Community Forums
Connect with us on LinkedIn
BFD brute force detection problem
  
+ Reply to Thread
Results 1 to 3 of 3
  1. 09-04-2004 07:40 AM #1
    Kasper.S
    Kasper.S is offline
    Member
    Join Date
    Feb 2004
    Location
    Finland
    Posts
    14
    Send a message via ICQ to Kasper.S

    Default BFD brute force detection problem

    Hello,

    I installed bfd and it was working ok but now (i think it was after cpanel update) i got emails below, There is 127.0.0.1 in /usr/local/bfd/ignore.hosts. Seems that 127.0.0.1 is remote connection. What to do?

    ---------------------------------------------------------------------------------------------------
    The remote system 127.0.0.1 was found to have exceeded acceptable login failures on shaman.domain.com. As such the attacking host has been banned from further accessing this system; for the integrity of your host you should investigate this event as soon as possible.

    The following are event logs for exceeded login failures from 127.0.0.1 (all time stamps are GMT +0200):
    ----
    - Executed actions:
    127.0.0.1 was found inside a defined exclude file, or host has already been banned.

    - Log events from /var/log/messages:

    ----

    - Thank you;
    root@domain.com
    -------------------------------------------------------------------------------------------------

    - Regards, Kasper.S
    Reply With Quote Reply With Quote
  2. 09-04-2004 08:13 AM #2
    chirpy
    chirpy is offline
    Super Moderator This forum account has been confirmed by cPanel staff to represent a vendor. chirpy's Avatar
    Join Date
    Jun 2002
    Location
    Go on, have a guess
    Posts
    13,495

    Default

    Have you changed the file /usr/local/bfd/ignore.hosts which should contain 127.0.0.1?
    Jonathan Michaelson

    Need your cPanel servers secured and tuned?
    cPanel Server Configuration, Security, Recovery and Antivirus/AntiSpam Services
    Developers of the most effective (and free) Firewall & Security Solution for cPanel Servers - csf
    http://www.configserver.com
    Reply With Quote Reply With Quote
  3. 09-04-2004 09:36 AM #3
    Kasper.S
    Kasper.S is offline
    Member
    Join Date
    Feb 2004
    Location
    Finland
    Posts
    14
    Send a message via ICQ to Kasper.S

    Default

    haven't changed it but it is there
    Reply With Quote Reply With Quote
«   HUGE Load, Runaway server, what is happening! | apf firewall/antidos upcp problem »     
Similar Threads & Tags
Similar threads

  1. brute force detection
    By ploppy in forum cPanel and WHM Discussions
    Replies: 2
    Last Post: 02-19-2008, 05:56 AM
  2. Brute force detection (bfd) issues.
    By HH-Steven in forum cPanel Developers
    Replies: 2
    Last Post: 04-06-2007, 07:09 AM
  3. Using dinamic IP with Brute Force Detection (BFD)
    By isputra in forum cPanel and WHM Discussions
    Replies: 2
    Last Post: 09-18-2004, 09:46 PM
  4. BFD - Brute Force Detection
    By icanectc in forum cPanel and WHM Discussions
    Replies: 0
    Last Post: 08-16-2004, 09:46 AM
Linkedin       Facebook       Twitter       RSS       Flickr       YouTube