Date: Fri, 26 Jan 2007 13:20:14 -0500 From: David Banning <david+dated+1170267615.a090fc@skytracker.ca> To: questions@freebsd.org Subject: thwarting repeated login attempts Message-ID: <20070126182013.GA10551@skytracker.ca>
next in thread | raw e-mail | index | archive | help
I have installed denyhosts from the ports to stop ssh attacks, but I have discovered a vulnerability, that is new to me. Denyhosts does not seem to notice FTP login attempts, so the cracker can attempt to login via FTP, 1000's of times until he finds a login/password combination. Once he has a login/password combo, he can simple login via ssh, (provided that user has a shell account). Is there anyway to block multiple FTP login attempts?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070126182013.GA10551>