how to fight concurrent connection DOS attack to FreeBSD ftpd?

Quan Qiu jackqq at
Sat Nov 24 08:04:56 PST 2007

On Nov 24, 2007 10:34 PM, Zhang Weiwu <zhangweiwu at> wrote:
> I run a ftp site which is being attacked by someone who issue some 1000
> concurrent connection for downloading as anonymous. How can I fight back?

> If ftpd.conf is not the right manual page to read, can you suggest which
> configuration manual to read to fight back this attack? Thanks in advance!

Try wrapping your ftpd using inetd. There are some limits to max child
processes and max connections per ip in inetd.conf(5). An example for

ftp     stream  tcp     nowait/50/10
        root    /usr/local/libexec/vsftpd       vsftpd

Refer to the inetd.conf(5) manpage for more.

裘佺 (QIU Quan) <jackqq at>

More information about the freebsd-questions mailing list