currently, if you have wan admin access turned on (a bad idea, but some people do it), and someone starts beating on your door, after five attempts it starts responding with “login suspended”.
The problem is that if this is on the cellular, and someone is trying a brute force attack you can use a lot of data. Someone else here just had 44G in one day.
On a related topic - this traffic still does not show in the pepwave stats. i.e. the pepwave reports on trafic it allowed in and out, not on traffic it blocked.
But the real issue here is that instead of responding at all with “login suspended” the pepwave should black hole the traffic while suspended, and this should be a reportable event.
5 Likes