While testing with the new release of Hydra against my own FTP server from FileZilla, I recognized that the autoban feature from FileZilla does not work for IPv6 connections. If there are multiple failed login attempts from an IPv4 address, FileZilla Server correctly blocks that IP. That is: Hydra stops testing passwords since it is not able to connect to the server anymore. However, when using IPv6, the FileZilla server generates the same error message (“421 Temporarily banned for too many failed login attempts”), but new connections from the same IPv6 address are still possible.
Here are my test results: