Skip to main content
All CollectionsVulnerability Management
Accounts blocked by bruteforce
Accounts blocked by bruteforce

Did your account get blocked by a bruteforce scan?

Updated over 10 months ago

Our Network Vulnerability Scanner scans your network for vulnerabilities. It will also scan for standard, weak or common password on your devices and servers. This way you can improve your security and prevent hackers from getting inside by using default credentials.

However, a bruteforce scan has a downside. Your servers, your Domain Controller or ESXi host for example, can block the account because of failed bruteforce login attempts. ESXi uses the username root as default admin account. If you are using the root user to manage your ESXi host, it may get blocked by a bruteforce scan.

Solutions

1. Create other user

Hackers will try to login to the default user. Create a new user with a personal username to manage your hosts. This way it will not get blocked by the bruteforce scan and hackers will have a harder time to guess the right credentials.

2. Authenticated scan

An authenticated scan uses real credentials to login into your servers and gather more information and vulnerabilities. When using the authenticated scan, no bruteforce scan will be executed.

3. Exclude host

If you can't create a new user or execute an authenticated scan, you can fallback to excluding the host from the scan. This way the account won't get blocked, but you can't detect any vulnerabilities on this host. Notice: behaviour can vary in clusters or domain setups. Bruteforces on Windows servers can get your account blocked on domain-level, depending on the configuration.

Did this answer your question?