Questions tagged [brute-force-attacks]
194 questions
0
votes
1 answer
How to prevent password bruteforce in web application?
I have php web application (nginx+php-fpm). And someone try to bruteforce password. He have a lot of IPs. Also these bruteforce works like DDOS because each time web application starts and try to process request. And fail2ban will ban ip after…
Dmitro
- 159
- 1
- 5
- 12
0
votes
1 answer
CSF not adding IPs to deny file as a cron during high loads
I'm running a cron every minute to thwart brute-force attacks.
awk '{print $2}' < ipkill.txt | while read ip; do
#query geographical info IP address
curl -o country.txt ipinfo.io/$ip
#parse the JSON result pull the country
…
Horace
- 13
- 5
0
votes
1 answer
Nginx how to use limit_req_zone on auth_basic to protect against brute force attack?
I have an Nginx server that works as an SSL proxy for a service running on a localhost that doesn't support SSL authentication.
I would like to use Nginx's limit_req_zone function to protect the Basic_Auth against brute force attacks. There is a…
Joudicek Jouda
- 101
- 2
0
votes
1 answer
Brute force attacks with server's IP
I am running a Debian wheezy server with fail2ban installed, everything works as expected but recently my own server got banned. I added the server's IP in the exception row and it seems to work, but here the question..
Is it possible that someone…
spacebiker
- 358
- 4
- 14
0
votes
1 answer
Logging 403 Rewrites for Brute Force Attacks
As explained in Wordpress Codec, I want to prevent brute force attacks for wp-login.php via RewritetRule.
http://codex.wordpress.org/Brute_Force_Attacks#Deny_Access_to_No_Referrer_Requests
Rather than Codex's 301 Status Code, I want to Rewrite as…
NecNecco
- 211
- 2
- 8
0
votes
1 answer
Deal with brute force ftp attack
While Checking the /var/log/secure on my centos server have found lot of attempts of failed login by using unknown usernames, from a list of ip from Japan And China
How to hide my server from these smart guys or tools ;-)
Here is the snippet of log…
echoashu
- 115
- 1
- 7
0
votes
2 answers
SSH attacks on Freenas
I had my freenas box set up using no-ip to forward ssh requests to my machine so that I could get to it from work, friends house, parents, etc. A couple days ago i noticed a large in crease in attempted logins and figured my box was probably getting…
ThrowsException
- 103
- 1
- 4
0
votes
0 answers
Brute force attack on my servers ports burning through bandwidth
Am having some form of brute force attack being done to my server and I have a screenshot of what's happening below. Remote Address 121.14.154.206 is somehow abusing all of my ports and burning through my bandwidth at an incredible rate.
Does anyone…
Maruf
- 159
- 9
0
votes
1 answer
Ubuntu 10.04LTS Server under attack, random reboots UNTIL I blocked China
What could have been sent to my server to cause it to reboot?
Details:
I have a for-internal-use LAMP server running Ubuntu 10.04LTS (upgrade is scheduled for that nebulous "when I have time"). It runs several in-house scripts and monitors, and is…
Alderin
- 63
- 1
- 1
- 8
0
votes
1 answer
Do cPHulk Brute Force Protection Settings Effect Hosts?
Question:
Do my settings (shown below) prevent visitors from getting to any of the public web sites on my server if their ISP's IP Address has been blocked/black-listed through cPHulk Brute Force Protection?
Background
Lately, there has been a huge…
H. Ferrence
- 523
- 3
- 10
- 18
0
votes
0 answers
Fedora Core 9 Being Hacked?
I think I have a system compromise, with sudden perl process starting at the background with the same user as apache (daemon). I found today ZMUIE, which was script to do some sort of bruteforce attack. Anyway this is what I have now (any…
DmitrySemenov
- 755
- 2
- 14
- 27
0
votes
1 answer
fail2ban iptable rule wont block
So I set up fail2ban on my Debian 7 server, still I've been getting hit a lot and I dont know why is not blocking properly. The regex works, it recognizes the attempts but it seems the iptables rules it insert wont work, this is how it look iptables…
Termiux
- 163
- 1
- 1
- 8
0
votes
1 answer
Brute Force Attacks - What Else Can I Do?
I am running a Windows 2008 Server which is racked in a data center. Over the last week I have noticed a lot of attempts to brute force login to the box via RDP. Here is what I have in place:
Win Firewall - I have a rule to only allow specific IP…
Frank G.
- 143
- 8
0
votes
1 answer
Preventing logon type 2 and 3 attacks on VPS
Sorry if this was asked before, but I've looked at other questions and couldn't find a match.
I've been getting a lot of Logon Type 2 and 3 attacks on my Win Server 2008 VPS (from different IPs). I've been wondering what would be the best way to…
Igor Brejc
- 103
- 6
0
votes
1 answer
SSHGuard - Configure netfilter/iptables
I have a question about the setting up/modus operandi of SSHGuard.
I would like to block ssh brute force attacks that happens about 3 times every second. I am on an Amazon instance, password login is disabled and ssh only works with public/private…
user937284
- 103
- 2