tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: tnftpd no tcp wrappers on freebsd



In article <559A697E.9000603%nethence.com@localhost>,
pierre-philipp braun  <pbraun%nethence.com@localhost> wrote:
>Hi Luke, hi NetBSD tech-userlevel,
>
>I installed tnftpd as my favorite FTP daemon on a FreeBSD box but I 
>observed that I couldn't reject some dirty hackers trying to brute force 
>it, as it isn't linked against libwrap on that system.  I guess or I 
>hope it is TCP wrappers capable on NetBSD, but that feature seems to be 
>missing on FreeBSD which also has a specific /etc/hosts.allow mechanism.
>
>Compiling ot from the ports tree or getting the prepared binary brings 
>the same.  I also looked at ./configure --help output and didn't see 
>anything about tcp wrappers nor libwrap.
>
>Is there some way that I can keep my daemon up while still being able to 
>refuse specific IP or hostnames trying to brute force?

tnftpd on NetBSD has been changed to use blacklistd to mitigate DoS attacks.
If you want to add TCP wrappers support in addition to that, please go ahead
and we'll integrate the patches.

christos



Home | Main Index | Thread Index | Old Index