Red Hat Bugzilla – Bug 241008
Too many login attempts allowed by vsftpd
Last modified: 2007-11-16 20:14:55 EST
Description of problem:
vsftpd doesn't kill the session after too many login attempts
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1.Use rubbish login details 10, 100, 1e81 times
It doesn't kick you off
It should kick you off
Logwatch tells me:
(18.104.22.168): john - 2432 Time(s)
(22.214.171.124): jeff - 364 Time(s)
(126.96.36.199): amanda - 2432 Time(s)
I have a firewall config which limits repeated connections from the same IP, so
the above couldn't happen if it was caused by multiple connections.
I note that vsftpd 2.0.5 has a change to "Kick session after a few login fails.
Allows IP blocking solutions to be more immediately effective." -
ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.0.5/Changelog - so I wonder
if this could be added into an update to the RHEL release.
Attach your vsftpd configuration please. Thanks
Created attachment 155306 [details]
My vsftpd config
Not too far from stock, I think
Created attachment 155307 [details]
Edited slightly, so users with valid shells CAN'T log in.
Please add "max_login_fails" directive to your vsftpd configuration specifying
the number of login failures before the session is killed.
Doing so causes my vsftpd to fail to start, apparently logging nothing at all. I
am using vsftpd-2.0.1 in EL4.
I'm sorry. This feature has been added up to 2.0.4 release. If you want to
update vsftpd for RHEL 4 to current version (2.0.5), please open new appropriate