Security Basics mailing list archives
RE: Massive failed FTP attempts
From: Amit <amit.uttam () gmail com>
Date: Tue, 4 Sep 2007 11:34:26 -0700
First of all take pride on the fact that they weren't able to break in! This shows good sysadmin practice from your part as well as good LAMP set up. Next suggestion would be to check out if there are any security updates or known vulnerabilities for proftpd. I am sure the attacker must have checked out the latest bugs on the software and is trying to exploit that. Then, try to find out where the IP is originating from. Usually you can be quite sure about which country, ISP, etc. Also, check if it is trying to access any of your other services. Finally, look at setting up an sftp server instead of FTP if feasible as it might provide you with much better security. Hope this helps, Amit
Current thread:
- RE: Massive failed FTP attempts Amit (Sep 04)