Custom Query (8170 matches)


Show under each result:

Results (379 - 381 of 8170)

Ticket Resolution Summary Owner Reporter
#11160 wontfix Autoban failed attempts counter not using 1-hour sliding window as expected Granger

Let's start with the example.

I have enabled autoban so it bans an IP after 15 failed attempts within 1 hour; a ban lasts for 1 hour. There is this client (single IP) regularly connecting to the server about once every half hour to check for files to download; they use 4 different accounts.

Recently, one of the accounts being used was deleted, but the other side didn't get around to turning off their checks for that account. So every half hour or so, there are 3 successful logins and 1 failed login.

The problem (besides the obvious: that they need to stop using the deleted account) is that every 7.5 hours, their IP gets banned for an hour, blocking the other 3 accounts.

So instead of getting banned if an IP fails 15 times in an hour, they eventually get banned if they fail at all within a consecutive set of "ban for" timespans. Or, with an alternate scenario, if the settings were to ban after 10 failed attempts and they get banned for 999 hours, an IP that had 10 failed login attempts in under ~41 days would get autobanned (for ~41 days).

(Tangent/Off-topic: No, I'm not implicitly asking that the autoban counter get reset with a successful login attempt.)

What I saw in the FileZilla Server logs

Here's a paraphrasing of a log from the other day; I'm not omitting any failed attempts for the sequence: ... 7:27 AM - 421 Temporarily banned for too many failed login attempts 8:57 AM - 530 Login or password incorrect! 9:27 AM - 530 Login or password incorrect! 9:57 AM - 530 Login or password incorrect! 10:27 AM - 530 Login or password incorrect! 10:57 AM - 530 Login or password incorrect! 11:27 AM - 530 Login or password incorrect! 11:57 AM - 530 Login or password incorrect! 12:27 AM - 530 Login or password incorrect! 12:57 AM - 530 Login or password incorrect! 13:27 AM - 530 Login or password incorrect! 13:57 AM - 530 Login or password incorrect! 14:27 AM - 530 Login or password incorrect! 14:57 AM - 530 Login or password incorrect! 15:27 AM - 530 Login or password incorrect! 15:57 AM - 421 Temporarily banned for too many failed login attempts ...

autobanmanager.cpp (r7278)

In RegisterAttempt(), when an IP is already in the list, it simply increments the count and resets the timestamp (assuming the max hasn't been reached yet). And down in PurgeOutdated() it only checks that the latest timestamp is within the configured number of hours to ban in order to keep it from being purged. Which means there's no way the code could be doing what the UI promises.

On a tangent, considering the changes to the file over the past decade, this could possibly be the same issue vaguely described in ticket #1369, but I really can't tell since there's not enough information in the description. Though considering the description in #4203, that person's walking a tight-rope. :)

#11867 fixed Timeout on directory listing following update to 3.41.0 Trent

I updated the FileZilla client to 3.41.0 this morning and am experiencing an issue during the directory retrieval process on 1 particular server. I regularly connect to about 12 different FTP servers on a daily basis and this is the only one giving me any issue.

Because of the sensitivity of information, I have obfuscated the host name, IP, username, and password in this public post. Happy to PM it to a tech for analysis if needed.

Status: Resolving address of Status: Connecting to #.#.#.#:21... Status: Connection established, waiting for welcome message... Response: 220 Command: AUTH TLS Response: 500 AUTH not understood Command: AUTH SSL Response: 500 AUTH not understood Status: Insecure server, it does not support FTP over TLS. Command: USER * Response: 331 Password required for * Command: PASS Response: 230 User * logged in Status: Server does not support non-ASCII characters. Status: Logged in Status: Retrieving directory listing of "/ZZZ Mr Master/CDN Files delivered"... Command: CWD /ZZZ Mr Master/CDN Files delivered Response: 250 CWD command successful Command: TYPE I Response: 200 Type set to I Command: PASV Response: 227 Entering Passive Mode. (#,#,#,#,68,229) Command: MLSD Response: 150 Opening ASCII mode data connection for MLSD Error: Connection timed out after 20 seconds of inactivity Error: Failed to retrieve directory listing

I have tried removing the remote directory that I am specifying in the site manager to land into, have tried forcing passive and active mode rather than auto-detect, have tried forcing UTF-8 instead of auto-detect, have tried checking bypass proxy, and have tried ALL available server types rather than auto-detect.

So far nothing has worked.

I can confirm that if I connect to this site from the command prompt ftp in windows 10 I am able to successfully connect and retrieve a directory listing.

I have inquired from the host as to what OS, FTP server, and version they are running to try to get more information. I'll update this ticket as I get more info.

I am certainly not alone as another user entered the IRC channel a little while ago with the identical issue, but he left before I was able to ask any questions.

#10165 fixed Proxy ignored for SFTP connections (Regression from Gravewish

Since version 3.10.0, connections through SFTP always ignore any proxy settings I might have configured. 3.9.6 and older do not.

I've got it configured to use a HTTP proxy, over port 443. The "Bypass Proxy" setting for the connection I use is not checked.

The console shows the following lines (after enabling detailed output):

Response:	fzSftp started
Command:	proxy 1 "" 443
Command:	open "" 2222

But then it actually does a direct connection instead. I confirmed this by looking at my firewall's network connections view, netstat, and by the fact that I'm no longer speed-limited by the proxy.

I've downgraded until the issue disappeared, and found that the proxy 3.9.6 and older versions do not have this issue.

I assume it's caused by the "Updated SFTP components from PuTTY" change introduced in 3.10.0-beta3, but I might be wrong.

Batch Modify
Note: See TracBatchModify for help on using batch modify.
Note: See TracQuery for help on using queries.