Hi,

I have an FTP Server setup via IIS, and recently I have had some attempts by a bot of some sort to login to the server. I checked the ftp logs and I have the IP address of the hacker. I'm currently using Endian firewall community edition. I'm not sure if anyone is familiar with that, but I would like to figure out a way to deny this person's IP, so they can't access the server at all. They are running some type of login bot. Endian firewall has lots of features but I can't seem to find out how to deny an ip address altogether. I could put the ftp server in a dmz, but that wouldn't stop this bot from trying to login. I need to block his ip before he even gets to ftp access. Any help is appreciated.

Hello.

I'm afraid I'm not at all familiar with Endian, though I know it's a Linux opensource program. Not sure if this would help, but here you go:
Fultus Technical Documentation and Professional Literature eLibrary

Let us know how it goes.

__________________
< Prework | PCHF Rules | ParasiteDB - Database on Spyware, Adware, Trojans and more!>