Thank you for the information, but what harm really it does banning 'historic' sftp as well... I don't see any bug in this.
On Sun, 05 Aug 2007, Paul Collins wrote: > Package: fail2ban > Version: 0.8.0-4 > The ssh and ssh-ddos sections in /etc/fail2ban/jail.conf have "port = > ssh,sftp". However, secure ftp runs over port 22 like regular ssh. > (Instead of starting an interactive session after authentication, the > sftp client requests the sftp module.) Port 115 is the Simple File > Transfer Protocol[1], which is marked by the IETF as "historic"[2]. > Please consider adjusting the default configuration to only specify > "port = ssh" for these sections. > [1] http://www.ietf.org/rfc/rfc913.txt > [2] ftp://ftp.isi.edu/in-notes/rfc-index.txt -- Yaroslav Halchenko Research Assistant, Psychology Department, Rutgers-Newark Student Ph.D. @ CS Dept. NJIT Office: (973) 353-5440x263 | FWD: 82823 | Fax: (973) 353-1171 101 Warren Str, Smith Hall, Rm 4-105, Newark NJ 07102 WWW: http://www.linkedin.com/in/yarik -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]