Hey guys,

I keep getting people trying to brute-force their way into one of my servers via proftpd... Now, I'm not too concerned about them gaining access, but it's becoming a huge thorn in my side and it bothers me because they are allowed about 25,000 attempts before their IP is banned. How do I make it so their IP is banned after... say... 50 failed attempts? Any help would be appreciated! And while we're on the topic, is there any other type of security I could put in place on my servers for not only ftp but other attacks as well? Thanks guys!

You may want to use CSF and LFD on your server. LFD will handle the bans for you.

Okay, is there some documentation on LFD that I can read up on? Where do I get it?

csf+lfd documentation and downloads are on configserver.com

Thanks! Any more help/suggestions would be appreciated.

We use, and can install, APT+BFD.

Jeff

We use, and can install, APT+BFD.

Jeff
I also use APF+BFD and it works very nice. :)

BFD is brute force detection right? I've heard of it and I think I'll give it a try... Thanks!

Yep. APF+BFD is:

Advanced Policy Firewall + Brute Force Detection

Jeff

Yep. APF+BFD is:

Advanced Policy Firewall + Brute Force Detection

Jeff

How can I install this?
The easy way plz :)

http://directadmin.com/forum/showthread.php?t=14500 just use "cd apf-*" instead of "cd apf-0.*".