Date: Fri, 26 Jan 2007 14:20:14 -0500 From: David Banning <david+dated+1170271216.110843@skytracker.ca> To: Kevin Kinsey <kdk@daleco.biz>, questions@freebsd.org Subject: Re: thwarting repeated login attempts Message-ID: <20070126192012.GA30551@skytracker.ca> In-Reply-To: <45BA516A.7070402@daleco.biz> References: <20070126182013.GA10551@skytracker.ca> <45BA516A.7070402@daleco.biz>
next in thread | previous in thread | raw e-mail | index | archive | help
> >I have discovered a vulnerability, that is new to me. Denyhosts > >does not seem to notice FTP login attempts, so the cracker can > >attempt to login via FTP, 1000's of times until he finds a > >login/password combination. > > > > Pardon the stupid question, but I'm assuming it's necessary that you run > ftpd? We block ftpd at the firewall to any machines outside the LAN. > Anyone who needs FTP access uses a client that's capable of using sftp > instead, and logs in with their SSH credentials. Hmm - interesting - I just -may- be able to disable using ftpd. But I still pose the same question - what do ftp servers do on this? Maybe -not- have ssh login? -or- maybe not have ssh login using the same login/password?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070126192012.GA30551>