FTP Brute Force Attack?


#1

Just got an e-mail bounce in my mailbox containing an attachment mentioning something called FTP Quick Brute, and containing several FTP logins. Anyone else see anything like this? Reporting it to DH now.


#2

You might be interested to know that DreamHost has some mechanisms in place to help prevent such things from being successful.

For instance, after “n” failed attempts to log on, DreamHost automatically “locks down” the account for “n” minutes and prevents any log in at all for that period of time. :slight_smile:

–rlparker
–DreamHost Tech Support


#3

I had assumed that they had something like that, however if the information I have is accurate, this script attempted over 1,000 logins (1 per second) and succeeded in gathering a few usernames/passwords.

I submitted a support ticket with the relevant information, it looks like whoever did this used a type of PHP exploit.