[CLUE-Tech] vsftpd question
Angelo Bertolli
angelo at freeshell.org
Mon Jun 14 10:01:50 MDT 2004
Charles Oriez wrote:
>
> I'm also open to other suggestions. I've denied access to our httpd
> daemon for some overseas sites involved in this or other shenanigans,
> but I assume that listing something in httpd.conf has no impact on
> vsftpd, and vsftpd.conf doesn't seem to have a similar area for
> entering deny instructions.
Here are some configuration options:
http://www.redhat.com/docs/manuals/enterprise/RHEL-3-Manual/ref-guide/s1-ftp-vsftpd-conf.html
max_per_ip might help if they're trying to connect multiple times at once
I say this because I'm suspecting that this is a DoS attack, not a crack
attempt. First, there is no attempt at using a username or password,
and second there is a known vulnerability to this in a previous version
of vsftpd.
Also if you're using xinetd, you might want to see if there's a way it
can handle these particular configurations you are looking for.
More information about the clue-tech
mailing list