This is for members who have a web hosting accounts. My server informs me whenever theirs been an attempt to access root. I get about 8 emails a day of random ips (mostly in china) trying to gain access. Is this typical?
Hacking attempts on server
- Thread starter tonygeor
- Start date
- Oct 10, 1999
- 31,298
- 12,818
- 136
the proper place to post this would be in the Security forum. You will get better responses than OT.
Gooberlx2
Lifer
- May 4, 2001
- 15,381
- 6
- 91
Platypus
Lifer
- Apr 26, 2001
- 31,046
- 321
- 136
ViviTheMage
Lifer
Lean L
Diamond Member
- Apr 30, 2009
- 3,685
- 0
- 0
Lol that's very typical. When I ran FTP on my server I had thousands of hack attempts. Most were brute force things with default passwords and user names. I ended up setting up autobans when there were more then 5 attempts from the same ip and I still had hundreds of new ips lol... All this was just for a private server hosted from a residential line lol. Now I just use apache with no online config options for anything and no dynamic scripting lol. Do everything over VPN for security.
Right now the firewall seems to be doing a descent job from what i can tell. Once the Ip tries to login 5 times it is permanently blocked. Also if anyone ever gains root I get an email. I just think its pretty messed up that theirs all these groups scouring the internet just to find an open door.
ViviTheMage
Lifer
rudeguy
Lifer
- Dec 27, 2001
- 47,351
- 14
- 61
I taught lil rudeguy how to ban Canada on his server. I've never seen him so happy.
Lean L
Diamond Member
- Apr 30, 2009
- 3,685
- 0
- 0
Set up VPN if you can. take the server out of the dmz and only forward the ports you need to access http/https/whatever the fuck else. Open SSH is a disaster imvao.
Last edited:
ViviTheMage
Lifer
It's been a busy 3 years for me. Joined the Army, went to iraq, came back from the sand pit, now getting out
ViviTheMage
Lifer
It's been a busy 3 years for me. Joined the Army, went to iraq, came back from the sand pit, now getting out
Thanks :thumbsup:
ViviTheMage
Lifer
In and out in a year? Or are you still "in" just not deployed? Did you do anything tech related while in?
I wouldn't do #1. Security by obscurity is a bad habit to get into, in my opinion.
#2 sounds good.... /etc/ssh/sshd_config, PermitRootLogins No
#3 works well, but it could get annoying for you, especially if you login from different machines a lot.
#4 is the best choice, in my opinion. There's an easier way to do it with iptables (Linux) or pf (FreeBSD) that makes fail2ban not needed... I can post the one line ruleset if you'd like.
#5 is good, too.
I joined in 2007, signed up for 4 years...deployed in 2009 as a Military Intelligence Analyst (same job as that Manning dumbass). Came back after a year and now I'll be getting out in 2 months...w00t!
ViviTheMage
Lifer
Lay it on me, thought I think the firewall has been doing a good job. It's always good to learn something new
Lay it on me, thought I think the firewall has been doing a good job. It's always good to learn something new
What OS? What distro?
I already have a BS in computer science. I'm trying to start my own business so we'll see how my website and app work out.
I know its a linux box using cpanel vps...my hosting provider is Servint (they've been awesome)
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 23K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
News NVIDIA and Intel to Develop AI Infrastructure and Personal Computing Products- Started by poke01
- Replies: 411
Facebook
Twitter