New csf v5.03

Changes:

  • Added new option LF_DISTATTACK_UNIQ so that you can specify how many unique IP addresses are required to trigger LF_DISTATTACK
  • Added new options LF_DISTFTP, LF_DISTFTP_UNIQ and LF_DISTFTP_PERM. This option will keep track of successful FTP logins. If the number of successful logins to an individual account is at least LF_DISTFTP in LF_INTERVAL from at least LF_DISTFTP_UNIQ IP addresses, then all of the IP addresses will be blocked. This option can help mitigate the common FTP account compromise attacks that use a distributed network of zombies to deface websites
  • Changed DA default configuration of FTPD_LOG to “/var/log/secure”