Intrusion Prevention
MS.OWA.Brute.Force
Description
This indicates an attempt to perform a Brute Force attack against a Microsoft Outlook Web App server.
The attack consists of multiple requests intended to conduct a brute force login or to confirm the existence of usernames, launched at a rate of about 15 times in 1 seconds.
Affected Products
Microsoft Outlook Web App 2003 server
Microsoft Outlook Web App 2007 server
Microsoft Outlook Web App 2010 server
Microsoft Outlook Web App 2013 server
Impact
Impact of a successful attack could vary, with the worse case being a system compromise.
Recommended Actions
Adjust the threshold according to your network.
Monitor the traffic from that network for any suspicious activity.