Of late, I'm seeing a number of failed ftp logins.
I'm aware that HostAccessControl has no effect on pureftp.
What I a little confused with is CSF has port 20 and 21 closed, so I'm not sure how these are getting through.
Nov 18 16:13:29 leeds pure-ftpd: ([email protected]) [INFO] New connection from 123.232.19.90
Nov 18 16:13:29 leeds pure-ftpd: ([email protected]) [INFO] New connection from 123.232.19.90
Nov 18 16:13:29 leeds pure-ftpd: ([email protected]) [INFO] New connection from 123.232.19.90
Nov 18 16:13:30 leeds pure-ftpd: ([email protected]) [INFO] New connection from 123.232.19.90
Nov 18 16:13:35 leeds pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [name]
Nov 18 16:13:35 leeds pure-ftpd: ([email protected]) [INFO] Logout.
Nov 18 16:13:35 leeds pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [anonymous]
Nov 18 16:13:35 leeds pure-ftpd: ([email protected]) [INFO] Logout.
Nov 18 16:13:35 leeds pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [www]
Nov 18 16:13:35 leeds pure-ftpd: ([email protected]) [INFO] Logout.
Nov 18 16:13:36 leeds pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [anonymous]
Nov 18 16:13:36 leeds pure-ftpd: ([email protected]) [INFO] Logout.
Messages log doesn't show me if these attempts are via any other port.
Any ideas ?
I'm aware that HostAccessControl has no effect on pureftp.
What I a little confused with is CSF has port 20 and 21 closed, so I'm not sure how these are getting through.
Nov 18 16:13:29 leeds pure-ftpd: ([email protected]) [INFO] New connection from 123.232.19.90
Nov 18 16:13:29 leeds pure-ftpd: ([email protected]) [INFO] New connection from 123.232.19.90
Nov 18 16:13:29 leeds pure-ftpd: ([email protected]) [INFO] New connection from 123.232.19.90
Nov 18 16:13:30 leeds pure-ftpd: ([email protected]) [INFO] New connection from 123.232.19.90
Nov 18 16:13:35 leeds pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [name]
Nov 18 16:13:35 leeds pure-ftpd: ([email protected]) [INFO] Logout.
Nov 18 16:13:35 leeds pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [anonymous]
Nov 18 16:13:35 leeds pure-ftpd: ([email protected]) [INFO] Logout.
Nov 18 16:13:35 leeds pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [www]
Nov 18 16:13:35 leeds pure-ftpd: ([email protected]) [INFO] Logout.
Nov 18 16:13:36 leeds pure-ftpd: ([email protected]) [WARNING] Authentication failed for user [anonymous]
Nov 18 16:13:36 leeds pure-ftpd: ([email protected]) [INFO] Logout.
Messages log doesn't show me if these attempts are via any other port.
Any ideas ?