[CentOS] First SSH now VSFTP

Mon Apr 10 13:32:47 UTC 2006
ankush grover <ankushcentos at gmail.com>

On 4/10/06, John Hinton <webmaster at ew3d.com> wrote:
> Seems the script kiddies are now hitting vsftp with dictionary attacks.
> I had three boxes showing around 12000 attempts from one IP yesterday.
> My thoughts are that there should be an upstream solution for this which
> is then supported by the upstream vendor. Yes, I know there are several
> 'other' solutions, but I'd really like to stay mainstream and use a
> supported method for dealing with these issues. I can't help but view
> them as security issues.
> hey,

You can set max_clients and max_per_ip

that means only these no.of clients(max_clients) can connect at a time and
only  these no. of sessions per  ipaddress(max_per_ip).

This may help in reducing the no.of attacks.


Ankush Grover
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20060410/e07a6c23/attachment-0005.html>