System Administration
cancel
Showing results for 
Search instead for 
Did you mean: 

Unsuccessful Login Tries excluding ftp attempts

Rita Li
Frequent Advisor

Unsuccessful Login Tries excluding ftp attempts

We just changed our server to a trusted system

Per audit's request, we set max 3 unsuccessful Unix login attempts allowed only

ie. From sam > Auditing and Security > System Security Policies > General Use Account Policies > Unsuccessful Login Tries Allowed: 3

But we are using an FTP application named as "FTP Surfer" by Whisper Technology with the default option of Retry connection = 10 times

Now for any user does a FTP login but with the password entered incorrectly, the system automatically retries the same password 10 times for him. ie. the Max 3 bad login attempts easily got violateded just for 1 bad ftp login

Q: is there any way to have Unix only to count bad telnet login & ignore any bad ftp login?
2 REPLIES
Steven E. Protter
Exalted Contributor

Re: Unsuccessful Login Tries excluding ftp attempts

Shalom,

A. Not with the standard ftp daemon. The inetd.conf daemon that controls all three types of logins controls logging for ann Internet service daemons.

If you replace wsftpd with another product, logging and daemon control could be configured differently.

Take a look at the /etc/inetd.conf file, there may be documentation, even a man page.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Rita Li
Frequent Advisor

Re: Unsuccessful Login Tries excluding ftp attempts

I solved the problem, thanks