[prev in list] [next in list] [prev in thread] [next in thread]
List: openbsd-tech
Subject: Re: propossed ftpd patch to modify -A operation on invalid userids
From: "Todd C. Miller" <Todd.Miller () courtesan ! com>
Date: 2008-09-22 18:00:47
Message-ID: 200809221800.m8MI0lrP016370 () core ! courtesan ! com
[Download RAW message or body]
In message <20080919211020.GA24545@jggimi.homeip.net>
so spake Josh Grosse (josh):
> I dislike script kiddies that attack "User Administrator" or "User root"
> or "User test" in endless loops because their scripts do not understand
> ftpd's 530 response:
>
> Sorry, only anonymous ftp allowed.
>
> Their scripts result in continuous connections and bandwidth use; plus,
> they fill up /var/log/xferlog with their excrement when -ll is used.
>
> As they only have a single state, stateful tracking options in PF cannot
> be used to control them.
>
> This simple patch adds an end_login(); so that their clients get disconnected
> .
> If their scripts reconnect, then I can control behaviour via stateful
> tracking options.
I wonder if it wouldn't be better to simpling include "access denied"
in the 530 response. I don't particularly like that solution either,
though.
- todd
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic