0

I'm kind of confused right now recently my friend who also take care of the server got an email from the DirectAdmin say that we got Brute-Attack with one of the IP from Italy, but I didn't get a chance to look at the scree.

Our Virtualbox run on Xserver and everytime now when my server down is because it crashes, so I wonder if that because our server got Brute-Attack?

My friend told me that it might be from one of hater from other website who is trying to get our website down.

How can I check the log or to prevent from this to keep happening?

We are running CentOS 5

Thanks

Ali
  • 300
  • 1
  • 4
  • 12
  • 1
    possible duplicate of [My server's been hacked EMERGENCY](http://serverfault.com/questions/218005/my-servers-been-hacked-emergency) – MDMarra Apr 19 '12 at 14:20
  • [Administration panels are off topic](http://serverfault.com/help/on-topic). [Even the presence of an administration panel on a system,](http://meta.serverfault.com/q/6538/118258) because they [take over the systems in strange and non-standard ways, making it difficult or even impossible for actual system administrators to manage the servers normally](http://meta.serverfault.com/a/3924/118258), and tend to indicate low-quality questions from *users* with insufficient knowledge for this site. – HopelessN00b Apr 09 '15 at 01:47

1 Answers1

1

Depends on what you mean when you're talking about your brute force attack.

If you are talking about your web server getting brute forced (someone is guessing passwords in a methodical manner) you just check your web server's logs. You don't say what you're running but it should have logs of page accesses. See what IP is constantly hitting the same login page. It's probably under /var/log/ somewhere.

If you really mean you're being denial of serviced, check your logs again, or check your router/firewall logs. When you find the constant stream of IP's, block it at the ingress point on your firewall.

If it's saturating your bandwidth, contact your upstream provider and have that IP blocked farther up the connection, and relieve the stress on your connection.

Gather some statistics programs for analyzing your web server logs and see what they reveal in your traffic patterns.

Bart Silverstrim
  • 31,092
  • 9
  • 65
  • 87