Updated FTP/SSH auto block service
Thursday, June 5th, 2008 8:12AM EDT
As mentioned previously, we auto block FTP and SSH attacks. Overall it has been working great and within two months blocked over 800 unique IP addresses. One issue we’ve discovered is many FTP clients try to login with ‘anonymous’ user first and then use the username/password specified in the FTP client. Anonymous FTP is something used years ago and shouldn’t be used today. Our service unfortunately has blocked a few legitimate users. So since we do not allow anonymous FTP, we’ve increased the amount of bad passwords for ‘anonymous’ and also separated them from other bad logins. This should prevent blocking legitimate users. Sorry for any inconvenience this has caused.
