From owner-freebsd-questions@FreeBSD.ORG  Fri Jan 26 18:52:18 2007
Return-Path: <owner-freebsd-questions@FreeBSD.ORG>
X-Original-To: questions@freebsd.org
Delivered-To: freebsd-questions@FreeBSD.ORG
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id E15E516A404
	for <questions@freebsd.org>; Fri, 26 Jan 2007 18:52:18 +0000 (UTC)
	(envelope-from david+dated+1170267615.a090fc@skytracker.ca)
Received: from 3s1.com (3s1.com [209.161.205.12])
	by mx1.freebsd.org (Postfix) with ESMTP id 9D2B913C458
	for <questions@freebsd.org>; Fri, 26 Jan 2007 18:52:18 +0000 (UTC)
	(envelope-from david+dated+1170267615.a090fc@skytracker.ca)
Received: from 3s1.com (localhost [127.0.0.1])
	by 3s1.com (8.13.6/8.13.6) with ESMTP id l0QIKFsD010977
	for <questions@freebsd.org>; Fri, 26 Jan 2007 13:20:15 -0500 (EST)
	(envelope-from david+dated+1170267615.a090fc@skytracker.ca)
Received: (from david@localhost)
	by 3s1.com (8.13.6/8.13.6/Submit) id l0QIKFoQ010976
	for questions@freebsd.org; Fri, 26 Jan 2007 13:20:15 -0500 (EST)
	(envelope-from david+dated+1170267615.a090fc@skytracker.ca)
X-Authentication-Warning: 3s1.com: david set sender to
	david+dated+1170267615.a090fc@skytracker.ca using -f
Received: by 3s1.com (tmda-sendmail, from uid 1000);
	Fri, 26 Jan 2007 13:20:15 -0500
Date: Fri, 26 Jan 2007 13:20:14 -0500
To: questions@freebsd.org
Message-ID: <20070126182013.GA10551@skytracker.ca>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.4.2.1i
X-Delivery-Agent: TMDA/1.1.5 (Fettercairn)
From: David Banning <david+dated+1170267615.a090fc@skytracker.ca>
X-Virus-Scanned: ClamAV version 0.88.7, clamav-milter version 0.88.7 on 3s1.com
X-Virus-Status: Clean
Cc: 
Subject: thwarting repeated login attempts
X-BeenThere: freebsd-questions@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: User questions <freebsd-questions.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-questions>
List-Post: <mailto:freebsd-questions@freebsd.org>
List-Help: <mailto:freebsd-questions-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-questions>, 
	<mailto:freebsd-questions-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 26 Jan 2007 18:52:19 -0000

I have installed denyhosts from the ports to stop ssh attacks, but
I have discovered a vulnerability, that is new to me. Denyhosts
does not seem to notice FTP login attempts, so the cracker can
attempt to login via FTP, 1000's of times until he finds a
login/password combination.
   
Once he has a login/password combo, he can simple login via ssh,
(provided that user has a shell account).
   
Is there anyway to block multiple FTP login attempts?