VSFTP Brute force attacks

[sarlacc]

Would it be possible to compile newer version of vsftp with option delay_failed_login


vsftpd-2.0.5/Changelog:
- Added delay_failed_login and delay_successful_login to help limit resources
taken by brute force attacks.
- Kick session after a few login fails. Allows IP blocking solutions to be more
immediately effective.


I think it will be very very useful and it could solve problems with brute force attacking ftp servers better than fail2ban scripts.

[mistraller]

Would it be possible to compile newer version of vsftp with option delay_failed_login


vsftpd-2.0.5/Changelog:
- Added delay_failed_login and delay_successful_login to help limit resources
taken by brute force attacks.
- Kick session after a few login fails. Allows IP blocking solutions to be more
immediately effective.


I think it will be very very useful and it could solve problems with brute force attacking ftp servers better than fail2ban scripts.

Seems that vsftpd 2.0.5-1 is available as ipkg package. Hope this gives better solution as fail2ban. (My router runs as AP, so firewall runs on modem here.)

Edit:

Testing with delay_failed_login=15 and max_login_fails=3 at the moment.

[mistraller]

Still no brute force attacks on my server....