Posted February 1, 201213 yr Is there a way to make notification or rule for notification when our ftp server is under attack with user trying many username and passwords ?
February 2, 201213 yr How would you detect that? Is there an event log entry written each time there's a failed login? If so, the event log watch could help but it will send a notification first time only. The best way is to write a client plugin for it.
February 2, 201213 yr Administrators Most FTP servers have anti hammering technology which automatically filters the client's IP Address in case he types wrong account details too many times in a short time period. As Marius said the best way would be a plugin that implements your FTP Server's public API (if it has) or you could monitor the events, or you can make a plugin that reads the text from a log file and sends you a plugin if something matches your query. The PC Monitor client API has endless possibilities, you only need to find the most appropriate way to approach your problem.
February 2, 201213 yr Author Ok thanks but I dont know how to make plugin so I filter out all ip with « * » and then give access to all my clients ip... Pros: very secure. Cons: it force me to change ip when client ip is changed...
_a9c1b4.png){kind=logo}
_49ee3f.png){kind=logo}
Create an account or sign in to comment