Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Other Forums > Smalltalk

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 31st May 2008, 23:04
tomde tomde is offline
Junior Member
 
Join Date: Apr 2007
Posts: 12
Thanks: 2
Thanked 1 Time in 1 Post
Default Server attacks, where they originate from?

I just a little curious if I'm the only one here, but I feel like i'm not. My web server for me and my friends seems to get tons of port scans and login attacks from china. I literally mean that about 70% of my attacks are from there. They particularly try to brute force my ssh server. Every now and they my router drops a smurf attacks and DoS attacks. I find it extremely annoying. I see there IPs all over the place in my authorization log.
I mean they have never gotten in or done anything successful but I find it really disheartening that they are try to hack me. This is they only thing about administrating my stuff that I don't like, but also find it to be a little bit fun . I'm glad that they can't get in though, lol.
Now my other question is when do these attacks be come a cybercrime? Right now in my book i find it to be harassment, even from the US quote on quote hackers. So when can I draw the line? Is there a site to report server harassment? I know of cybercrime.gov, but I never had the balls to actually report them. But has anyone here ever done so?
Besides iptables block what else can be done. Oh I also installed fail2ban, however for some strange reason it is not working, so will have to fix it. Right now I'm switching to a ispconfig server woot!!

Also to all remember to not use sudo and make sure that remote root logins are disabled!!
You would not believe how many login attempts I have for the root account, lol
Reply With Quote
Sponsored Links
  #2  
Old 1st June 2008, 00:27
daveb daveb is offline
Senior Member
 
Join Date: Dec 2006
Location: St Louis Mo
Posts: 272
Thanks: 43
Thanked 41 Times in 37 Posts
Default

Yes I dont think you are the only one. China machines always trying to take a peek in my servers also.
Reply With Quote
  #3  
Old 1st June 2008, 12:32
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,747 Times in 2,578 Posts
Default

If fail2ban is not working for you, you can use Denyhosts or Blockhosts instead.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
  #4  
Old 4th June 2008, 00:39
HostV HostV is offline
Junior Member
 
Join Date: Jun 2008
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
Default

Recently revision3 (digg) also got attacked due to DDOS

http://www.downloadsquad.com/2008/05...mediadefender/

Very interesting story
__________________
HostV - VPS Hosting - http://www.hostv.com
Reply With Quote
  #5  
Old 12th August 2008, 11:22
MrStinky MrStinky is offline
Junior Member
 
Join Date: Oct 2007
Posts: 3
Thanks: 0
Thanked 0 Times in 0 Posts
 
Default

i changed my port number to some high number i also had the same annoying buggers trying to get in. Now its nice and calm.
Reply With Quote
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Site very slow after server migraion dimitar General 2 22nd February 2008 13:23
Terrible server speeds gAnDo HOWTO-Related Questions 3 14th February 2008 19:31
Problem with keeping Apache alive bobeq Server Operation 3 29th November 2007 17:11
Rejecting outbound mail tristanlee85 General 11 20th May 2007 18:04
Webmail Relay Error palkat General 17 23rd April 2006 19:12


All times are GMT +2. The time now is 16:35.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.