[olug] more secure FTP server?
Lou Duchez
lou at paprikash.com
Tue Aug 13 01:35:18 UTC 2013
So one of my Web sites got hacked via FTP. Looking into it, here is the
problem. I am running VSFTPD, and I am also running Fail2Ban to monitor
the VSFTPD log and detect failed login attempts. It's a good system.
It's a nearly flawless system. The one flaw in this is, apparently,
VSFTPD doesn't bother to write much of anything to the log(s) when there
are errant login attempts, so Fail2Ban doesn't have anything to work with.
Does anyone know how to make VSFTPD more talkative in the case of failed
logins? Or can anyone recommend a better FTP server, one that bothers
to log these things properly?
I realize that there are other measures I can take too, such as limiting
the IPs, changing the port, and not using FTP except when nothing else
will do. And I'm looking into that. but I'd also like to be running a
good FTP server.
More information about the OLUG
mailing list