bin/mv /share/./ftplogs/block.log.1 /share/./ftplogs/block.log.2 bin/mv /share/./ftplogs/block.log.2 /share/./ftplogs/block.log.3 bin/mv /share/./ftplogs/block.log.3 /share/./ftplogs/block.log.4 bin/mv /share/./ftplogs/block.log.4 /share/./ftplogs/block.log.5 bin/mv /share/./ftplogs/block.log.5 /share/./ftplogs/block.log.6 bin/mv /share/./ftplogs/block.log.6 /share/./ftplogs/block.log.7 bin/mv /share/./ftplogs/block.log.7 /share/./ftplogs/block.log.8 bin/mv /share/./ftplogs/block.log.8 /share/./ftplogs/block.log.9 # intermediate configfile (used when editing config) # IPs below are automatically added #Ĭfgfile=/share/custom/customized/nf # the file must be manually edited to end with the following lines: # path to your standard/customized nf file Tmpfile=/share/custom/scripts/proftpd_watch.ip.new # tmp watch file (used when editing the file) Watchfile=/share/custom/scripts/proftpd_watch.ip # file that stores the ips that failed to login: # ExtendedLog /share/MD0_DATA/data/website/ftplogs/proftpd.log AUTH,READ,WRITE userlog # LogFormat userlog "%u %P %a %h %t \"%r\" %s" # this script asumes the following log config (in nf): # purpose: watch proftpd logfile and detect failed login attempts Next, a script must be put in place to monitor the proftpd logfile, detect login failures, store ip addresses that failed to login and (if the maxlogin for a specific IP is exceeded), block an ip address.ģ7 4 * * * /share/custom/scripts/proftpd_block.sh
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |