PDA

View Full Version : Only one shot to ftp




kabniel
Apr 18, 2008, 09:09 AM
Recently it came to my attention that a webserver I have will not allow a specific user to ftp into it. I eventually discovered that it was due to poor password. My restrictions were not met by the other admin who created the account. So the user could not use their account to access our server.

The machine is an Xserve Blade running 10.5.2 server. The problem that arose out of the above is: if a person fails to authenticate when trying to ftp, the server does not allow them any communication with the server. You can start pinging the server, fail the ftp authentication, and then the you can no longer reattempt the password and ping starts to timeout. The only way to allow the person to reattempt is to restart the server entirely.

If the firewall is turned off, you can fail the authentication and reattempt as many times as you want.

Where in the firewall settings does it start to block people by IP after a single fail to authenticate to a service? Or if anything, where is the file/cache/whatever that stores this so I can just clear that instead of restarting the server each time?

Thanks for your time



SC68Cal
Apr 18, 2008, 03:36 PM
Have you checked /etc/hosts.deny ? That would be my first place to look.

kabniel
Apr 20, 2008, 05:22 PM
I didn't see a hosts.deny. There was hosts.config. But no deny.

Thanks for the suggestion though.

kabniel
Apr 20, 2008, 06:10 PM
It was due to passive being allowed.
I've only heard of this being a problem with actual file transfers. I never thought that it would prevent me from being able to reattempt a login or ping the machine.