You are viewing a plain text version of this content. The canonical link for it is here.
Posted to ftpserver-dev@incubator.apache.org by "Niklas Gustavsson (JIRA)" <ji...@apache.org> on 2007/06/23 12:29:26 UTC

[jira] Closed: (FTPSERVER-99) Configurable delay after a failed login attempt

     [ https://issues.apache.org/jira/browse/FTPSERVER-99?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Niklas Gustavsson closed FTPSERVER-99.
--------------------------------------

    Resolution: Fixed

Implemented and set to a default of 500 ms. 

commit -m "Adding a setting to disconnect a user after a certain amount of failure login attempts (FTPSERVER-94). Also added a configurable delay after a failed login to make brute force attacks harder (FTPSERVER-99)." C:/home/niklas/workspaces/apache/ftpserver/ftplet-api/src/java/org/apache/ftpserver/ftplet/FtpSession.java C:/home/niklas/workspaces/apache/ftpserver/core/src/java/org/apache/ftpserver/command/PASS.java C:/home/niklas/workspaces/apache/ftpserver/core/src/java/org/apache/ftpserver/ftplet/IsolatingFtpSession.java C:/home/niklas/workspaces/apache/ftpserver/core/src/java/org/apache/ftpserver/FtpSessionImpl.java C:/home/niklas/workspaces/apache/ftpserver/core/src/java/org/apache/ftpserver/listener/ConnectionManager.java C:/home/niklas/workspaces/apache/ftpserver/core/src/java/org/apache/ftpserver/listener/ConnectionManagerImpl.java C:/home/niklas/workspaces/apache/ftpserver/distribution/res/conf/ftpd.properties C:/home/niklas/workspaces/apache/ftpserver/distribution/res/conf/ftpd.xml
    Sending        C:/home/niklas/workspaces/apache/ftpserver/core/src/java/org/apache/ftpserver/command/PASS.java
    Sending        C:/home/niklas/workspaces/apache/ftpserver/core/src/java/org/apache/ftpserver/ftplet/IsolatingFtpSession.java
    Sending        C:/home/niklas/workspaces/apache/ftpserver/core/src/java/org/apache/ftpserver/FtpSessionImpl.java
    Sending        C:/home/niklas/workspaces/apache/ftpserver/core/src/java/org/apache/ftpserver/listener/ConnectionManager.java
    Sending        C:/home/niklas/workspaces/apache/ftpserver/core/src/java/org/apache/ftpserver/listener/ConnectionManagerImpl.java
    Sending        C:/home/niklas/workspaces/apache/ftpserver/distribution/res/conf/ftpd.properties
    Sending        C:/home/niklas/workspaces/apache/ftpserver/distribution/res/conf/ftpd.xml
    Sending        C:/home/niklas/workspaces/apache/ftpserver/ftplet-api/src/java/org/apache/ftpserver/ftplet/FtpSession.java
    Transmitting file data ...
    Committed revision 550034.

> Configurable delay after a failed login attempt
> -----------------------------------------------
>
>                 Key: FTPSERVER-99
>                 URL: https://issues.apache.org/jira/browse/FTPSERVER-99
>             Project: FtpServer
>          Issue Type: Improvement
>    Affects Versions: 1.0-M1
>            Reporter: Niklas Gustavsson
>            Assignee: Niklas Gustavsson
>             Fix For: 1.0-M2
>
>
> After a failed login attempt, the server should delay the session for a short while to make brute force attacks harder. 

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.