Opened 14 years ago

Last modified 6 years ago

#2499 closed Feature request

automatic bad ip blacklist

Reported by: bagu Owned by:
Priority: normal Component: FileZilla Server
Keywords: Cc: bagu, cptskippy, guepi, bubbi, Tim Kosse
Component version: Operating system type:
Operating system version:

Description

Is there any way to have an automatic ip blacklisting
when someone have made (for example) 5 try and 5 failed
login ?

I think it will be a good feature to protect the server
when it is attacked.

(sorry for bad english)

Change History (4)

comment:1 by cptskippy, 14 years ago

I would agree that there needs to be some sort of automatic
banning feature even if just temporarily. I think the
existing blacklisting and whitelisting interfaces need to be
worked on to improve their usability as well. Currently it
is very hard to manage large lists via the interface.

comment:2 by guepi, 14 years ago

Hi !

I think this automatic blacklisting will be a good feature,
and I hope this to come soon.

You may just add an ip that has tried 5 times to log into
the ftp server to a day-blacklist, that would be empty for
the new day.

Thanks

comment:3 by bubbi, 14 years ago

I'll support this request fully!
On an average day, I receive about 2-3 brute force (BF)
attacks, each at approximately 30 minutes of trying.
And since the server is not supervised 24/7 by a person, it
isn't garanteed that all BF is notified and the ip filter is
updated.

I know that there is a "FileZilla BFD" (Brute Force
Detection) at http://sourceforge.net/projects/fzbfd/
But it is not very usefull as it only checks the logs, and
needs to be run manually or through task manager.. I don't
use logfiles, I only log to the screen, and I hate having a
window popup every now and then when it is activated through
the task manager. It should be part of the main filezilla
application.

So if it was possible to enable some sort of easy IP
temporary/permanent ban management, it would greatly improve
the usage of Filezilla.
And if you need ideas to how this could be executed, i have
a lot of them, so don't think twice about asking :)

That would have been my dime there.. and maybe a lot more.. :)

comment:4 by Tim Kosse, 14 years ago

Duplicate of at least one other feature request.

Note: See TracTickets for help on using tickets.