I have a cPanel dedicated server and have a lot of spam attacks on this server. It's getting so bad that our IP is being added to Yahoo & AOL blacklists and my emails are bouncing to these accounts.
Is there anyone on here who can do a thourough check on our server and install anything necessary to stop this kind of activity?
my VPS provider just rebuilt my VPS after many hack attacks.
From some days I am getting emails from firewall that someone login to my VPS/mySQL using SSH.
I don't know what they do, but they don't disturb any account. Only some downtime feel during this. But last night my VPS stop working so my provider rebuilt VPS.
how I can secure my VPS now. I have Cpanel installed.
A user joined our live chat and said if we didn't cancel a domain on our server, he will send us a DDOS attack, and he did so and also did this morning.
Is there anything I can do to prevent this or possibly punish him?
Every time i use Dovecot secure IMAP server with Sieve support.I can not receive emails note. Upgraded from 11.5 to 12
Jun 18 08:03:36 CO6302 postfix/qmgr[1523]: 284FAA0E86: from=<my@gmail.com>, size=1943, nrcpt=1 (queue active) Jun 18 08:03:36 CO6302 postfix-local[2036]: postfix-local: from=my@gmail.com, to=the@domain.com, dirname=/var/qmail/mailnames Jun 18 08:03:36 CO6302 postfix/pipe[2035]: 284FAA0E86: to=<the@domain.com>, relay=plesk_virtual, delay=336, delays=335/0.01/0/0.19, dsn=4.3.0, status=deferred (temporary failure. Command output: lda: Error: user the@domain.com: Error reading configuration: Invalid settings: postmaster_address setting not given lda: Fatal: Internal error occurred. Refer to server log for more information. 4.2.1 Message can not be delivered at this time )
I have used the patch : [URL] .... to disable ssl v3.
After I applied the patch getting error below when i try to send email via horde webmail:
There was an error sending your message: Could not open secure TLS connection to the server.
Roundcube can send mails well but horde not. Otherwise since applied the parch i can't get mails from gmail and maybe other providers i don't know yet.
For example it says calendar.pl is vulnerable and it was able to set a javascript alert as the variable calendar_view.
How can I fix this?
Vulnerability description
This script is possibly vulnerable to Cross Site Scripting (XSS) attacks.
Cross site scripting (also referred to as XSS) is a vulnerability that allows an attacker to send malicious code (usually in the form of Javascript) to another user. A browser execute the script in the user context allowing the attacker to access any cookies or session tokens retained by the browser.
This vulnerability affects /cgi-bin/calendar.pl.
The impact of this vulnerability Malicious users may inject JavaScript, VBScript, ActiveX, HTML or Flash into a vulnerable application Attack details The POST variable calendar_view has been set to >"><ScRiPt%20%0a%0d>alert(398096611151)%3B</ScRiPt>.
Which protocol I should use for performing a backup of important server files and folders. I do make a snapshot but i found that's not enough.
My Centos 6.6 has ProFTPD configuration setup only for webhosts so no root access. I came across SCP, but don't know how to secure that like a Pro. I have also heard about SSHFS for linux.
I have a fresh server running CentOS 6 (final). I am trying to install Plesk 11.5.30 but i am experiencing some problems. When i run the plesk-installer i get this message:
Your host name must resolve to the correct IP address of your server, unless you are using network address translation (NAT).
Please quit Parallels Installer, fix the host name resolution problem, and then try installing again.
You can skip the hostname check and continue the installation, however, in such a case, the installer cannot guarantee successful installation.
I have a brand new A8i server from 1&1 that has crashed twice today and could only be rebooted through the 1&1 control panel (not Plesk). Out of the blue the server is not accessible from the Plesk CP and is not responding to pings. I have looked through the logs and do not see anything that stands out (I am not very Linux savvy). Is there somewhere specific that I can look that would tell me why it is locking up/crashing? I have only had the server about 2 weeks and am only running email on it (no websites besides webmail and Plesk CP). It is possible that there is a hardware issue, but I cannot have 1&1 check it until after hours tonight.
Server is an 8 core Intel Atom 2.6GHz with 8GB RAM.
Multiple security vulnerabilities were discovered in hyperVM and Lxadmin/Kloxo. It is recommended that you update your hyperVM/Kloxo systems to the latest version, as soon as possible.
Details of the vulnerabilities will be posted in the coming days in our forum.
there are some game types out there that are not protected from any type of udp flood attack. I have been doing a lot of work (my servers are linux) and blocked this by coding a bash script running every second checking tcpdump for the amount of current UDP connections and blocks the ip witch has more than a certain number of current UDP connections. This works perfeclty, but it firewalls the ip AFTER the attack started.
I am really interested into blocking this attack fully. Limiting the number of current connections (UDP) from an ip to a certain amount to block this attack totally. I have been looking around a lot and have had no luck. From what I have found, there is no way to do this with iptables or ipchains. It is possible for TCP though, but I could not find it for UDP. Could anyone help me out here.
Just to let you know, I do run a firewall, but it would never pick up this type of attack unless it was major. This is more like a game type bug (firewall thinks the packets are fine, player packets going to the game server).