Posts: 4
Joined: 10.Dec.2001
From: Ottawa, ON, CA
Status: offline
Hi:
I recently setup an FTP server and exposed it using a Server Publishing Rule. I was able to log in without any problems for a few days, but now whenever I log in (from any ip address), I get the following message:
530 Brute Force Attack, your IP has been looked, and futher access is not allowed.
If I disable, then re-enable the server rule, the FTP server works again.
Any thoughts about what this means and what I can do about it? What does "looked" mean?
I'm not aware of any documentation on this! I assume that the ISA Server initiated this response, but I don't see anywhere where you can control this behavior. Would be interesting to know which alert triggered this, because then you could trigger the Alert to restart the service.
Posts: 4
Joined: 10.Dec.2001
From: Ottawa, ON, CA
Status: offline
Hi:
I figured this one out... the message is actually being generated by the FTP server itself. I had thought this was the firewall initially.
Thanks for your insight. Keith
quote:Originally posted by tshinder: Hi Keith,
I'm not aware of any documentation on this! I assume that the ISA Server initiated this response, but I don't see anywhere where you can control this behavior. Would be interesting to know which alert triggered this, because then you could trigger the Alert to restart the service.