thwarting repeated login attempts
David Banning
david+dated+1170267615.a090fc at skytracker.ca
Fri Jan 26 18:52:19 UTC 2007
I have installed denyhosts from the ports to stop ssh attacks, but
I have discovered a vulnerability, that is new to me. Denyhosts
does not seem to notice FTP login attempts, so the cracker can
attempt to login via FTP, 1000's of times until he finds a
login/password combination.
Once he has a login/password combo, he can simple login via ssh,
(provided that user has a shell account).
Is there anyway to block multiple FTP login attempts?
More information about the freebsd-questions
mailing list