FTP-Proxy: General Settings
In the FTP-Proxy General Settings, you can set basic FTP parameters.
- In the FTP Proxy Action Configuration, select General.
FTP-Proxy Proxy Action general settings in Policy Manager
- To set limits for FTP parameters, select the applicable check boxes. These settings help to protect your network from buffer overflow attacks.
Set the maximum user name length to
Sets a maximum length for user names on FTP sites.
Set the maximum password length to
Sets a maximum length for passwords used to log in to FTP sites.
Set the maximum file name length to
Sets the maximum file name length for files to upload or download to FTP sites.
Set the maximum command line length to
Sets the maximum length for command lines used on FTP sites.
Set the maximum number of failed logins per connection to
Allows you to limit the number of failed connection requests to your FTP site. This can protect your site against brute force attacks.
Set the maximum time period for failed logins
Allows you to set the time interval allowed (in seconds) for the maximum number of failed login attempts to your FTP site.
- In the text box for each setting, type or select the limit for the selected parameter.
- For each setting, select or clear the Auto-block check box.
If a user tries to connect to an FTP site and exceeds a limit that you have selected to auto-block, the computer that sent the commands is added to the temporary Blocked Sites List.
- To create a log message for each transaction, select the Enable logging for reports check box.
You must select this option to get detailed information on FTP traffic.
To specify the diagnostic log level for all proxy polices that use this proxy action, select the Override the diagnostic log level for proxy policies that use this proxy action check box.
From the Diagnostic log level for this proxy action drop-down list, select a log level:
The log level you select overrides the diagnostic log level that is configured for all log messages of this proxy policy type.
For more information about the diagnostic log level, see Set the Diagnostic Log Level.
- To change settings for other categories in this proxy, see the topic for the next category you want to modify.
- Save your settings.
If you modified a predefined proxy action, when you save the changes you are prompted to clone (copy) your settings to a new action.
For more information on predefined proxy actions, see About Proxy Actions.
To see IP addresses that are blocked when the limits you set on FTP parameters have been exceeded, you can review your log messages, or you can connect to your device with Firebox System Manager and view the Blocked Sites list and Traffic Monitor. From there you can see which IP addresses were blocked and why, and unblock the sites as appropriate. For more information about the Blocked Sites list and Traffic Monitor, see Manage the Blocked Sites List (Blocked Sites) and Blocked Sites and Traffic Monitor.