Improve FTP Security With Automated IP Blocking (Anti-Hammering)

Use FTP ban time regulations to help prevent brute force breaches without disruption

Fully functional for 14 days

Limit failed login attempts to obstruct unauthorized access

SolarWinds^® Serv-U^® Managed File Transfer (Serv-U MFT) grants administrative control over how many login attempts users have before they’re locked out, as well as the duration of the block. With FTP brute force attacks a constant threat, server anti-hammering helps single out illegitimate IP addresses for better visibility and peace of mind regarding your IT landscape. Help keep your data safe by protecting your most vulnerable contact point.

Download Free Trial Email Link to Trial

Fully functional for 14 days

Learn More

Hide server information from SSH-authenticated users

Not everyone needs to know all the details behind your operational and informational landscape. Serv-U allows administrators to hide sensitive server information from verified users to mitigate the risk of internal rogue attacks. Better safeguard confidential data by entrusting it to a handful of high-privilege administrators.

Download Free Trial Email Link to Trial

Fully functional for 14 days

Learn More

Configure access rules for specialized verification

The Serv-U interface provides scalable IP address configurations from the user level up to the server level. By tweaking “Allow” and “Deny” rules, you can directly whitelist a list of IP addresses that are pre-approved, and blacklist unsolicited users that could pose a threat. For example, you can restrict access by locational range and ban certain devices. Serv-U makes FTP transfers seamless with bulletproof FTP ban time regulations that are customizable to your unique needs.

Download Free Trial Email Link to Trial

Fully functional for 14 days

Learn More

Get More on FTP Security

Do you find yourself asking…

What is the basic mechanism of FTP and how does it transfer files securely?
What are FTP security risks and how do I mitigate them?
What is IP blocking (anti-hammering)?
What types of brute force attacks are there?
What are the limitations of using FTP?
How can Serv-U protect you from attacks?
How does the anti-hammering feature work in Serv-U MFT?

FTP, or File Transfer Protocol, is a standard network protocol used for transferring files over the internet. It's a client-server protocol, meaning that one device (the client) initiates a connection to another device (the server) to request or send files. Here's a high-level overview of how it works:

The client (usually an FTP client software) establishes a connection to the server using a control channel, typically on port 21.
The client sends a login request to the server, which includes the username and password. If the login is successful, the server sends a welcome message, and the client can now send commands to the server to list directories, upload or download files, and more.
When a file transfer is initiated, the client and server establish a separate data connection, usually on a random port, to transfer the file.

Now, let's talk about security in FTP. By default, FTP sends all data, including passwords and file contents, in plain text. This makes it a prime target for eavesdropping and man-in-the-middle attacks. To mitigate this risk, many FTP clients and servers support encryption protocols such as SSL/Transport Layer Security (TLS) or Secure File Transfer Protocol (SFTP). However, not all FTP clients and servers support these protocols, so it's essential to ensure that both ends of the connection are secure.

FTP, or File Transfer Protocol, is a standard network protocol used for transferring files over the internet. It's a client-server protocol, meaning that one device (the client) initiates a connection to another device (the server) to request or send files. Here's a high-level overview of how it works:
The client (usually an FTP client software) establishes a connection to the server using a control channel, typically on port 21.
The client sends a login request to the server, which includes the username and password. If the login is successful, the server sends a welcome message, and the client can now send commands to the server to list directories, upload or download files, and more.
When a file transfer is initiated, the client and server establish a separate data connection, usually on a random port, to transfer the file.
Now, let's talk about security in FTP. By default, FTP sends all data, including passwords and file contents, in plain text. This makes it a prime target for eavesdropping and man-in-the-middle attacks. To mitigate this risk, many FTP clients and servers support encryption protocols such as SSL/Transport Layer Security (TLS) or Secure File Transfer Protocol (SFTP). However, not all FTP clients and servers support these protocols, so it's essential to ensure that both ends of the connection are secure.
FTP security risks are a significant concern for any organization using this protocol to transfer sensitive data. Some of the most common security risks associated with FTP include:
Eavesdropping: Attackers can easily intercept and read sensitive information, as FTP sends all data in plain text
Brute force attacks: Attackers can use automated tools to guess weak passwords, potentially leading to unauthorized access to the server
IP blocking: Attackers can use IP spoofing techniques to masquerade as a legitimate client and gain access to the server
To mitigate these risks, here are some best practices to follow:
Implement encryption: Use encryption protocols such as SSL/TLS or SFTP to encrypt all data transferred between the client and server
Restrict usage to internal networks: Allow FTP access only from trusted internal networks or VPNs
Assess data sensitivity: Classify sensitive data and restrict access based on user roles and permissions
Use strong passwords: Enforce strong password policies and consider using two-factor or multi-factor authentication to add an extra layer of security
Monitor FTP activity: Regularly review FTP activity logs to detect and respond to any suspicious behavior
Brute force attacks come in multiple forms, and many rely on automation to speed up the process. At any given time, an organization may be exposed to:
Simple brute force attacks, where hackers manually guess and input possible usernames, passwords, or PINs
Credential stuffing, which involves using stolen credentials to log into several possible accounts
Dictionary attacks, which harness word combinations and stylizations to guess a valid password
Hybrid brute force attacks, which leverage both simple and dictionary tactics to generate possible alphanumeric credentials
Reverse brute force attacks, where hackers use known passwords to figure out corresponding usernames and other identity credentials
Password spraying, where cybercriminals use the same password across multiple accounts to avoid anti-hammering ban time regulations
Despite its security concerns, FTP is widely used in many organizations, especially in these scenarios:
Efficiency is key: FTP is a simple and lightweight protocol capable of transferring large files quickly, making it a good choice for high-bandwidth applications
Legacy systems: FTP is still relied on by many older systems and applications for file transfers, making it a necessary solution
Specific internal use cases: FTP may be used for specific internal use cases, such as transferring files between trusted systems or applications
However, it's essential to weigh these benefits against the security risks associated with FTP. In many cases, it's better to use more secure protocols, such as SFTP, Secure Copy Protocol, or managed file transfer (MFT). These offer end-to-end encryption, authentication, and access controls, making them a more secure choice for transferring sensitive data.
When to use MFT instead of FTP
If you're transferring sensitive data—especially outside of your organization's network—or if you need to comply with regulatory requirements, such as PCI-DSS, HIPAA, or GDPR, it's recommended to use MFT instead of FTP. MFT provides a more secure and auditable way to transfer files, with features such as encryption, access controls, and activity logging.
Serv-U comes in two editions that support standard FTP and MFT. FTP is a legacy protocol for transferring files over networks, but it’s been slowly phased out in favor of more secure alternatives, such as SFTP and MFT. Serv-U provides built-in protection against FTP brute force login attempts through a suite of tools admins can leverage to control, monitor, and audit suspicious login activity.
MFT is built to offer more scalability, flexibility, and visibility into file transfer processes, which is critical as organizations embrace hybrid or remote workspaces relying on interconnected wireless devices. Serv-U works well with HTTP, FTPS, HTTPS, IPV4, and IPV6, ensuring compatibility with novel and legacy IT systems.
For instance, you can set block duration time limits and a maximum number of incorrect entries to automatically disqualify users with invalid credentials, also known as anti-hammering protection, on an FTP server. There is also an option to match peer IP addresses to reduce FTP bounce attacks caused by breaches in transfer ports by malicious outside actors.
Additionally, IP access rules and domain logging are available for quick, reliable surveillance of network activity and user behavior, so you can put out small fires before they spread to your entire organization.
However, a single IT solution offering anti-hammering protection on an FTP server is not a one-size-fits-all remedy for looming threats, especially when it comes to credential management and protection. Along with Serv-U and the variety of features it houses, it’s strongly recommended that organizations implement these best practices for end-to-end online identity and data protection:
Universal cybersecurity training and daily adherence to internal policies
Strong password generation regulations
Concrete emergency protocols for breach mitigation
Proper credential rotation and disposal to prevent floating passwords and keys
Dependable 24/7 IT support for troubleshooting
To best block brute force attacks using anti-hammering in SolarWinds^® Serv-U^® Managed File Transfer, follow these steps:
Select a password strength requirement by going to Limits & Settings > Limits > Passwords > Require Complex Passwords
Input your desired minimum password length by navigating to Minimum Password Length under the Passwords menu
Choose Automatically Expire Password under the same Passwords menu to prompt users to regularly generate new passwords and retire obsolete ones
Go to Server Limits & Settings > Settings and click on Anti-Hammering to launch this feature
Note: Regularly review user lists to update permissions and limit access to privileged files for better visibility and easier management.

Bulletproof FTP ban time regulations for optimal protection

Serv-U Managed File Transfer Server

Brute force login protection
Server data confidentiality management
Flexible access rule configuration

Download Free Trial Email Link to Trial

Fully functional for 14 days

Learn More

Let's talk it over.

Contact our team. Anytime.