Bug 241008 - Too many login attempts allowed by vsftpd
Too many login attempts allowed by vsftpd
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: vsftpd (Show other bugs)
4.5
All Linux
medium Severity medium
: ---
: ---
Assigned To: Maros Barabas
: Reopened
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-05-23 12:32 EDT by John Robinson
Modified: 2007-11-16 20:14 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-05-28 04:12:50 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
My vsftpd config (4.10 KB, text/plain)
2007-05-23 19:22 EDT, John Robinson
no flags Details
My pam.d/vsftpd (452 bytes, text/plain)
2007-05-23 19:25 EDT, John Robinson
no flags Details

  None (edit)
Description John Robinson 2007-05-23 12:32:55 EDT
Description of problem:
vsftpd doesn't kill the session after too many login attempts

Version-Release number of selected component (if applicable):
2.0.1-5.EL4.5

How reproducible:
100%

Steps to Reproduce:
1.Use rubbish login details 10, 100, 1e81 times
2.
3.
  
Actual results:
It doesn't kick you off

Expected results:
It should kick you off

Additional info:
Logwatch tells me:
 (148.243.223.220): john - 2432 Time(s)
 (148.243.223.220): jeff - 364 Time(s)
 (148.243.223.220): amanda - 2432 Time(s)
I have a firewall config which limits repeated connections from the same IP, so
the above couldn't happen if it was caused by multiple connections.

I note that vsftpd 2.0.5 has a change to "Kick session after a few login fails.
Allows IP blocking solutions to be more immediately effective." -
ftp://vsftpd.beasts.org/users/cevans/untar/vsftpd-2.0.5/Changelog - so I wonder
if this could be added into an update to the RHEL release.
Comment 1 Maros Barabas 2007-05-23 17:40:15 EDT
Attach your vsftpd configuration please. Thanks
Comment 2 John Robinson 2007-05-23 19:22:58 EDT
Created attachment 155306 [details]
My vsftpd config

Not too far from stock, I think
Comment 3 John Robinson 2007-05-23 19:25:59 EDT
Created attachment 155307 [details]
My pam.d/vsftpd

Edited slightly, so users with valid shells CAN'T log in.
Comment 4 Maros Barabas 2007-05-24 04:14:04 EDT
Please add "max_login_fails" directive to your vsftpd configuration specifying
the number of login failures before the session is killed.
Comment 5 John Robinson 2007-05-24 05:53:25 EDT
Doing so causes my vsftpd to fail to start, apparently logging nothing at all. I
am using vsftpd-2.0.1 in EL4.
Comment 6 Maros Barabas 2007-05-28 04:12:50 EDT
I'm sorry. This feature has been added up to 2.0.4 release. If you want to
update vsftpd for RHEL 4 to current version (2.0.5), please open new appropriate
bug. Thanks

Note You need to log in before you can comment on or make changes to this bug.