Submit a ticketCall us

Get a crash course on Network Monitoring delivered right to your inbox
This free 7-day email course provides a primer to the philosophy, theory, and fundamental concepts involved in IT monitoring. Lessons will explain not only how to perform various monitoring tasks, but why and when you should use them. Sign up now.

Home > Success Center > Serv-U Managed File Transfer & Serv-U FTP Server > Protect against brute force attacks

Protect against brute force attacks

Created by Richard Casey, last modified by Alejandro Realo on Nov 02, 2016

Views: 45 Votes: 2 Revisions: 5

Overview

This article describes the steps to protect your system from a brute force attach. A brute force attack is an attempt by a cracker to gain illegitimate access to your system by attempting to login using random usernames in rapid succession.

Environment

Serv-U V14 to 15.1.2

Steps

  1. Regularly audit your user list to ensure that all users have been given proper permissions.
  2. Go to Limits & Settings > Limits > Passwords > Require complex passwords.
  3. Enable minimum password length requirements under Go to Limits & Settings > Limits > Passwords > Minimum password length
  4. Enable minimum password length requirements.
    Note: Six characters or more is considered more secure.
  5. Go to Limits & Settings > Limits > Passwords > Automatically expire password to reduce the likelyhood of a compromised password being used for an extended period of time.
  6. Go to Server Limits & Settings > Settings and enable anti-hammering.

 

Anti Hammer.PNG

 

Adding Exceptions

In some cases, automated FTP processes or procedures may accidentally trigger this anti-hammering feature, preventing critical processes from running. Serv-U 9.0 and above. Counteract this by not automatically blocking users who are allowed in the Serv-U IP Access list. Follow these steps to specify a host who should always be able to connect:

  1. Go to Server Details > IP Access menu.
  2. Add a new "Allow" rule for the IP Address of the host (or hosts) that will be making frequent connections. Also add an Allow rule for "*" so that general users who do not trip the anti-hammering rule are not blocked.
  3. Click Save.
  4. Add a new Allow rule for "*" (without the quotation marks), and verify that it is on the bottom of the list.

 

Last modified
14:46, 2 Nov 2016

Tags

Classifications

Public