LinuxQuestions.org
Welcome to the most active Linux Forum on the web.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices



Reply
 
Search this Thread
Old 08-17-2010, 01:34 PM   #1
slacker_et
Member
 
Registered: Dec 2009
Distribution: Slackware
Posts: 113

Rep: Reputation: 23
Question proftpd: How to set retry delay after failed logins ?


How do you configure proftpd so that once a user has failed to login and reached the MaxLoginAttempts. That they can not retry logging in for another 4 hours ?

I've been reading through proftpd's list of directives; but I can not find the answer.
And I feel it's probably staring me in the face.

Thanks;
--ET
 
Old 08-17-2010, 01:47 PM   #2
paulsm4
Guru
 
Registered: Mar 2004
Distribution: SusE 8.2
Posts: 5,863
Blog Entries: 1

Rep: Reputation: Disabled
Hi -

MaxLoginAttempts controls how many times a user can try to log in before he gets disconnected.

AFAIK, he can try connecting again as many times as he wants, as often as he wants.

Sorry I can't be more helpful
 
1 members found this post helpful.
Old 08-17-2010, 02:08 PM   #3
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,973

Rep: Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343
Hi,

It can be done with mod_ban
Check if your proftpd is compiled with the mod_ban module by running:
Code:
proftpd -l
Regards
 
1 members found this post helpful.
Old 08-17-2010, 02:30 PM   #4
slacker_et
Member
 
Registered: Dec 2009
Distribution: Slackware
Posts: 113

Original Poster
Rep: Reputation: 23
Thanks !

I had JUST stumbled upon this site:
http://freebsd.munk.me.uk/archives/2...lockhosts.html

Which displayed this code:
Code:
MaxLoginAttempts 1


  BanEngine on
  BanLog /var/log/proftpd-ban.log
  BanTable /var/db/proftpd/ban.tab

  # If the same client reaches the MaxLoginAttempts limit 2 times
  # within 10 minutes, automatically add a ban for that client that will expire after 24 hours.
  BanOnEvent MaxLoginAttempts 2/00:10:00 24:00:00

  # Configure a rule to automatically ban scripts looking for anonymous servers to which they can upload
  # will expire after ~100 hours
  BanOnEvent AnonRejectPasswords 1/01:00:00 99:99:99

  # Allow the FTP admin(-s) to manually add/remove bans
  BanControlsACLs all allow user vasya,john,rediska

  BanMessage "GO AWAY! [ %a ]"
The first half of that code looks like EXACTLY what is needed.
But it doesn't look like our proftpd was compiled with mod_ban. Bummer.

--ET
 
Old 08-17-2010, 02:54 PM   #5
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,973

Rep: Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343
You can download the source and compile it yourself adding support for mod_ban.
Running
Code:
proftpd -V
in the stock Slackware package (I assume you use Slackware) should tell you the configure options used:
Quote:
'--enable-ipv6' '--localstatedir=/var/run' '--with-modules=mod_readme:mod_ratio:mod_tls:mod_wrap:mod_ctrls_admin' '--build=i486-slackware-linux' 'build_alias=i486-slackware-linux' 'CFLAGS=-O2 -march=i486 -mtune=i686'
so you can add mod_ban like this:
Code:
./configure --enable-ipv6 --localstatedir=/var/run --with-modules=mod_readme:mod_ratio:mod_tls:mod_wrap:mod_ctrls_admin:mod_ban --build=i486-slackware-linux build_alias=i486-slackware-linux CFLAGS=-O2 -march=i486 -mtune=i686 --prefix=/usr --sysconfdir=/etc
The last 2 options are used so your proftpd installation looks in accordance with Slack package. Of course you should uninstall the proftpd package prior running "make install"

Regards

Last edited by bathory; 08-17-2010 at 02:57 PM.
 
1 members found this post helpful.
Old 08-17-2010, 04:15 PM   #6
slacker_et
Member
 
Registered: Dec 2009
Distribution: Slackware
Posts: 113

Original Poster
Rep: Reputation: 23
Thank you Bathory !

I'm currently doing this on a RHEL server that is not mine.
And I'm hitting road blocks while trying to compile;
ie. no it's a bare bones server with no compilers installed.

So now it's a matter of either being allowed to install the compilers; OR compile on another system.

Thanks !
--ET

Last edited by slacker_et; 08-17-2010 at 04:42 PM. Reason: clarity
 
Old 08-17-2010, 04:50 PM   #7
bathory
Guru
 
Registered: Jun 2004
Location: Piraeus
Distribution: Slackware
Posts: 10,973

Rep: Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343Reputation: 1343
It looks like mod_ban is included in recent proftpd-1.3.2d-1 RHEL packages. Do a search here and get the one for your distro

Regards
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
boot hangs at udevtrigger retry-failed after attempt to set up wireless Greenfuse Slackware 3 06-23-2008 08:51 AM
Configure Failed logins to lock accounts after 5 failed attempts mccartjd Linux - Newbie 5 05-05-2008 09:02 AM
Slackware 12 undevtrigger -retry failed okos Linux - Software 3 07-30-2007 08:16 AM
How to set delay between failed login attempts? handydan MEPIS 2 02-25-2007 12:08 AM
Disabling the chroot in proftpd and enabling root logins on ssh/proftpd jon_k Linux - Software 1 06-16-2004 11:27 AM


All times are GMT -5. The time now is 11:12 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration