- #1
phoenixthoth
- 1,605
- 2
I discontinued using an FTP server because of attempts to hack into it.
After several months, maybe over a year, I have decided to try again. Is it possible to set it up to listen on some port besides 21? Are there any ports that should not or can not be used for an FTP server? What are valid port numbers (I assume something between 1 and 65536)?
I don't think that in itself will stop the hack attempts but it might make some difference in that regard.
I was using Cerebus' FTP server and the log periodically showed a log-in attempt from someone I did not specifically inform of my server. I had programmed Cerebus to immediately block the ip address after 1 unsuccessful login attempt. Not only that, but I set it to ban the whole range Z.Z.*.* if 1 unsuccesful attempt came from Z.Z.A.B (I guess thus banning about 65536 ip addresses). For a long time, there were no "repeat offenders" from the same ip address.
This auto-banning feature seemed to work as I periodically got a second attempt from the same ip address but my log would say something like "ignoring log-in attempt from banned ip address." After that, no log-in attempts were made from the same ip address (though I realize it's not hard to scramble one's ip address at will).
Then one day, my computer was running really slowly. I checked my task manager and Cerebus was using 100% of the CPU. I checked the log and it showed that someone had attempted to log in over 1000 times using the user name "administrator," and was still trying. I shut down Cerebus and maybe my whole computer. Then I took Cerebus offline permanently.
Now I'm trying filezilla server. It doesn't seem to have all the options Cerebus had. I don't know, maybe I should try a newer version of Cerebus... I've apparently uninstalled it, so I don't know what version I was using.
After several months, maybe over a year, I have decided to try again. Is it possible to set it up to listen on some port besides 21? Are there any ports that should not or can not be used for an FTP server? What are valid port numbers (I assume something between 1 and 65536)?
I don't think that in itself will stop the hack attempts but it might make some difference in that regard.
I was using Cerebus' FTP server and the log periodically showed a log-in attempt from someone I did not specifically inform of my server. I had programmed Cerebus to immediately block the ip address after 1 unsuccessful login attempt. Not only that, but I set it to ban the whole range Z.Z.*.* if 1 unsuccesful attempt came from Z.Z.A.B (I guess thus banning about 65536 ip addresses). For a long time, there were no "repeat offenders" from the same ip address.
This auto-banning feature seemed to work as I periodically got a second attempt from the same ip address but my log would say something like "ignoring log-in attempt from banned ip address." After that, no log-in attempts were made from the same ip address (though I realize it's not hard to scramble one's ip address at will).
Then one day, my computer was running really slowly. I checked my task manager and Cerebus was using 100% of the CPU. I checked the log and it showed that someone had attempted to log in over 1000 times using the user name "administrator," and was still trying. I shut down Cerebus and maybe my whole computer. Then I took Cerebus offline permanently.
Now I'm trying filezilla server. It doesn't seem to have all the options Cerebus had. I don't know, maybe I should try a newer version of Cerebus... I've apparently uninstalled it, so I don't know what version I was using.