FTP Authorization Failure time limits

From: msiddhartha@netcom-sys.com
Date: Fri Sep 28 2007 - 07:14:41 EDT

Next message: mzfaour@hotmail.com: "Password Revealer for Pocket PC??"
Previous message: xxradar: "RE: Are Fragmentation Attacks Still Used for IDS/IPS Evasion?"
Next in thread: Jason Barbier: "Re: FTP Authorization Failure time limits"
Reply: Jason Barbier: "Re: FTP Authorization Failure time limits"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) Hi,
When an FTP authorization fails thrice continuously, an error called 530: User not logged in (Your password is being rejected) triggers an alarm in some Enterprise SIM solutions.

Can somebody please explain whether there is a time frame for the illegitimate login attempts after which the alarm fires?
To elaborate the query, how much time space is allotted after every individual invalid login attempt for an attacker using Brute force by the FTP server?

Thanks in advance

Cheers!

------------------------------------------------------------------------
This list is sponsored by: Cenzic

Need to secure your web apps NOW?
Cenzic finds more, "real" vulnerabilities fast.
Click to try it, buy it or download a solution FREE today!

http://www.cenzic.com/downloads
------------------------------------------------------------------------

Next message: mzfaour@hotmail.com: "Password Revealer for Pocket PC??"
Previous message: xxradar: "RE: Are Fragmentation Attacks Still Used for IDS/IPS Evasion?"
Next in thread: Jason Barbier: "Re: FTP Authorization Failure time limits"
Reply: Jason Barbier: "Re: FTP Authorization Failure time limits"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:58:08 EDT