Please don't remove Autoban

Message

enpelolo · #1 Post by **enpelolo** » 2011-08-16 15:50

Hi

I've been force attack from china's IP, for severals days. The only good logical defence is Autoban.
I just want to lower to 5 but minumum is 10. Is there a way to lower it?

How can someone be mistake 10 times?. This can only be by brute force attack, and surprisily
there is always from china or russian.

I normaly use filezilia client and password are stored to make no mistake. Maybe enlarge filezilia
cient conection list can be a good idea.

Thank in advace
Jorge

#2 Post by **botg** » 2011-08-16 19:14

Q: What harm do a billion Chinamen do if your password is long enough?
A: None if hey can keep guessing until the end of time.

enpelolo · #3 Post by **enpelolo** » 2011-08-23 16:02

The will keep my slow connection busy!!

What harm can keep autoban ??

#4 Post by **boco** » 2011-08-23 23:44

The will keep my slow connection busy!!

Autoban won't change that. It's not a magical feature to keep them away. All Autoban does is not allowing them to login to your FTP server, thereby reducing log sizes. But they still can jam your line and even connect to your server before being dismissed. Autoban works on IPs, so in order to being able to operate, it must first let them connect to obtain their IP. This process of repeated connection attempts is what uses your bandwith. You will still be probed repeatedly. FZ Server can't prevent that.

As a deprecated feature, I don't even know if it works on IPv6 addresses, which will become much more common soon.

#5 Post by **botg** » 2011-08-24 06:18

Even if you would have a firewall that discards all packets, an attacker can still saturate your line.

enpelolo · #6 Post by **enpelolo** » 2011-08-26 21:54

I concour with you if some want to get into your network will keep trying until they found the way in, and will keep busy your connection alll time, but what i have seen up to day is; they are trying.. if they are banned they stop for the day and try another day 10 time more. This way will the chance is almost never to found the password and won't keep my connection busy.

With Ip6, and if the feature is updated, it will behave the same way, unless the introuder change the ip each time, wich is more unlikely.

Thank in advance

emelendez · #7 Post by **emelendez** » 2011-12-09 23:55

Autoban is such an important feature and should not be removed. I have a system with SSH open, and it used to get hammered with login attempts. Once I started using an "autoban" type feature, the amount of login attempts has DRASTICALLY gone down.

I don't currently use FileZilla (I have in the past), but I'm looking for software with this specific feature. My FTP server gets hammered with login attempts, and I know this feature will eventually reduce that number.

It may not be an optimum feature for everyone, but for those who do, it is a valuable component. It's an optional feature, and it should be up to the site admin to use as they need.

Not only should it not be removed, but it should enhanced as much as possible.

-Ed

FileZilla Forums

Please don't remove Autoban

Please don't remove Autoban

Re: Please don't remove Autoban

Re: Please don't remove Autoban

Re: Please don't remove Autoban

Re: Please don't remove Autoban

Re: Please don't remove Autoban

Re: Please don't remove Autoban