How Many Attack Attempts Do You Get To Your Server Per Day?
Aug 22, 2007
I went today to my apache error log, and noticed that those scum lowlifes hackers trying to hack my server every day for at least 100 times!!!
What a disaster!
Examples of urls they trying to use:
- http://usuarios.arnet.com.ar/larry123/safe.txt?
- http://uploaded.justfree.com/id.txt?
- http://nukedclx.info/php/base
Is there anything that can be done to prevent this mor*** from even trying to hack (except putting a bullet in his/their head)?
View 14 Replies
ADVERTISEMENT
Mar 12, 2008
I have been getting a lot of hacking attempts from this server:
server.softjin.com
They have offices in the U.S. as well as India, Japan, Singapore. I have reported them to [url]
and if you are in the U.S. and have proof of hacking attempts from this company, please post them here -
I am currently looking to compile a list of complaints so I can send another complaint report to ic3.gov
View 7 Replies
View Related
Jun 10, 2008
have found open servers and are trying to execute:
Site: MYSite (mydomain.com)
Error Code: 404 Missing URL ()
Occurred: Tue Jun 10 17:57:20 MDT 2008
Requested URL: //mypanel/clientarea.php?action=[url]
User Address: 67.15.183.164
User Agent: libwww-perl/5.805
Referer:
"Alartist" seems to be an Arabic site while the IP seems to be hosted by the Planet.
Anyone else seeing these?
View 5 Replies
View Related
Nov 5, 2009
It has been 1 week, i am getting following email every day from my server.
Code:
5 failed login attempts to account root (system) -- Large number of attempts from this IP: 173-45-230-205.slicehost.net
Everyday a login attempt comes from new/different ip address.
Should i install CSF?
View 7 Replies
View Related
Oct 13, 2007
Our VPS is being hit several times a day with hacking attempts. We have been actively monitoring error logs and can see the failed attempts. I was just wondering if there is a better way to track such attempts or another system log that wold provide additional info on these attacks? or maybe some 3rd party logging scripts?
View 13 Replies
View Related
Mar 16, 2008
How to best secure WP from any attacks, hack attempts and others?
View 4 Replies
View Related
Apr 1, 2015
It should be a straight forward change. [URL] .... does not redirect to [URL]...... It simply tries to load /denver-cars/ and denver-cars is in the URL. Am I missing something here? I have tried moving it up and down the list of rules and have tried numerous types of flags to no avail. Everything else in the htacess works fine with out the line:
RewriteRule ^/(.*)-cars/ /newcars-in-$1/ [NC,R=301,L]
Here is my htaccess:
Options +FollowSymlinks
RewriteEngine on
RewriteBase /
# Force www
# Redirect google index dir's to new dir
RewriteRule ^/(.*)-cars/ /newcars-in-$1/ [NC,R=301,L]
[code]....
View 1 Replies
View Related
Oct 16, 2014
Plesk 11.5.30 Update #47
When I look in a directory password protected by the Plesk Panel, I don't see an .htaccess file...
So, how does Plesk password protect directories?
And, is it possible to add functionality that would limit number of login attempts, and block an offending IP for a period of time?
View 2 Replies
View Related
Sep 28, 2014
Every time I log on plesk 11.09 I get an email from admin saying that due to maximum number of failed login attempts for admin, the account was blocked for 30 minutes.
First, I do not get failed login attempts, I log in every time.
Two, the account is not blocked, I can log in, out and back in as many times as I want without problem except that I get this email everytime.
View 3 Replies
View Related
Jul 2, 2009
My server is currently underattack, I have been able to keep it up but after I ban 500 IPs, I get a lot of different IPs again.
Any idea or suggestion to do mass-ban to those attacking IPs?
tcp 0 0 xxx.xx.xxx.xxx:80 190.87.128.59:3965 SYN_RECV
tcp 0 0 xxx.xx.xxx.xxx:80 82.115.52.10:2323 SYN_RECV
tcp 0 0 xxx.xx.xxx.xxx:80 90.148.137.56:21094 SYN_RECV
tcp 0 0 xxx.xx.xxx.xxx:80 189.237.35.155:57605 ...
View 14 Replies
View Related
Jul 4, 2006
Someone is trying to attack our server (I think so). When running apache status there are a LOT of connections from one network, all requesting the same page. But running: netstat -ntu | awk '{print $5}' | cut -d: -f1 | sort | uniq -c | sort -n does show any of these IP's. So script blocking ddos attacks wont work. Anyone know what can I do about this?
View 14 Replies
View Related
Nov 7, 2009
two of my website on the server was changed by the hackers.How did they do it?
View 7 Replies
View Related
Nov 3, 2009
i got botnet attack my web server...is there anything i can do to block thse attack? my host isnt help much?
View 4 Replies
View Related
Oct 22, 2009
how to protect an linux dedicated server from bot attack. Im using linux server with cPanel, using CSF firewall + DOS Deflate.
View 5 Replies
View Related
May 17, 2009
How can check server for dos/ddos/syn attack?
Because my server load is high, perfromance is low, but i dont have any high process.
View 5 Replies
View Related
Feb 2, 2008
is this DDOs attack : .....
View 5 Replies
View Related
Jan 31, 2008
I think I'm experiencing some type of alternative to a DDoS attack. My server is being killed by thousands of emails being sent to fake accounts on my server.
I'm not a server administrator, so please bear with me.
My load average is skyrocking to 800.xx at times. I look at "top" and see "exim" for one specific user on my server. I own all the websites on my server, by the way.
When I look at my email queue, I see thousands of emails coming in to accounts that don't exist for that specific user. Let's say the domain name is salcollaziano.com. Somebody is sending spam to various salcollaziano.com aliases that don't exist. Like webmaster -at- salcollaziano.com and suzy -at- salcollaziano.com.
How can I prevent these spam emails from having any interaction with my server? It's causing me a lot of downtime on all the sites I have running on that particular server.
View 14 Replies
View Related
Nov 27, 2008
Not sure if it's a valid threat, but I would like to do the best I can to identify one as early as possible.
Can someone maybe give me an idea of what to look for? They were not specific on there type of attack, but I was hoping that there was maybe a log file I could tail and keep an eye out for irregularities.
View 10 Replies
View Related
Aug 8, 2007
my server got phisihing attack with bankamerica/paypal etc. i wounder because we have tight firewall/security etc. but any way this is teribel. i have found ip when look in to /var/log/messages -
its looks like (?@85.201.19.xxx). is it used anonymos ftp? i found same ip used to log in to another ftp host as well.
View 5 Replies
View Related
Nov 17, 2007
My server (Xeon 3.0Ghz) went down for no reason yesterday and ever since it was rebooted (and I've rebooted a couple of times since then), pages load extremely slowly or just timeout. Server load is constantly hovering around 1 and top stats indicate that the server's resources are not under heavy load, which is contrary to the usual pattern during peak times.
I've checked netstat and I notice a lot of SYN_RECV. Could this be a DoS attack? If so, what steps do I take to stop it?
View 1 Replies
View Related
Jun 18, 2008
my server is being ddosed and the network utilisation is at 40% of 1gpbs
i asked to softlayer to check and they said my programs/services is taking that much bandwidth
any1 can help me?
if my server is under dos attack wat can i do?
because the bandwidth used is about 50gb/hr
View 10 Replies
View Related
Jul 7, 2009
My server was hit with flood recently, to the point where I was unable to log in via SSH. Running 'netstat' command showed I was getting flooded with thousands of http requests from China/Saudi Arabia/Korea. I installed APF firewall and added those countries to deny list.
Next day I was hit from Russia and Romania and some others. By reading some posts on this site, on top of APF, I have also installed Dos Deflate. It was working for couple of hours, but then it stopped working. I could not even log in via SSH. My provider told me that APF was using all of the "conntrack" connections. I have increased conntrack connections to 130,000 (I have 4 Gigs of RAM on my server). Is that possible? (I have about 300 IP ranges in my APF deny list).
Next day, I was got hit by different attack: there was 11 Mbps of malicious traffic on average sent to my server. My provider put me behind firewall to mitigate against that kind of attack.
Currently, I am both behind the hardware firewall and I have APF and Dos Deflate running. However my server is not accessible.
When I request, I can log in for couple of minutes, but then I get kicked out.
View 9 Replies
View Related
Feb 16, 2008
I have been getting ddossed for the last month, my host has tried many things on my server that are commonly suggested around here, however we have over 40 000 connections hitting the server from this attack and it keeps rising.
I am on LiteSpeed.
I also have NetScreen 50 firewall which helped for a little while, however the server still keeps going down.
I am spending $420 a month on my hosting for my dedicated server
Now it is costing me an extra $400 a month to have Netscreen firewall running which is a waste of money as it can not effectively keep the server running and i'm not sure if I can even effectively afford that much money a month, however I might need to spend a little more if need to just get the server running finally.
basically I need some options as to what I can do. I would like to stay with my host, they have been good to me, however if my options are better suited to changing then let me know. I just really need to get my server running great asap and to keep it running great when i'm away from the internet.
View 7 Replies
View Related
Jun 25, 2008
today i have DDos Attack in my server in port :80
what is the better way to secure my server from DDos Attack
View 14 Replies
View Related
Feb 23, 2007
OS: Centos 4
Someone managed to get into my server and launched a DoS attack on someone else machine.
How do I find out the person who did this?
How do I find out how the person got in in the first place?
How do I make sure that it cannot happen again using the same method?
View 1 Replies
View Related
Jan 10, 2007
Today my system which is hosting the site bepenfriends got compramised(win 2k3) and now LT tech guys are working on it to reload the system with a data save. I was not having a hardware firewall which caused this problem. But i had windows firewall, windows malinious software removal tool (defender i haven't installed). I have updated all patches of win2k3 whch was released till today.
Now after restore it will be great work to bring my website back with all those rewritten urls and the softwares and its licenses.
Now please help me out in below stuff.
How to stop further attack and further compramisation of server.
View 9 Replies
View Related
Feb 19, 2007
My site is being attacked by what appears to be a dictionary attack on my mail account. They are sending e-mails to random accounts at my domain from random e-mail accounts from somewhere else. Each of their messages is coming from a unique e-mail address and a unique IP address.
Now, we have some dictionary ACL installed that basically blocks any IP address that is caught doing this. So we are blocking tons of IP addresses, but they keep coming at us with new ones. We also have it setup so that the mail is rejected right away for any accounts that aren’t actual e-mail accounts of yours. However, they are hitting the server so hard that it doesn’t seem to be making any difference.
View 17 Replies
View Related
Jan 6, 2009
I have a client who's server has got DDOS attack. It causes the network disruption and DC wants to turn off the server. My client feels it stupid to turn off the server just like that.
can large attacks prevented server side?
View 11 Replies
View Related
Jun 18, 2008
Ever since Monday morning, my site has had problems because the server at my host is under attack.
Most of Monday my site was down. Then Monday late afternoon, it came back...I thought. The forum is up and running, but the rest of the site, built on WordPress, is screwy.
Most of the plugins aren't working because of inability to connect with the database.
I can't log in to my cPanel at all and haven't been able to since Sunday.
This is the first time I've experienced anything like this, lasting this long.
It has me wondering if I should start considering a new host. I have loved their service, especially their speedy support (native English speaking to boot) so I hate to leave but I'm not sure if their service is going a little downhill or not.
View 8 Replies
View Related