Pure-FTPd

From Fail2ban
Jump to: navigation, search

Pure-FTPd is actively supported, and it was always designed with security in mind, and the code is always re-audited as new kind of vulnerabilities are discussed. The server can run with privilege separation for paranoid security. It can even run 100% non-root, with its built-in chroot() emulation and virtual accounts. Transmission of clear text passwords and commands can be avoided : Pure-FTPd has optional support for an SSL/TLS encryption layer using the OpenSSL library. All server messages are translated in English, German, Romanian, French, Polish, Spanish, Danish, Dutch, Italian, Brazilian Portuguese, Slovak, Korean, Swedish, Norwegian, Russian, Traditional Chinese, Simplified Chinese, Czech, Turkish, Hungarian and Catalan. It helps your customers understand diagnostics, even when english isn’t their native language. Messages are in independant files and they can be easily translated to new languages, or customized. Transparent conversion of client to filesystem charsets is implemented, with UTF-8 support. From official site.


Pure-FTPd version 1.0.26

Dec 5 06:59:22 localhost pure-ftpd: (?@192.0.2.226) [WARNING] Authentication failed for user [Admin]

Dec 5 06:59:22 localhost pure-ftpd: (?@192.0.2.220) [WARNING] Authentication failed for user [administrator]

failregex =  pure-ftpd: \(\?@<HOST>\) \[WARNING\] Authentication failed for user

Modify default regex:

__errmsg = (?:Authentication failed for user|Erreur d'authentification pour l'utilisateur)
failregex = pure-ftpd: \(\?@<HOST>\) \[WARNING\] %(__errmsg)s \[.+\]$

Test it:

host:/home/user# fail2ban-regex /var/log/pure-ftpd/pure-ftpd.log /etc/fail2ban/filter.d/pure-ftpd.conf
Personal tools