Submit a ticketCall us

Solarwinds & Cisco Live! Barcelona
Join us from the 29th of January to the 2nd of February at Cisco Live 2018 in Barcelona, where we will continue to show how monitoring the network with SolarWinds will keep you ahead of the game. At our booth (WEP 1A), we will demonstrate how SolarWinds network solutions can help. As a bonus, we are also hosting a pre-event webinar - Blame the Network, Hybrid IT Edition with our SolarWinds Head Geek™, Patrick Hubbard on January 24th - GMT (UTC+0): 10:00 a.m. to 11:00 a.m. There's still time to RSVP.

Home > Success Center > Serv-U Managed File Transfer & Serv-U FTP Server > Automatically disconnect the session after 3 failed login attempts

Automatically disconnect the session after 3 failed login attempts

Table of contents
Created by Dhalia Turiaga, last modified by MindTouch on Jun 23, 2016

Views: 950 Votes: 1 Revisions: 5

Overview

In order to protect the user from brute force attack, Serv-U is design to automatically disconnect the session after 3 failed login attempts. 

Environment

Serv-U version 12.x ++ with below supported operating system: 

  • Windows Vista/7/8, Server 2008/2012 - C:\ProgramData\RhinoSoft\Serv-U (Folder is Hidden in Windows by default)
  • Windows 2000/XP, Server 2000/2003 - C:\Program Files\RhinoSoft\Serv-U
  • Linux - /usr/local/Serv-U

Detail

Serv-U is supposed to disconnect a session that fails to successfully authenticate after 3 failed attempts. This is to prevent hackers from using the same session to bypass anti-hammer settings that make brute force password guessing unfeasible. Forcing a disconnect subjects them to antihammer settings when a new connection is established. Slowing down their authentication attempts to defeat them as well since it makes brute force unfeasible as well.

Please see the Protect against brute force attacks article for more information.

 

Last modified

Tags

Classifications

Public