Custom Query (8054 matches)
Results (361 - 363 of 8054)
|#12137||rejected||Windows Server 2008|
I am trying to install Filezila_pro_126.96.36.199_win64-setup.exe in a Windows Server 2008 64bit but the installer do not start, none, do not work. What happen?
|#11160||wontfix||Autoban failed attempts counter not using 1-hour sliding window as expected|
Let's start with the example.
I have enabled autoban so it bans an IP after 15 failed attempts within 1 hour; a ban lasts for 1 hour. There is this client (single IP) regularly connecting to the server about once every half hour to check for files to download; they use 4 different accounts.
Recently, one of the accounts being used was deleted, but the other side didn't get around to turning off their checks for that account. So every half hour or so, there are 3 successful logins and 1 failed login.
The problem (besides the obvious: that they need to stop using the deleted account) is that every 7.5 hours, their IP gets banned for an hour, blocking the other 3 accounts.
So instead of getting banned if an IP fails 15 times in an hour, they eventually get banned if they fail at all within a consecutive set of "ban for" timespans. Or, with an alternate scenario, if the settings were to ban after 10 failed attempts and they get banned for 999 hours, an IP that had 10 failed login attempts in under ~41 days would get autobanned (for ~41 days).
(Tangent/Off-topic: No, I'm not implicitly asking that the autoban counter get reset with a successful login attempt.)
What I saw in the FileZilla Server logs
Here's a paraphrasing of a log from the other day; I'm not omitting any failed attempts for the sequence: ... 7:27 AM - 421 Temporarily banned for too many failed login attempts 8:57 AM - 530 Login or password incorrect! 9:27 AM - 530 Login or password incorrect! 9:57 AM - 530 Login or password incorrect! 10:27 AM - 530 Login or password incorrect! 10:57 AM - 530 Login or password incorrect! 11:27 AM - 530 Login or password incorrect! 11:57 AM - 530 Login or password incorrect! 12:27 AM - 530 Login or password incorrect! 12:57 AM - 530 Login or password incorrect! 13:27 AM - 530 Login or password incorrect! 13:57 AM - 530 Login or password incorrect! 14:27 AM - 530 Login or password incorrect! 14:57 AM - 530 Login or password incorrect! 15:27 AM - 530 Login or password incorrect! 15:57 AM - 421 Temporarily banned for too many failed login attempts ...
In RegisterAttempt(), when an IP is already in the list, it simply increments the count and resets the timestamp (assuming the max hasn't been reached yet). And down in PurgeOutdated() it only checks that the latest timestamp is within the configured number of hours to ban in order to keep it from being purged. Which means there's no way the code could be doing what the UI promises.
On a tangent, considering the changes to the file over the past decade, this could possibly be the same issue vaguely described in ticket #1369, but I really can't tell since there's not enough information in the description. Though considering the description in #4203, that person's walking a tight-rope. :)
|#11867||fixed||Timeout on directory listing following update to 3.41.0|
I updated the FileZilla client to 3.41.0 this morning and am experiencing an issue during the directory retrieval process on 1 particular server. I regularly connect to about 12 different FTP servers on a daily basis and this is the only one giving me any issue.
Because of the sensitivity of information, I have obfuscated the host name, IP, username, and password in this public post. Happy to PM it to a tech for analysis if needed.
Status: Resolving address of ftp1.thehostname.com Status: Connecting to #.#.#.#:21... Status: Connection established, waiting for welcome message... Response: 220 TheRDNS.hostname.us Command: AUTH TLS Response: 500 AUTH not understood Command: AUTH SSL Response: 500 AUTH not understood Status: Insecure server, it does not support FTP over TLS. Command: USER * Response: 331 Password required for * Command: PASS Response: 230 User * logged in Status: Server does not support non-ASCII characters. Status: Logged in Status: Retrieving directory listing of "/ZZZ Mr Master/CDN Files delivered"... Command: CWD /ZZZ Mr Master/CDN Files delivered Response: 250 CWD command successful Command: TYPE I Response: 200 Type set to I Command: PASV Response: 227 Entering Passive Mode. (#,#,#,#,68,229) Command: MLSD Response: 150 Opening ASCII mode data connection for MLSD Error: Connection timed out after 20 seconds of inactivity Error: Failed to retrieve directory listing
I have tried removing the remote directory that I am specifying in the site manager to land into, have tried forcing passive and active mode rather than auto-detect, have tried forcing UTF-8 instead of auto-detect, have tried checking bypass proxy, and have tried ALL available server types rather than auto-detect.
So far nothing has worked.
I can confirm that if I connect to this site from the command prompt ftp in windows 10 I am able to successfully connect and retrieve a directory listing.
I have inquired from the host as to what OS, FTP server, and version they are running to try to get more information. I'll update this ticket as I get more info.
I am certainly not alone as another user entered the IRC channel a little while ago with the identical issue, but he left before I was able to ask any questions.