Re: FTP Authorization Failure time limits
- From: Jason Barbier <kusuriya@xxxxxxxxx>
- Date: Fri, 28 Sep 2007 23:49:29 -0700
Well it depends on the software you have on what the defaults are for
the login lockout time, I think for proftpd if you have it turned on
its 15 minutes, and for IIS I think it is 5. but its also changeable in
both thoose examples, Im not sure if thats what you are asking though
On 28 Sep 2007 11:14:41 -0000
msiddhartha@xxxxxxxxxxxxxx wrote:
Hi,
When an FTP authorization fails thrice continuously, an error called
530: User not logged in (Your password is being rejected) triggers an
alarm in some Enterprise SIM solutions.
Can somebody please explain whether there is a time frame for the
illegitimate login attempts after which the alarm fires?
To elaborate the query, how much time space is allotted after every
individual invalid login attempt for an attacker using Brute force by
the FTP server?
Thanks in advance
Cheers!
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
------------------------------------------------------------------------
This list is sponsored by: Cenzic
Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!
http://www.cenzic.com/downloads
------------------------------------------------------------------------
- References:
- FTP Authorization Failure time limits
- From: msiddhartha
- FTP Authorization Failure time limits
- Prev by Date: Password Revealer for Pocket PC??
- Previous by thread: FTP Authorization Failure time limits
- Next by thread: Password Revealer for Pocket PC??
- Index(es):
Relevant Pages
|
|
