From: Phil B. <ph...@ph...> - 2007-04-21 23:58:25
|
On Saturday 21 April 2007 18:40, TJ Saunders wrote: > > That doesn't appear to drop the connection. It just disallows it. > > That's all proftpd can do. It's not a firewall, so it can't just drop the > TCP connection; it has to wait until it has enough application-level > knowledge to close the connection. This thus requires that the TCP > connection be established long enough for proftpd to read in data such as > the USER and PASS commands. > > You might also look into using the mod_ban module: > > http://www.castaglia.org/proftpd/modules/mod_ban.html > > However, the point that proftpd is not a firewall still holds. Firewalls don't do user authentication, so of course what I'm asking for has nothing to do with firewalling and I'm not sure how firewalling even was brought into the conversation. I'm asking if there is something built into ProFTPD that is smart enough to drop the connection after someone enters "administrator" as a USER. There is no point in waiting for a password attempt, no point in timing out the connection. It could be dropped right then and there. By the APPLICATION. The USER id is not firewall information, it is application information, thus I asked in the application user support mailing list. If ProFTPD can't do it, then a simple NO will do. I know how firewalls work. -- Phil Barnett AI4OF SKCC #600 |