Ddos And How Protect Our Domain From Reverse Spy
how can i protect my users from dns Spy
for example this link show all of users by ip:
[url]
i found that one of attacker.which ddos our users use this method.
he ddos for example domain1.com and after ban his ip. he do it on another user's domain.
View Complete Thread with Replies
Sponsored Links:
Related Forum Messages:
Reverse Proxy - Protect A Web Server
Background (so you know what I am planning) I will be storing personal customer information in mysql, so security is driving all my requirements. I was thinking the architecture will be :-a dedicated web server within a DMZ and placed behind a firewall and border router. a dedicated database server inside the internal network behind another firewall, All running Linux building out and management of the servers to be done by hosting provider or third party Please feel free to comment on this setup. QuestionsIs a reverse proxy a benefit for security. Am I right in saying that a reverse proxy hides the OS and server details from prying eyes and provides another layer of security if a reverse proxy server is a benefit, is it normally the default architecture at most reputable hosts.
View Replies!
View Related
Reverse Domain Name Server (DNS) ARPA For Domain On VPS
I have a vps with dedicated ip's for my domain names. I read that in order for mails coming from my server not be picked up as spam, i need to add reverse ip entries. Now i have already added the glue nameserver records on my godaddy control panel, ns1.mydomain.com -> 10.20.30.40 ns2.mydomain.com -> 10.20.30.41 But do i need to speak to the datacenter to add the reverse dns entries for my domain on their nameservers? What about if i host my nameservers offsite, but then have my webserver/mailserver etc inside the datacenter? Would i need to request the datacenter where the nameservers are hosted to add the reverse ip entries for the domain, and then the request the same from the datacenter for my web/mail servers to add the reverse entries? Is it really required?
View Replies!
View Related
Reverse Domain Name Server (DNS) Problems With My Provider. Why?
Maybe somebody here can shed light on this issue. I have a VPS that is hosted at the Colo4Dallas datacenter. I have purchased a block of 5 IP addresses, and then requested reverse dns zones be added for each IP. The original 2 IP addresses that came with it, adding reverse DNS zones were no problem, it was done within a day. For some reason though, these additional 5 IP addresses they are having a horrible time with getting the zones added. My host that I have the VPS through said they put the ticket in, and Colo4Dallas is saying they may not be able to add the reverse DNS entries for some reason. I could not get any technical detail yet though because they are still working on it. My question to everyone here is.... why? Granted I do not know *THAT* much about the datacenter-side of things, but it would seem to me that an IP is an IP, and if you could add the zones for the original 2 IP addresses, why is it not as easy with an additional 5? I *have* to have reverse dns entries for these IP's for email reasons for my customers that will be on these IP addresses. Can anyone shed some light on what the technical problem could possibly be?
View Replies!
View Related
DDoS The IP Address But Not Domain
I checked on /server-status and it has tons of ClientVHostRequest {serverip } defaultGET / HTTP/1.0 However, the default web page is blank. Now my site has been DDoSed for the last 3 days. Does this mean they are attacking the site from the IP, because I do see many genuine access to the correct Vhost but no body should access the site via the IP. Especially... why is the client, my on server ip that accesses?
View Replies!
View Related
How To Protect Port 80
someone attacking my VPS via port 80, which firewall u advice me to use on windows 2003 WEB edition ? Or anyone have smillar experiance and can tell me what to do? Btw my hosting company is LeaseWeb.
View Replies!
View Related
How Do I Protect My Website
This is probably a pretty complicated answer so please forgive me as I'm a newbie to making my own ecommerce website. What steps are needed to protect/prevent one's site from being hacked? I have domain privacy (on WhoIs) but I feel this isn't enough.
View Replies!
View Related
Way To Protect URLS
Are there any scripts out there that can protect URLs? For an example I am trying to protect a megaupload.com URL with a masking URL and making sure that the masking URL is only access by a referral site. Can this be done?
View Replies!
View Related
How To Protect Website
Last days my site was hacked to the main page has been added the "iframe" tag with path to the virus loading. I don't know how somebody could edit the original page and insert this code to the html body. This time I have updated this page from archive but I would be glad to know how to protect my site in future. Could somebody advice me fast and effective methods?
View Replies!
View Related
How To Protect Cpanel And Whm
what is the best way to protect whm and cpanel from unwanted login? If i change the port they still can sniff, is there away to put another layer to protect it or assigned specific ip to be able to login ? I'm on a dedicate server and only hosting for 1 site so there no customer that i should worry about. can i change /whm and /cpanel to something else just to hide it form novice users.
View Replies!
View Related
How To Pwd Protect Directories Without Cpanel
how to pwd protect directories with when using no control panel, I am planning to change the login details of the protected directories every few days as well as its top secret data, so I would like to know how to protect directories with pwd, I know how to do using control panel such as cPanel r Plesk but I am having no control panel at this interface I intend to share the files under this protected directories only to my team, so plz help me with codes if there are any its cent 0s5, apache handler
View Replies!
View Related
Mod_evasive Doesn't Protect From Apache DOS
We tried to use one software for offline browsing to download our site and test it if it will fail or not. We used 500 threads at once. Program was able to request 56 pages per second. Of course server (site) failed because there were no more available mysql connections. So site went down. Mod_evasive didn't block that. Here is the config: <IfModule mod_evasive20.c> DOSHashTableSize 3097 DOSPageCount 2 DOSSiteCount 80 DOSPageInterval 1 DOSSiteInterval 1 DOSBlockingPeriod 30 DOSLogDir "/var/log/httpd" </IfModule> Here is the copy of text I found on one site about mod_evasive: Mod_evasive does work relatively well for small to medium sized brute force or HTTP level DoS attacks. There is, however, an important limitation that mod_evasive has that you should be aware of. The mod_evasive module is not as good as it could be because it does not use shared memory in Apache to keep information about previous requests persistent. Instead, the information is kept with each child process or thread. Other Apache children that are then spawned know nothing about abuse against one of them. When a child serves the maximum number of requests and dies, the DoS information goes with it. So, what does this mean? This means that if an attacker sends their HTTP DoS requests and they do not use HTTP Keep-Alives, then Apache will spawn a new child process for every request and it will never trigger the mod_evasive thresholds. This is not good… Is there any solution for such type of attack with Keep Alive disabled?
View Replies!
View Related
Web Protect Not Working In Cpanel
I have protected one folder on my domain from Cpanel using function "web protect" also its asking for password but the password is not working. I did checked the .htpasswd file in users home directory and it have the user created for protection.
View Replies!
View Related
How To Protect Access To Whm/cpanel
is there a way to protect whm/cpanel access? At the moment anyone can type domain.com/cpanel or domain.com/whm or server/cpanel or server/whm. I would like to limit access to these pages by adding additional password (like folder password) or restricting IP.
View Replies!
View Related
Protect My Windows Server 2003
I got my game servers hosted on a windows server (with w2k3). I want to know what software u guys advise me to use on it to protect it! Someone told me that keep windows up to date wont get me any problem, but i just dont believe. SO i want oppinion from wht members. And since im here i want to report other thing... For an email service? Windows mail server, or something like exchange mail server?
View Replies!
View Related
Tool To Protect My Web Site, Help Please
I am having a lot of trouble with spammers and hackers. I am currently hosting my site on a windows server. [FONT='Calibri','sans-serif']What is the best tool that I can use to protect my web-site? The tool should be easy to use and require no JAVA or Pearl and other programming languages as I am not familiar with them.
View Replies!
View Related
Reverse Proxy
if my main site hosted in usa and reverse proxy server located in UK or Canada. will my site load still quickly or be slow dramtically? both use linux and apache. or canada user will quickly load my site or still slow? how about usa customers?
View Replies!
View Related
DNS Reverse
i had some problem with my smtp server because of my PTR record i create a new reverse zone and add a ptr record point to my mail.domain.com from my ip(38.100.214.200) but when i check it from online tools, all of them except zoneedit.com say me that my server has no ptr record.
View Replies!
View Related
Reverse DNS
I'm with a German (dedicated server) Provider and have the ability to personalize the Reverse DNS settings through their CP. No US provider had allowed me this setting before, so I'm clueless about it. Whats Reverse DNS, what if I change the current setting to like - rdns.mydomain.com? Whats the use?
View Replies!
View Related
Reverse Proxy To What
I researched a few options and have come to this conclusion use Ultramonkey (LVS + HA Proxy) -> apache2 mod_php/ mod_python (serve php / python) -> lighttpd (serve static files) -> mongrel (ruby server)
View Replies!
View Related
SSL Certificate To Protect User Data
I recently bought an SSL certificate to protect user data. I installed the cert in WHM. But when I go to my website in https://, my browser says (Safari can’t open the page [url] because Safari can’t establish a secure connection to the server “*domain name*”.) Do you know what's happening and how to fix it? I've never dealt with SSL before, so this is very frustrating.
View Replies!
View Related
How Does Reverse DNS Work
some clarification with regards to Reverse DNS. An example ip: xx.xxx.xxx.xx is owned by A Company via a DC. The they have their name allocated to the netname and description when i look up their ip address. I have my ip xx.xxx.xxx.xx this is me and it currently contains my DC's name throughout when i look it up as the description and netname... Both are from the same DC however the other company has their name allocated to the ip address and i would like to do the same. Does this require Reverse DNS? It dosent involve domains surely does it?
View Replies!
View Related
Reverse DN For DNS Server IP
I was issued two IPs for my DNS server.My DNS server is up but when a domain is using the new dns server.I did a dns check and was told there is no reverse dns.Can I do it myself by setting on the DNS server or I need to get my ISP who provide me the IP to do it set the reverse dns?
View Replies!
View Related
Apache2 Reverse Proxy
I have a mobile email application (for Zimbra) that is not compatible with HTTPS, only with HTTP. Is it possible to configure a Reverse Proxy so I can bypass the SSL? Something like this: [url]<-> REVERSE PROXY <-> [url] I was able to configure a Reverse Proxy but when it comes to https, something does wrong! here is my vhost config: Quote: NameVirtualHost mail.domain.com:* <VirtualHost *> ServerName mail ServerAlias mail.domain.com ProxyPreserveHost On ProxyVia full SSLProxyEngine On ProxyRequests On <proxy *> Order deny,allow Allow from all </proxy> ProxyPass / https://mail.domain.com/ ProxyPassReverse / https://mail.domain.com/ </VirtualHost> I have all mod_proxy modules (and its sub-mods) load. If this is possible to achieve, I think it's only a manner of configuration lamess. Have someone configured anything like this before?
View Replies!
View Related
How To Set Up Reverse DNS?
i have a dedicated server with 2 ips and i am planning to run a nameserver, mailserver and webserver on the same server. i heard that reverse dns is important. how do i do that? My questions are... 1. will it work if i setup the reverse zone in my server? or should i ask my host to setup reverse ip for me? 2. Do i have to setup reverse entry to mailserver or domain or nameserver? which is important to have reverse ip.
View Replies!
View Related
Reverse DNS Lookup ...
if I do a reverse lookup on my server's IP it returns a host assigned by the data center. So is this something I should even be managing too or is that always left up to the DC? I run my own DNS for the forward lookup zones. Also just a technical question, when you do a reverse lookup, how does it know where to look to get the host? I'm not sure I fully understand how these work.
View Replies!
View Related
Reverse DNS - Which Hostname
I have a VPS with the hostname myhost.domain.com, with four IP addresses, one of which is assigned to a shared hosting account (using WHM/cPanel) at sub.domain.com. For email delivery purposes (I'm sending e-commerce receipts (that MUST be delivered) from PHP apps running on sub.domain.com), do I need to set up reverse DNS entries that say their IP addresses belong to myhost.domain.com, or to sub.domain.com?
View Replies!
View Related
Protect Your Password In A Cyber Cafe And On Public Computers
Sometime you must have gone to a cyber cafe or used public computers to access the internet or mail. Public computers are most prone to password hacking. Anyone can simply install a keylogger software to hack your password. Keylogging is one of the most insidious threats to a users personal information. Passwords,credit card numbers,etc. It is very easy for the keylogger to harvest passwords. Each and every keystroke (whatever you type on the keyboard) gets recorded in the keylogger software and the person installing it can easily view what you have typed in. For example,if you go to hotmail.com and check your mails. Say your ID is aaabbbccc@hotmail.com and password is snoopy2,the keylogger software records your usename and password in its log file as www.hotmail.comaaabbbccc@hotmail.comsnoopy2 Risky isnt it? Theres a solution to this problem and you can easily fool the software!! The keylogger software sees and records everything,but it doesnt understand what it sees,it does not know what to do with keys that are typed anywhere other than the password or user name fields. So between successive keys of the password if you enter random keys,the keylogger software wont ever come to know where you typed in what.. In the process of recording the keys,the string that the keylogger receives will contain the password,but embedded in so much random junk that discovering it is infeasible. So... 1. Go to hotmail.com or yahoo.com or any other site where you need to insert a password or PIN. 2. Type in your user ID. 3. Type in the first characterof the password. 4. Click on the address bar in the browser,type in some random charachters. 5. Again go to password field and type in the second character of the password and probably third too. 6. Again go to the address bar and type in a few more random characters. 7. Back to the password field and the next characters of the password. Keep on repeating the process till you type in the full password in the password field. Instead of the password snoopy2,the keylogger now gets: www.hotmail.comspqmlainsdgsosdgfsodgfdpuouuyhdg2 Heres a total of 26 random characters have been inserted among the 7 characters of the actual password! No doubt it takes a little bit of more time than the usual process,but you are safe and secure that way!
View Replies!
View Related
|
TRACKER
