Questions tagged [brute-force-attacks]
194 questions
0
votes
1 answer
How to prevent password bruteforce in web application?
I have php web application (nginx+php-fpm). And someone try to bruteforce password. He have a lot of IPs. Also these bruteforce works like DDOS because each time web application starts and try to process request. And fail2ban will ban ip after…
![](../../users/profiles/97928.webp)
Dmitro
- 159
- 1
- 5
- 12
0
votes
1 answer
CSF not adding IPs to deny file as a cron during high loads
I'm running a cron every minute to thwart brute-force attacks.
awk '{print $2}' < ipkill.txt | while read ip; do
#query geographical info IP address
curl -o country.txt ipinfo.io/$ip
#parse the JSON result pull the country
…
![](../../users/profiles/246971.webp)
Horace
- 13
- 5
0
votes
1 answer
Nginx how to use limit_req_zone on auth_basic to protect against brute force attack?
I have an Nginx server that works as an SSL proxy for a service running on a localhost that doesn't support SSL authentication.
I would like to use Nginx's limit_req_zone function to protect the Basic_Auth against brute force attacks. There is a…
![](../../users/profiles/219620.webp)
Joudicek Jouda
- 101
- 2
0
votes
1 answer
Brute force attacks with server's IP
I am running a Debian wheezy server with fail2ban installed, everything works as expected but recently my own server got banned. I added the server's IP in the exception row and it seems to work, but here the question..
Is it possible that someone…
![](../../users/profiles/152770.webp)
spacebiker
- 358
- 4
- 14
0
votes
1 answer
Logging 403 Rewrites for Brute Force Attacks
As explained in Wordpress Codec, I want to prevent brute force attacks for wp-login.php via RewritetRule.
http://codex.wordpress.org/Brute_Force_Attacks#Deny_Access_to_No_Referrer_Requests
Rather than Codex's 301 Status Code, I want to Rewrite as…
![](../../users/profiles/237833.webp)
NecNecco
- 211
- 2
- 8
0
votes
1 answer
Deal with brute force ftp attack
While Checking the /var/log/secure on my centos server have found lot of attempts of failed login by using unknown usernames, from a list of ip from Japan And China
How to hide my server from these smart guys or tools ;-)
Here is the snippet of log…
![](../../users/profiles/234798.webp)
echoashu
- 115
- 1
- 7
0
votes
2 answers
SSH attacks on Freenas
I had my freenas box set up using no-ip to forward ssh requests to my machine so that I could get to it from work, friends house, parents, etc. A couple days ago i noticed a large in crease in attempted logins and figured my box was probably getting…
![](../../users/profiles/233066.webp)
ThrowsException
- 103
- 1
- 4
0
votes
0 answers
Brute force attack on my servers ports burning through bandwidth
Am having some form of brute force attack being done to my server and I have a screenshot of what's happening below. Remote Address 121.14.154.206 is somehow abusing all of my ports and burning through my bandwidth at an incredible rate.
Does anyone…
![](../../users/profiles/191772.webp)
Maruf
- 159
- 9
0
votes
1 answer
Ubuntu 10.04LTS Server under attack, random reboots UNTIL I blocked China
What could have been sent to my server to cause it to reboot?
Details:
I have a for-internal-use LAMP server running Ubuntu 10.04LTS (upgrade is scheduled for that nebulous "when I have time"). It runs several in-house scripts and monitors, and is…
![](../../users/profiles/208983.webp)
Alderin
- 63
- 1
- 1
- 8
0
votes
1 answer
Do cPHulk Brute Force Protection Settings Effect Hosts?
Question:
Do my settings (shown below) prevent visitors from getting to any of the public web sites on my server if their ISP's IP Address has been blocked/black-listed through cPHulk Brute Force Protection?
Background
Lately, there has been a huge…
![](../../users/profiles/27207.webp)
H. Ferrence
- 523
- 3
- 10
- 18
0
votes
0 answers
Fedora Core 9 Being Hacked?
I think I have a system compromise, with sudden perl process starting at the background with the same user as apache (daemon). I found today ZMUIE, which was script to do some sort of bruteforce attack. Anyway this is what I have now (any…
![](../../users/profiles/108649.webp)
DmitrySemenov
- 755
- 2
- 14
- 27
0
votes
1 answer
fail2ban iptable rule wont block
So I set up fail2ban on my Debian 7 server, still I've been getting hit a lot and I dont know why is not blocking properly. The regex works, it recognizes the attempts but it seems the iptables rules it insert wont work, this is how it look iptables…
![](../../users/profiles/85972.webp)
Termiux
- 163
- 1
- 1
- 8
0
votes
1 answer
Brute Force Attacks - What Else Can I Do?
I am running a Windows 2008 Server which is racked in a data center. Over the last week I have noticed a lot of attempts to brute force login to the box via RDP. Here is what I have in place:
Win Firewall - I have a rule to only allow specific IP…
![](../../users/profiles/145607.webp)
Frank G.
- 143
- 8
0
votes
1 answer
Preventing logon type 2 and 3 attacks on VPS
Sorry if this was asked before, but I've looked at other questions and couldn't find a match.
I've been getting a lot of Logon Type 2 and 3 attacks on my Win Server 2008 VPS (from different IPs). I've been wondering what would be the best way to…
![](../../users/profiles/50147.webp)
Igor Brejc
- 103
- 6
0
votes
1 answer
SSHGuard - Configure netfilter/iptables
I have a question about the setting up/modus operandi of SSHGuard.
I would like to block ssh brute force attacks that happens about 3 times every second. I am on an Amazon instance, password login is disabled and ssh only works with public/private…
![](../../users/profiles/161866.webp)
user937284
- 103
- 2