FTP Brute-Force Protection
Protection Overview
RdpGuard helps you protect your FTP server from
brute-force attacks. It monitors FTP port and blocks attackers IP addresses when the number of failed login
attempts reaches the set limit. Check out the instructions below to learn how to enable and configure FTP
brute-force protection.
To enable FTP brute-force protection
1. Start RdpGuard Dashboard and click Tools, Options
Click Tools, Options
RdpGuard Options dialog will appear:
RdpGuard Options
2. Open the Monitoring tab
RdpGuard Monitoring Options
3. Check Enable FTP protection
4. Click Save. RdpGuard service will be restarted.
FTP brute-force protection Configuration
1. Click Tools, Options, Monitoring
2. Click the configure.. link:
Click the configure link
FTP Settings dialog will open:
FTP Detection Engine Settings
FTP port
In order to increase security of your FTP server, you can change the default FTP port in your FTP server software.
RdpGuard works with any FTP Server software and any custom FTP port. All you need is to specify custom FTP port in
the corresponding field.
Addresses to monitor
In new versions of RdpGuard we switched from log parsing detection to socket based approach.
This allows us to support the Protocol instead of particular software (because logs are software-specific)
RdpGuard listens on the protocol specific ports for an each IP address associated with the machine.
This may affect server performance if there are high number of IP addresses associated with the machine.
In order to avoid performance decrease, you may consider limiting the number of ip addresses your FTP server software is listening on.
This could be configured in FTP server software settings or via firewall rules.
When you done with the FTP server configuration, you may update addresses to monitor in RdpGuard.
3. Click Save to close this dialog and Save to close the RdpGuard Options dialog.
4. Restart RdpGuard Service via the Tools menu
|
