Tech Support Forum - View Single Post

**Cellus** · 12-26-2007, 04:59 PM

This sort of "attack" is actually very common for FTP servers. If you use strong, complex passwords and non-standard usernames you are fine.

Long story short, if you run a public FTP server, this sort of activity is actually expected and happens to pretty much everyone with public FTP at one point in time or another. The person (or bot) which was trying to get in was most likely using a common passwords list - going through a list of passwords commonly used by people. If you use non-standard usernames and strong complex passwords, there is no need to panic and shut it down. It happens rather often.

Make sure your FTP server is properly configured (if possible, see if you can configure it to block an IP for x number of minutes/hours if y number of login failures occur) and is behind a firewall (I recommend something stronger than relying just on the basic firewall built into your Home/SOHO router). Keep your software (including Windows and Serv-U) up-to-date. Make sure you have at least some basic security software installed such as antivirus, antispyware, and such.

There are other things you can implement, such as secure FTP (ie. Serv-U's support for SSL) and an IDS/IPS (Intrusion Detection/Prevention System), however they can be difficult to properly implement and configure and can make it difficult for everyone to access your FTP.

12-26-2007, 04:59 PM	#4 (permalink)
Cellus Moderator Networking Team Join Date: Aug 2006 Location: Canada Posts: 2,633 OS: Windows Vista Business SP1, Windows XP Professional SP3 My System	Re: FTP Server Under Attack This sort of "attack" is actually very common for FTP servers. If you use strong, complex passwords and non-standard usernames you are fine. Long story short, if you run a public FTP server, this sort of activity is actually expected and happens to pretty much everyone with public FTP at one point in time or another. The person (or bot) which was trying to get in was most likely using a common passwords list - going through a list of passwords commonly used by people. If you use non-standard usernames and strong complex passwords, there is no need to panic and shut it down. It happens rather often. Make sure your FTP server is properly configured (if possible, see if you can configure it to block an IP for x number of minutes/hours if y number of login failures occur) and is behind a firewall (I recommend something stronger than relying just on the basic firewall built into your Home/SOHO router). Keep your software (including Windows and Serv-U) up-to-date. Make sure you have at least some basic security software installed such as antivirus, antispyware, and such. There are other things you can implement, such as secure FTP (ie. Serv-U's support for SSL) and an IDS/IPS (Intrusion Detection/Prevention System), however they can be difficult to properly implement and configure and can make it difficult for everyone to access your FTP. __________________ TSF Networking Team HijackThis 5 Step Process Donate! Last edited by Cellus : 12-26-2007 at 05:00 PM.