Submit a ticketCall us

Webinar: Web Help Desk for HR, Facilities and Accounting Departments
This webinar will focus on use cases for HR, Facilities and Accounting.

Having a unified ticketing and asset management system for all the departments in your company can provide end-users with a seamless experience and make things easier for your IT team. Yet, with different business tasks and objectives, many departments don’t fully understand the capabilities of Web Help Desk and how the software can be customized for effective use in their departments.
Register Now.

Home > Success Center > Serv-U Managed File Transfer & Serv-U FTP Server > Protect against brute force attacks

Protect against brute force attacks

Created by Richard Casey, last modified by Alejandro Realo on Nov 02, 2016

Views: 118 Votes: 2 Revisions: 5

Overview

This article describes the steps to protect your system from a brute force attach. A brute force attack is an attempt by a cracker to gain illegitimate access to your system by attempting to login using random usernames in rapid succession.

Environment

Serv-U V14 to 15.1.2

Steps

  1. Regularly audit your user list to ensure that all users have been given proper permissions.
  2. Go to Limits & Settings > Limits > Passwords > Require complex passwords.
  3. Enable minimum password length requirements under Go to Limits & Settings > Limits > Passwords > Minimum password length
  4. Enable minimum password length requirements.
    Note: Six characters or more is considered more secure.
  5. Go to Limits & Settings > Limits > Passwords > Automatically expire password to reduce the likelyhood of a compromised password being used for an extended period of time.
  6. Go to Server Limits & Settings > Settings and enable anti-hammering.

 

Anti Hammer.PNG

 

Adding Exceptions

In some cases, automated FTP processes or procedures may accidentally trigger this anti-hammering feature, preventing critical processes from running. Serv-U 9.0 and above. Counteract this by not automatically blocking users who are allowed in the Serv-U IP Access list. Follow these steps to specify a host who should always be able to connect:

  1. Go to Server Details > IP Access menu.
  2. Add a new "Allow" rule for the IP Address of the host (or hosts) that will be making frequent connections. Also add an Allow rule for "*" so that general users who do not trip the anti-hammering rule are not blocked.
  3. Click Save.
  4. Add a new Allow rule for "*" (without the quotation marks), and verify that it is on the bottom of the list.

 

Last modified
14:46, 2 Nov 2016

Tags

Classifications

Public