dynamic Screening log each time an inbound connection fails authentication.

Log all successful authentications

Enable this option if you wish to log every incoming authentication attempt that succeeds. This is disabled by default.

Log all connections allowed

Enable this option if you wish to create a log entry for every connection that passes Dynamic Screening and is allowed to proceed. This is disabled by default.

Log all connections refused

This option adds an entry to the log every time an incoming connection is refused by Dynamic Screening.

Log configuration when changes detected

This option adds entries to the log for all Dynamic Screening configurations when changes are detected from external sources (such as manually editing the INI file). Normal changes are logged at the Info level.

Log summary once [Daily | Hourly | Per minute]

Adds to the Dynamic Screening log a summary of Dynamic Screening stats once every day, hour, or minute. By default the summary is logged hourly.

Screening Data Reset Options

Reset all Auth Failure data

Click this checkbox if you wish to clear all Dynamic Screening authentication data. You must then click Apply or OK for the reset to occur.

Reset all Blacklist data

Click this checkbox if you wish to clear all Dynamic Screening Blacklist data. You must then click Apply or OK for the reset to occur.

Reset all Whitelist data

Click this checkbox if you wish to clear all Dynamic Screening Whitelist data. You must then click Apply or OK for the reset to occur.

See: