Results 1 to 9 of 9
  1. #1
    Comfortably Numb John Powell's Avatar
    Join Date
    October 17th, 2005
    Location
    Bayou Country, LA
    Posts
    3,432
    My Server Under Attack - Brute Force
    I got locked out of my VPS for a short while and the reason was that there had just been a brute force attack on the server. WHM suggested changing the username but I don't think you can. I just see the option for a new password. I'm checking with support and will find out.

    Just posting this so that everybody will make sure to have one of those funky hard to remember passwords that's rated secure. I probably wouldn't have known about the attack if I hadn't tried to get in during the lock down timeout.


  2. #2
    Speechless OTProf's Avatar
    Join Date
    November 4th, 2006
    Location
    Sunny SoCal
    Posts
    832
    Yikes -- I hope nothing was compromised on your site info/etc.

  3. #3
    What's the word? Rhia7's Avatar
    Join Date
    January 13th, 2006
    Posts
    9,578
    Quote Originally Posted by John Powell
    Just posting this so that everybody will make sure to have one of those funky hard to remember passwords that's rated secure.
    I'm sorry that you had/are having this problem. I hope that any damage (if any) is minimal.

    Would a "funky hard to remember password" make a difference if a key logger was involved?
    ~Rhia7 -- Remember the 7
    Twitter me

  4. #4
    ABW Ambassador Joshua's Avatar
    Join Date
    August 17th, 2006
    Posts
    854
    Was this an attempt at someone getting into root access on the server through SSH? If so, changing your SSH port will stop all of those attempts and noticed - I can't remember any instanced of an attacker trying to brute force my server through the web CPanel login box...

  5. #5
    ABW Ambassador ladidah's Avatar
    Join Date
    October 15th, 2007
    Location
    MA
    Posts
    1,888
    Sorry to hear that this is happening.

    Not sure what is going on - too techy for my knowledge but hope it is fixed.

  6. #6
    Comfortably Numb John Powell's Avatar
    Join Date
    October 17th, 2005
    Location
    Bayou Country, LA
    Posts
    3,432
    While it looked threatening, support says:
    I would suggest that you actually retain your current username and password credentials as this was just a general warning message.
    So it appears not to be that bad. I'm still glad my password is a tough one. They didn't actually get in, but where only trying.


  7. #7
    Moderator MichaelColey's Avatar
    Join Date
    January 18th, 2005
    Location
    Mansfield, TX
    Posts
    16,232
    If the user id you use there is common enough (like "johnp" or "jpowell"), it could have been another customer who registers with that login but had to choose a different one when he/she registered.
    Michael Coley
    Amazing-Bargains.com
     Affiliate Tips | Merchant Best Practices | Affiliate Friendly? | Couponing | CPA Networks? | ABW Tips | Activating Affiliates
    "Education is the most powerful weapon which you can use to change the world." Nelson Mandela

  8. #8
    Moderator leeann's Avatar
    Join Date
    January 18th, 2005
    Posts
    2,955
    Quote Originally Posted by John Powell
    They didn't actually get in, but where only trying.
    I'm glad you came out okay!
    leeann


    Shoppers determine what has value and they like coupons. Stop manipulating who set the cookie just because you do not like coupon and promotional sites.

  9. #9
    Newbie DressesByDaisy's Avatar
    Join Date
    February 10th, 2009
    Posts
    49
    Do your cron jobs need to escalate their privileges or login to the server?

  10. Newsletter Signup

+ Reply to Thread

Similar Threads

  1. Twitter Brute [Spam]
    By AliceWonderland in forum Marketing Resources & Power Tools
    Replies: 11
    Last Post: November 8th, 2009, 10:52 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •