thwarting repeated login attempts

David Banning david at
Fri Jan 26 22:52:18 UTC 2007

> > I have installed denyhosts from the ports to stop ssh attacks, but
> > I have discovered a vulnerability, that is new to me. Denyhosts
> > does not seem to notice FTP login attempts, so the cracker can
> > attempt to login via FTP, 1000's of times until he finds a
> > login/password combination.
> We refuse to run ftp because it's nearly impossible to secure.

so that's what I have decided - and went with sftp exclusively.
thanks -

More information about the freebsd-questions mailing list