Imperva Cyber Community

 View Only
  • 1.  Brute Force Attack via FTP

    Posted 10 days ago
    do you know of a way someone could keep a session open with an FTP while brute forcing it?


    Steve Murray
    Security Engineer, TVM, Appsec, WAF
    Nashville TN

  • 2.  RE: Brute Force Attack via FTP

    Posted 9 days ago

    Hey Steve,

    Thanks for posting. I checked in with our team and this was their response...

    The WAF will detect suspicious activity over http/https (80/443)
    There are many cases where the attacker/user can send FTP(20/21) over HTTP, in that case, the WAF will flag brute force activity. Imperva WAF also protects against manual brute force attacks. When a user makes repeated attempts to access a system, or successively attempts different credentials following a pattern, Imperva will detect this anomalous activity, block the user and alert security staff.

    We can also create an Incaprule for bruteforcing.

    I hope this helps. Let me know if you have any more questions.

    Sarah Lamont
    Digital Community Manager