Webmaster Forum

Go Back   Webmaster Forum > Web Development > Web Hosting Forum > Dedicated Servers

Dedicated Servers Dedicated server help.


Reply
 
LinkBack Thread Tools Display Modes
Old 01-06-2005, 06:47 AM   #1 (permalink)
Contributing Member
 
MrMean's Avatar
 
Join Date: 07-03-04
Location: Yorkshire, England
Posts: 231
iTrader: 0 / 0%
MrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really nice
Send a message via MSN to MrMean Send a message via Skype™ to MrMean
Exclamation Being Attacked!

Hello, I am running a Cpanel server and get my daily reports (which orginally were ignored) so I decided to look at one which had 27 incorrect attempts of logging in via ssh. Every day is got a little higher, anyhow I got my email today which said 857 which is concerning. I was wondering what my options are to slow the attack down? I'm fairly good with linux, and know my box is relatively secure. I would just like to be able to sleep knowing it probably won't happen
__________________
Cheers,
Anthony Shapley
MrMean is offline  
Add Post to del.icio.us
Reply With Quote
Old 01-06-2005, 12:48 PM   #2 (permalink)
Senior Member
 
fishfreek's Avatar
 
Join Date: 10-13-03
Location: Virginia
Posts: 844
iTrader: 0 / 0%
Latest Blog:
None

fishfreek is a glorious beacon of lightfishfreek is a glorious beacon of lightfishfreek is a glorious beacon of lightfishfreek is a glorious beacon of lightfishfreek is a glorious beacon of lightfishfreek is a glorious beacon of lightfishfreek is a glorious beacon of lightfishfreek is a glorious beacon of lightfishfreek is a glorious beacon of lightfishfreek is a glorious beacon of lightfishfreek is a glorious beacon of light
Send a message via ICQ to fishfreek Send a message via AIM to fishfreek Send a message via MSN to fishfreek Send a message via Yahoo to fishfreek
Install a firewall that auto blocks IP's after X failed login attempts. Do a port inventory and make sure unused ports are blocked via the firewall.

Put attacking IP's in the /etc/hosts.deny file under the ALL: entry.

Join a mailing list like bugtraq so as your up to speed on the most recent exploits and patch/upgrade your software the instant a fix is available for discovered exploits.
fishfreek is offline  
Add Post to del.icio.us
Reply With Quote
Old 01-07-2005, 08:24 AM   #3 (permalink)
Contributing Member
 
MrMean's Avatar
 
Join Date: 07-03-04
Location: Yorkshire, England
Posts: 231
iTrader: 0 / 0%
MrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really niceMrMean is just really nice
Send a message via MSN to MrMean Send a message via Skype™ to MrMean
thanks for your quick reply
__________________
Cheers,
Anthony Shapley
MrMean is offline  
Add Post to del.icio.us
Reply With Quote
Old 01-13-2005, 10:23 AM   #4 (permalink)
Contributing Member
 
Join Date: 10-20-03
Location: United Kingdom, London
Posts: 1,029
iTrader: 0 / 0%
Latest Blog:
None

UKZJ007 is just really niceUKZJ007 is just really niceUKZJ007 is just really niceUKZJ007 is just really niceUKZJ007 is just really niceUKZJ007 is just really niceUKZJ007 is just really niceUKZJ007 is just really niceUKZJ007 is just really niceUKZJ007 is just really niceUKZJ007 is just really nice
Hey Fish ... does v7inc host account cpanels block ips after a failed amount of times?
__________________
My blog
UKZJ007 is offline  
Add Post to del.icio.us
Reply With Quote
Old 01-26-2005, 03:59 PM   #5 (permalink)
Senior Member
 
Join Date: 10-13-03
Location: Brooklyn Park, MN
Posts: 153
iTrader: 0 / 0%
Latest Blog:
None

server-admin is liked by many
Send a message via Yahoo to server-admin
Install this on your server

http://rfxnetworks.net/apf.php

or have them install their security package.

Make sure your /tmp directory is secure and chown wget for only the root user ... or better yet rename it to somthing like 328H65g2Edx to keep it from being used to hack your server.
server-admin is offline  
Add Post to del.icio.us
Reply With Quote
Old 01-26-2005, 05:37 PM   #6 (permalink)
Banned
 
Jonathan VanSchaack's Avatar
 
Join Date: 02-09-04
Location: New York
Posts: 583
iTrader: 0 / 0%
Latest Blog:
None

Jonathan VanSchaack is web crapJonathan VanSchaack is web crapJonathan VanSchaack is web crapJonathan VanSchaack is web crapJonathan VanSchaack is web crapJonathan VanSchaack is web crapJonathan VanSchaack is web crapJonathan VanSchaack is web crapJonathan VanSchaack is web crapJonathan VanSchaack is web crapJonathan VanSchaack is web crap
Send a message via ICQ to Jonathan VanSchaack Send a message via AIM to Jonathan VanSchaack Send a message via MSN to Jonathan VanSchaack Send a message via Yahoo to Jonathan VanSchaack
do not install APF, it effects every aspect of the server
Jonathan VanSchaack is offline  
Add Post to del.icio.us
Reply With Quote
Old 01-27-2005, 02:16 PM   #7 (permalink)
Senior Member
 
Join Date: 10-13-03
Location: Brooklyn Park, MN
Posts: 153
iTrader: 0 / 0%
Latest Blog:
None

server-admin is liked by many
Send a message via Yahoo to server-admin
thats kinda the point with a firewall, do you know of a better product ?
server-admin is offline  
Add Post to del.icio.us
Reply With Quote
Old 01-27-2005, 04:32 PM   #8 (permalink)
T0d
Super Moderator
 
T0d's Avatar
 
Join Date: 01-11-04
Location: Sacramento
Posts: 1,539
iTrader: 0 / 0%
T0d is a web professional of the highest orderT0d is a web professional of the highest orderT0d is a web professional of the highest orderT0d is a web professional of the highest orderT0d is a web professional of the highest orderT0d is a web professional of the highest orderT0d is a web professional of the highest orderT0d is a web professional of the highest orderT0d is a web professional of the highest orderT0d is a web professional of the highest orderT0d is a web professional of the highest order
I suggest APF, and most everyone else does too... I don't know why he would NOT suggest it.
__________________
Learn about Bear Grylls, Les Stroud, Man Vs. Wild & SurvivorMan at Survival TV Shows where Survival comes to life!
T0d is offline  
Add Post to del.icio.us
Reply With Quote
Go Back   Webmaster Forum > Web Development > Web Hosting Forum > Dedicated Servers

Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
Your site is attacked what would you do? netsearch SEO Forum 84 05-03-2006 03:00 AM


Sponsor Links
Get exposure! Contextual Links V7N SEO Blog V7N Directory


All times are GMT -7. The time now is 12:52 PM.
© Copyright 2008 V7 Inc
Powered by vBulletin
Copyright © 2000-2009 Jelsoft Enterprises Limited.


Search Engine Optimization by vBSEO 3.3.0 ©2009, Crawlability, Inc.