Date: Sat, 11 Dec 2010 10:35:24 +0700 From: Thomas Wahyudi <thomas@sanbe-farma.com> To: freebsd-questions@freebsd.org Subject: Re: Runaway ProFTP? Message-ID: <4D02F17C.3090606@sanbe-farma.com> In-Reply-To: <4D029FF2.9020305@nrdx.com> References: <1560F156-B3C8-4986-980C-8B6175C49683@d3photography.com> <740D0EA5-1F2A-486C-B231-11F25BB3AC59@cwis.biz> <4D029FF2.9020305@nrdx.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 11/12/2010 4:47, Jerry Bell wrote: > I have been having this happen a few times per week for the past few > weeks. I believe it is caused by someone attacking proftpd. I > noticed today that there is an updated version - 1.3.3c that fixes a > vulnerability that they may have been trying to exploit. > > When I looked at the process list, I would see around 20 proftpd's, > each with a high amount of CPU used, and connected to a specific IP. > I'd firewall off those IPs and kill off proftpd/restart. Knock on > wood, I have not had that happen since upgrading to 1.3.3c, but that > may just be because no one has tried again yet. > > Jerry yeap, thats correct according to proftpd website news, I upgrade using latest port but still get attacking, I change to pure-ftpd then everything fine -- Thanks& Regards, Thomas Wahyudi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4D02F17C.3090606>