policy/protocols/ftp/detect-bruteforcing.zeek¶
-
FTP
¶
FTP brute-forcing detector, triggering when too many rejected usernames or failed passwords have occurred from a single address.
- Namespace
FTP
- Imports
base/frameworks/sumstats, base/protocols/ftp, base/utils/time.zeek
Summary¶
Redefinable Options¶
The time period in which the threshold needs to be crossed before being reset. |
|
How many rejected usernames or passwords are required before being considered to be bruteforcing. |
Redefinitions¶
|
Detailed Interface¶
Redefinable Options¶
- FTP::bruteforce_measurement_interval¶
-
The time period in which the threshold needs to be crossed before being reset.
- FTP::bruteforce_threshold¶
-
How many rejected usernames or passwords are required before being considered to be bruteforcing.