Proftpd Security

[DRKT]

Hi!

Is this possible to block a IP which scan user : pass of proftpd?

Example: after 200 bad login

I have more than 120 000 requests

Thanks

 

[xemaps]

You can change port 21 to another

 

[Pascal]

You can change port 21 to another

That's a workarround not a solution. I don't want to tell customers that FTP is running on a differten port

 

[Rich-Boy]

What OS are you using?

If it's freeBSD you could take a look at /etc/hosts.allow
there might be something simmilar if you are using a different OS.

 

[toml]

Why not block him with your firewall.

 

[DamnSkippy]

Agreed this is what a firewall and BFD is for. Do you have a firewall running?

 

[DRKT]

i use RedHat and block what with firewall ?

it is not possible to stops a hacker automatically if it scan the user and passwords with firewall... ??

Serv-U (Windows) has an option to stop the scan after "X" bad login....

 

[toml]

BFD (Brute Force Defender) is a program that scans for brute force attempts and creates an iptables rule to block that offender.