Submit a ticketCall us
Home > Success Center > Serv-U Managed File Transfer & Serv-U FTP Server > Serv-U - Knowledgebase Articles > Configure Serv-U to protect against brute force attacks

Configure Serv-U to protect against brute force attacks

Created by Richard Casey, last modified by PatriciaMarie.Esquejo on Jul 25, 2018

Views: 1,035 Votes: 2 Revisions: 6

Overview

This article describes the steps to protect your system from a brute force attach. A brute force attack is an attempt by a cracker to gain illegitimate access to your system by attempting to login using random usernames in rapid succession.

Environment

Serv-U V14 to 15.1.6

Steps

  1. Regularly audit your user list to ensure that all users have been given proper permissions.
  2. Go to Limits & Settings > Limits > Passwords > Require complex passwords.
  3. Enable minimum password length requirements under Go to Limits & Settings > Limits > Passwords > Minimum password length
  4. Enable minimum password length requirements.
    Note: Six characters or more is considered more secure.
  5. Go to Limits & Settings > Limits > Passwords > Automatically expire password to reduce the likelyhood of a compromised password being used for an extended period of time.
  6. Go to Server Limits & Settings > Settings and enable anti-hammering.

 

Anti Hammer.PNG

 

Adding Exceptions

In some cases, automated FTP processes or procedures may accidentally trigger this anti-hammering feature, preventing critical processes from running. Serv-U 9.0 and above. Counteract this by not automatically blocking users who are allowed in the Serv-U IP Access list. Follow these steps to specify a host who should always be able to connect:

  1. Go to Server Details > IP Access menu.
  2. Add a new "Allow" rule for the IP Address of the host (or hosts) that will be making frequent connections. Also add an Allow rule for "*" so that general users who do not trip the anti-hammering rule are not blocked.
  3. Click Save.
  4. Add a new Allow rule for "*" (without the quotation marks), and verify that it is on the bottom of the list.

 

Last modified

Tags

Classifications

Public