I have a configured proftpd and I have to achive that when someone tries to guess the user/pass, after the 5. unsuccessful login, ban for a specified time, and log this kind of activity.
I found some code on ddwrt wiki but it isn't helped me.
Quote:
This command, however, is not very secure as anyone with a port scanner and a password generator can attempt to "guess" your user-name(s) and password(s). The following rules will provide a much safer alternative:
ServerName DD-WRT
DefaultAddress 192.168.1.1
ServerType standalone
DefaultServer on
ScoreboardFile /tmp/proftpd/etc/proftpd.scoreboard
Port 21
Umask 022
MaxInstances 10
MaxLoginAttempts 3
User root
Group root
UseReverseDNS off
IdentLookups off
RootLogin on
AllowOverwrite on
AllowRetrieveRestart on
AllowStoreRestart on
ExtendedLog /mnt/sda1/rolcs/log all
<IfModule mod_ban.c>
BanEngine on
BanLog /mnt/sda1/rolcs/ban.log
BanTable /var/data//proftpd/ban.tab
# If the same client reaches the MaxLoginAttempts limit 2 times
# within 10 minutes, automatically add a ban for that client that
# will expire after one hour.
BanOnEvent MaxLoginAttempts 3/00:10:00 00:03:00
# Allow the FTP admin to manually add/remove bans
BanControlsACLs all allow user ftpadm
</IfModule>
OK. You are right.
I switched 'Limit FTP Server Access' feature.
But nothing changed.
I didn't show any records in firewall log which says ban and I can guessing continuously.
Helpppp