Donkichot Posted February 1, 2012 Posted February 1, 2012 Is there a way to make notification or rule for notification when our ftp server is under attack with user trying many username and passwords ?
Marius Posted February 2, 2012 Posted February 2, 2012 How would you detect that? Is there an event log entry written each time there's a failed login? If so, the event log watch could help but it will send a notification first time only. The best way is to write a client plugin for it.
Administrators Paul Posted February 2, 2012 Administrators Posted February 2, 2012 Most FTP servers have anti hammering technology which automatically filters the client's IP Address in case he types wrong account details too many times in a short time period. As Marius said the best way would be a plugin that implements your FTP Server's public API (if it has) or you could monitor the events, or you can make a plugin that reads the text from a log file and sends you a plugin if something matches your query. The PC Monitor client API has endless possibilities, you only need to find the most appropriate way to approach your problem.
Donkichot Posted February 2, 2012 Author Posted February 2, 2012 Ok thanks but I dont know how to make plugin so I filter out all ip with « * » and then give access to all my clients ip... Pros: very secure. Cons: it force me to change ip when client ip is changed...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now