Am I being attacked?

**PitadaVespa** · 06-22-2007 05:36 AM

Or it's my impression?

Please, take a look at my System Messages log.

Thanks,
LP

**PitadaVespa** · 06-22-2007 06:13 AM

I changed SSH port to another, different from 22.

What I didn´t like AT ALL is that one of the attacks was done by serverpronto.com!!!

__

LP

**MindStar** · 06-22-2007 06:20 AM

ServerPronto are a hosting provider, so it's likely that the unwanted attention is coming from one of their client's servers - which has quite possibly been compromised and is being used as platform from which to try to "crack" other servers.

I suggest that you consider installing Chirpy's Firewall package

http://www.configserver.com/cp/csf.html

which will catch repeated login failures to SSH, POP3, FTP, etc and automatically block access from the remote host.

**PitadaVespa** · 06-22-2007 06:39 AM

I guess you're right. Maybe it wasn't serverpronto...

I know Chirpy's Firewall is a good product, but my provider says the server is well protected and I shouldn't install another firewall.

__

LP

**jayh38** · 06-22-2007 06:59 AM

If you are on a managed system, then you should direct your concerns with the administrator. Making changes without their knowledge may cause them problems later.

LinkBack

Thread Tools

Am I being attacked?

Anyone attacked by JaMaYcKa?

Apache is being attacked!

[HELP]Am I being attacked??

Being attacked