Log Watch
Mar 29, 2007
my log watch and see things like this each day and some days more, does this mean someones is trying to gain access to the server by hunting for the passwords?
Log Watch so I am just asking for some advice out there.
--------------------- SSHD Begin ------------------------
Failed logins from these:
apache/password from ::ffff:200.206.107.12: 2 Time(s)
ftp/password from ::ffff:200.206.107.12: 2 Time(s)
mysql/password from ::ffff:200.206.107.12: 2 Time(s)
root/password from ::ffff:200.206.107.12: 2 Time(s)
root/password from ::ffff:61.186.188.168: 260 Time(s)
Received disconnect:
11: Bye Bye
::ffff:200.206.107.12 : 33 Time(s)
::ffff:61.186.188.168 : 127 Time(s)
View 6 Replies
ADVERTISEMENT
Sep 16, 2008
I have had a vps for a while now and am no vps expert by any stretch. But I have learned that I cannot rely on support to monitor my box.
what are the important log files to watch and where they are?
View 2 Replies
View Related
Jul 19, 2008
I can't remember the name of the utility that lets you watch what a process is doing. You call it on a PID and you can see all the memory allocations, file IO, library loading, etc. that the process is doing as it happens. Anyone know what I'm thinking of?
View 2 Replies
View Related
Aug 17, 2009
I'm about to upgrade my co-locationed server from twin 2214 Opertons (dual core 2.2GHz) to
twin 2378 Opertons (quad core 2.4GHz). [Got to love the upgrade path on Opertons, single core to 6 core on the same socket.] I know I'll need to do a Bios upgrade but is there
anything else I should worry about. I want to minimize downtime as much as possible.
View 3 Replies
View Related
Mar 25, 2009
I am running CentOS 5.2 with cPanel on my server,
And i am wondering how can i let customers on virtual hosting watch their own CPU load for their account?
View 2 Replies
View Related
May 31, 2008
I had two server from LT for few years. I was happy with the server until 6 month ago. I got an email from LT and was told the price will be increased. I have not choice but paid what they asked. I got another email few days later, again LT increased price. I think it's fine if they increase the price. The problem I got is: LT increases the price but at same time LT still offer same package I had back to few years to their new customers. I called LT, they told me they can do nothing. Today I looked the offer carefully. Here's detail.
-------------------------------------
Dual-Processor Opteron 248$59/Month
RAM:2GB
Hard Drive(s):2 x 160GB SATA
Free upgrade to 2 x 250GB
Bandwidth:3300GB
IP Addresses:8 (5 Usable)
Notes:No Reseller Discount
Setup Fee:$999 setup
---------------------------------------
Ha, $59 not bad deal at all. But watch out, $999 setup fee. Think this, LT will increase your price two years later. Then monthly cost will be $59+$999/24=$100 OR if LT increase you price one year later, your cost will be $59+$999/12=$142. Just think twice before you order from LT.
View 4 Replies
View Related
Apr 19, 2007
I have recently removed my Servers from Moxie Hosting, and I think that if you are reading this you should know what this Commpany is all about..
When I signed up Last year for a year Contract, Sean Corbin, Stated to me that
they have own suite at an other location that the cage my equipment was in was tempuary, and that they would be opening a new suite, when I moved to 8th floor and was told that the that suite was their, which it was not,
Watch out for thier 100% up time, they have been having problems with power,
sence the moved and and till a week ago, they keep blaming the building, and that I would not get any recourse, because Sean Corbin has stated to me that it wasn't his fault and that not his problem,
They also stated that they have a tec on site 24/7, not true, they have an on line
tec that can remotely look at issues, but when I need to get access to my server when I need to fix a issue I had to wait for a tec to show up, and if is after hours its a longer wait because Sean Corbin has no tec on site, I have asked to worked on my server during days, he also staited that he dosn't go to suite during days, and he only works nights.
View 2 Replies
View Related
Nov 26, 2008
After reading numerous accounts (27 and counting) of people's domains being stolen I decided to investigate the situation more closely. What follows is my personal investigation.
Without jumping to any conclusions as to how all of these domains were hijacked, I gathered the facts and sat back to see where the common denominators were.
All of the domains had GMail accounts listed in whois.
Many of the domains were hosted with GoDaddy
Many of them had Alexa rankings of less than 10,000
While the GoDaddy connection was interesting, the fact that all of the hijacked domains had GMail accounts stood out as the real common thread.
It's still not clear how the hijacker was able to obtain access to the GMail accounts it is clear that using a GMail account for your domain registrations may not be a wise decision. We have seen infectious code on websites designed to either steal cookies or check to see if the visitor also has GMail opened in another window.
A few cases involved visiting a webpage while GMail was opened and the webpage doing a POST to a GMail interface and injecting an email filter into the visitor's GMail settings.
Typically the injection would include filters that would automatically skip the inbox and forward emails from register.com, godaddy.com and dreamhost.com to another GMail email account.
Then with forwarding set and knowledge of the registered email address, the hijacker would have use GoDaddy's website to obtain the customer number, which requires a verification email. Armed with that information, the hijacker would go back to GoDaddy and have an Authorization Code for password reset, sent to the registered email address.
The password would be sent to the email address, which would be forwarded to the hijacker and then they could move the domain to another registrar, change the website and benefit from the traffic to that website.
Or in some of these recent cases, the hijacker asked for $2,000 in order to "give" the domain back.
How did this happen?
Creating a filter in your GMail account sends a request to the GMail server farm. The request is an obfuscated URL with each section identifying the filter, the account, etc.
Many of the parameters passed in the URL can be generated accurately but one parameter needs the cookie from the account holder's computer. They can obtain this quite easily with any general cookie stealing technique (there are many).
What can you do?
For starters, this isn't the first exploit of GMail accounts. I would switch all of my domains to be registered to a different email address.
Secondly, I would pay the extra money to have your domain information listed as Private. This way your contact information will not show up on whois searches. GoDaddy offers Protected Registration if you're already listed with them.
Third, if you do use GMail, check your filters often. And check your deleted items as well. You never know what you might find in there.
Anyone here have any stories to share about domains hijacked?
View 10 Replies
View Related
Aug 12, 2007
I seemed to have acquired a taste for getting volunteered for things here lately and I'm stuck on a firebox x550e firewall,
This application needs to be used to protect 2 servers that are going to be used to server 1 website and hold all of its financial records,
My main problem in the initial configuration of it.
69.65.22.144/28
69.65.22.144 Network IP
69.65.22.145 Gateway
69.65.22.159 Broadcast
Is the /28 Vlan
Picture 1
Picture 2
Picture 3
Picture 4
View 5 Replies
View Related
Dec 26, 2008
what VPS server will I be able to hear music or watch a trailer or youtube?cause my does not have a soundcard on it.
View 14 Replies
View Related
Apr 28, 2009
Im working at time with ffserver ... i test ffmpeg with flash streaming and it works perfectly but i want to do anoter step.
Im trying to do a streaming of a file to watch that movie in Windows Media Player. The problem is that i have a lot of errors of "buffer underflow" when i stream the video.
I Post My Config:
Port 8090
BindAddress 0.0.0.0
MaxClients 1000
MaxBandwidth 10000
NoDaemon
<Feed feed1.ffm>
File /tmp/feed1.ffm
FileMaxSize 5M
</Feed>
<Stream test.flv>
Feed feed1.ffm
Format flv
VideoCodec flv
VideoFrameRate 15
VideoBufferSize 80000
VideoBitRate 200
VideoQMin 1
VideoQMax 5
VideoSize 352x288
PreRoll 10
</Stream>
<Stream test.asf>
Feed feed1.ffm
Format asf
VideoFrameRate 2
VideoSize 848x480
VideoBitRate 256
VideoBufferSize 40
VideoGopSize 30
AudioBitRate 96
StartSendOnKey
</Stream>
As you can see i listen in all the ip source so i can acess to the file but ... dont work ...
Many of messages of the error:
[flv @ 0xb7df29a8]rc buffer underflow
[flv @ 0xb7df29a8]rc buffer underflow
[flv @ 0xb7df29a8]rc buffer underflow
[flv @ 0xb7df29a8]rc buffer underflow
[flv @ 0xb7df29a8]rc buffer underflow
[flv @ 0xb7df29a8]rc buffer underflow
[flv @ 0xb7df29a8]rc buffer underflow
Line that i use:
ffmpeg -i /descargas/anime/Soul_Eater/RnF_Soul_Eater_42.avi http://127.0.0.1:8090/feed1.ffm
....
My OS is debian eth.
View 0 Replies
View Related
