PDA

Archiv verlassen und diese Seite im Standarddesign anzeigen : Pure-ftpd: ewige Verbindungsversuche



SirSydom
11.06.09, 00:47
Hallo,

bei mir läuft seit kurzem für die Pflege von ein paar Webseiten auf vHosts ein pure-ftpd mit virtuellen usern und homedirs usw.
TLS ist auf "2" also nur verschlüsselt und anonymer Zugriff ist auch abgestellt.

Trotzdem läuft mir der Log von tausenden Verbdingsversuchen von diversen Qullen über. Ganz abschalten will ich das Logging auch nicht - am liebsten wäre mir das ganz zu unterbinden. Was kann man denn da machen?

Gruß
SirSydom

HirschHeisseIch
11.06.09, 02:55
Wenn ausser Dir keiner Zugriff haben muss, ists wohl das einfachste, den ftpd erstmal auf nen anderen Port zu legen.
Wenn es allerdings jemand auf Deinen Server abgesehen hat, hilft das auch nicht lange.
Dann fällt mir da noch der knockd ein, der den FTP-Port erst nach einer bestimmten Sequenz auf macht.

Wenn andere Zugriff haben müssen, helfen eigentlich nur sicher Passwörter. Und das auch nur bedingt...

SirSydom
11.06.09, 07:43
Sichere Passwörter, klar. Ich benutze ja nicht extra TLS und zwinge den User dazu ganz bestimmte FTP Clients zu benutzen und lasse dann sowas wie fritz/fritz zu ;)
Ich hab die Passwörter random generiert und initial vergeben, der User kann sie nicht ändern. Die sind also sicher.
Zudem kommt ja nur das raus:

May 9 19:52:15 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.

Aber das halt einge mal pro Sekunde:
Das grenzt ja schon an DOS..
kann man da mit iptables evtl was machen?



May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 4 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 3 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 5 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 6 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 4 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 3 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 5 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 7 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 4 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 5 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 7 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 4 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 5 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 7 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 3 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 4 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 3 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 6 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 4 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 6 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 3 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 4 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 6 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 3 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 4 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 6 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 comefrom last message repeated 6 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [INFO] New connection from www.nettunosrl.it
May 9 19:52:14 comefrom last message repeated 2 times
May 9 19:52:14 comefrom pure-ftpd: (?@www.nettunosrl.it) [WARNING] Sorry, cleartext sessions are not accepted on this server. Please reconnect using SSL/TLS security mechanisms.
May 9 19:52:14 co

h4gb4rdc31in3
11.06.09, 09:38
Könnte in diesem fall vielleicht fail2ban ne lösung sein?
Verwende es bei mir für SSH und proftp, alle IP's, von dennen sich zweimal mit falsche userdaten versucht wurde einzuloggen, werden für 24h geblockt.