PhonicUK
commented
2 months ago The SFTP honeypot is just a setting? It can be disabled via ADS01s config. If this setting isn't behaving then that needs to be made more explicit:
Open IceOfWraith opened 5 months ago
PhonicUK
commented
2 months ago The SFTP honeypot is just a setting? It can be disabled via ADS01s config. If this setting isn't behaving then that needs to be made more explicit:
southnode
commented
2 months ago @PhonicUK Controller > Target will ban this across the entire target and controller stack, wherein the controller requires a restart to remove the honeypot ban
PhonicUK
commented
2 months ago The first part is by design since the controller is in charge of all auth, but I can change it so that disabling that setting clears the ban list.
southnode
commented
2 months ago Just something that does it because that's not documented anywhere.
Arc: Unable to un-honeypot SFTP via AMP WebUI (it bans across the entire target/stack, not just the instance specifically - controller restart required)