Submit a ticketCall us

Solarwinds & Cisco Live! Barcelona
Join us from the 29th of January to the 2nd of February at Cisco Live 2018 in Barcelona, where we will continue to show how monitoring the network with SolarWinds will keep you ahead of the game. At our booth (WEP 1A), we will demonstrate how SolarWinds network solutions can help. As a bonus, we are also hosting a pre-event webinar - Blame the Network, Hybrid IT Edition with our SolarWinds Head Geek™, Patrick Hubbard on January 24th - GMT (UTC+0): 10:00 a.m. to 11:00 a.m. There's still time to RSVP.

Home > Success Center > Serv-U Managed File Transfer & Serv-U FTP Server > Protect against brute force attacks

Protect against brute force attacks

Created by Richard Casey, last modified by Alejandro Realo on Nov 02, 2016

Views: 892 Votes: 2 Revisions: 5

Overview

This article describes the steps to protect your system from a brute force attach. A brute force attack is an attempt by a cracker to gain illegitimate access to your system by attempting to login using random usernames in rapid succession.

Environment

Serv-U V14 to 15.1.2

Steps

  1. Regularly audit your user list to ensure that all users have been given proper permissions.
  2. Go to Limits & Settings > Limits > Passwords > Require complex passwords.
  3. Enable minimum password length requirements under Go to Limits & Settings > Limits > Passwords > Minimum password length
  4. Enable minimum password length requirements.
    Note: Six characters or more is considered more secure.
  5. Go to Limits & Settings > Limits > Passwords > Automatically expire password to reduce the likelyhood of a compromised password being used for an extended period of time.
  6. Go to Server Limits & Settings > Settings and enable anti-hammering.

 

Anti Hammer.PNG

 

Adding Exceptions

In some cases, automated FTP processes or procedures may accidentally trigger this anti-hammering feature, preventing critical processes from running. Serv-U 9.0 and above. Counteract this by not automatically blocking users who are allowed in the Serv-U IP Access list. Follow these steps to specify a host who should always be able to connect:

  1. Go to Server Details > IP Access menu.
  2. Add a new "Allow" rule for the IP Address of the host (or hosts) that will be making frequent connections. Also add an Allow rule for "*" so that general users who do not trip the anti-hammering rule are not blocked.
  3. Click Save.
  4. Add a new Allow rule for "*" (without the quotation marks), and verify that it is on the bottom of the list.

 

Last modified

Tags

Classifications

Public