Opened 21 years ago
Last modified 20 years ago
#1899 closed Feature request
Ban on hammering (filezilla server)
Reported by: | anonymous | Owned by: | |
---|---|---|---|
Priority: | normal | Component: | Other |
Keywords: | Cc: | Eirik, stefpet, Tim Kosse | |
Component version: | Operating system type: | ||
Operating system version: |
Description
people who try try to login to quick after each other
should be bant for a while (make an option of it). So
when someone is doing a dictionary attack or so will
fail. :)
Change History (4)
comment:1 by , 21 years ago
comment:3 by , 20 years ago
Would really like to see this implemented. I see brute-force
dictionary hacking atempts quite frequently in my log-files.
comment:4 by , 20 years ago
Implemented in 0.9.2, trying to log in too often will slow
down the client significantly. Dictionary/brute force
attacks are no longer a viable solution to attack the server.
Note:
See TracTickets
for help on using tickets.
Logged In: NO
Also...
1) for a failed login, wait some time (eg 15 seconds) before
2) lock-out an account for 'M' minutes after 'N' failed logins.
3) For multiple simultaneous connects from a host, only
time.