ITDeptAtPCS
asked on
Block FTP brute force attempts
Hi all,
I frequently see brute force attempts at finding usernames in my FTP server logs all of the time. Someone will try to connect to the FTP server from an IP address (usually coming from China) repeatedly, using a dictionary attack of different usernames A through Z.
Does anyone have any ideas on how to block an IP from attempting to connect after 10-15 attempts?
I'd like to be able to do this on the firewall level, as we have a SonicWALL NSA 3500, and this would prevent any unneccassary traffic from entering the network. But if we had to do it on the server level, it's IPswitch WSFTP Server 6.1.
Any ideas?
Thanks!
I frequently see brute force attempts at finding usernames in my FTP server logs all of the time. Someone will try to connect to the FTP server from an IP address (usually coming from China) repeatedly, using a dictionary attack of different usernames A through Z.
Does anyone have any ideas on how to block an IP from attempting to connect after 10-15 attempts?
I'd like to be able to do this on the firewall level, as we have a SonicWALL NSA 3500, and this would prevent any unneccassary traffic from entering the network. But if we had to do it on the server level, it's IPswitch WSFTP Server 6.1.
Any ideas?
Thanks!
You won't be able to do this - its either block it always or allow it
I do not know what you can do on the SonicWall but on a Cisco firewall you can set up an FTP proxy that can shun a client after repeated failed attempts. I would look and see if the FTP proxy is a capability of the Sonic Wall as most vendors seek feature parity.
hope this helps,
-t
hope this helps,
-t
Ahhh.... Cisco - if only :)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hey matey - very long time - no speak :)
Was pretty busy Keith ( a critical project hanging on my head :-) ), also was out on vacation after long while.
Cheers,
Rajesh
Cheers,
Rajesh
ASKER
no longer an issue