Brute Force Attack on pure-ftpd1

[Gummy]

I have a VPS with directadmin installed.
After installing directadmin, I got a lot of SSH brute force attacks (10000+).
So I found a tutorial to use SSH keys instead of password.
All the brute force attacks stopped... until today.
I received the first brute force attack notification since I disabled SSH passwords.



So I don't understand what is pure-ftpd1? I thought that disabling SSH passwords would prevent all brute force attacks? How can I prevent brute force attacks on pure-ftpd1?

 

[Richard G]

So I don't understand what is pure-ftpd

I don't know what the 1 is doing behind it, but pure-ftpd is the FTP daemon. Disabling SSH passwords is only for SSH, you also have for example mail servers and FTP server which are also always being attacked.
I suggest to run the SSH daemon on another port too, which will cause way less attacks at SSH.

However, for FTP and SSH that is not a real solution. Attacks are something always happend.

But do you have CSF/LFD firewall installed? If not, do. Because 769 failed logins from 1 ip? With CSF/LFD this ip would have been blocked already way before it could reach that many attacks.