Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Active Attack

Discussion in 'General Discussion' started by ehsan, Jan 27, 2002.

  1. ehsan

    ehsan Well-Known Member

    Joined:
    Dec 11, 2001
    Messages:
    185
    Likes Received:
    0
    Trophy Points:
    316
    every single day i have a long report of active attack to my server.
    like :

    Connect from host: 217.219.3.132/217.219.3.132 to TCP port: 2000
    attackalert: Host: 217.219.3.132 is already blocked. Ignoring
    attackalert: Connect from host: raq569.uk2net.com/213.239.56.150




    what are these ? and where can i found a description for tcp/ip ports like 2000 or 111

    Thank you guys,
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 ehsan, Jan 27, 2002
  2. Juanra

    Juanra Well-Known Member

    Joined:
    Sep 22, 2001
    Messages:
    777
    Likes Received:
    0
    Trophy Points:
    316
    Location:
    Spain
    Maybe you\'ll find this useful:
    http://www.robertgraham.com/pubs/firewall-seen.html

    Says nothing about port 2000 though.

    See http://archives.neohapsis.com/archives/sf/ms/2001-q4/0181.html
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 Juanra, Jan 27, 2002
  3. ehsan

    ehsan Well-Known Member

    Joined:
    Dec 11, 2001
    Messages:
    185
    Likes Received:
    0
    Trophy Points:
    316
    Thank you,
    great links.
    any body else has the same reports?
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 ehsan, Jan 27, 2002
  4. Koi

    Koi Registered

    Joined:
    Jan 27, 2002
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    301
    http://www.snort.org/ports.html
     
    #4 Koi, Jan 27, 2002
  5. hedgehog

    hedgehog Well-Known Member

    Joined:
    Nov 3, 2001
    Messages:
    122
    Likes Received:
    0
    Trophy Points:
    316
    I get them daily, contacted my provider about it wand he said it was nothing about unless you have security holes on your system...
     
    #5 hedgehog, Jan 28, 2002
  6. TRAIN YARD SOFTWARE

    TRAIN YARD SOFTWARE Well-Known Member

    Joined:
    Dec 20, 2001
    Messages:
    224
    Likes Received:
    0
    Trophy Points:
    316
    We get these 1000 page emails also

    We get these 1000 page emails also :

    Feb 19 07:58:01 steam portsentry[2555]: attackalert: Connect from host: 66.28.166.12/66.28.166.12 to TCP port: 111
    Feb 19 07:58:01 steam portsentry[2555]: attackalert: Connect from host: 66.28.166.12/66.28.166.12 to TCP port: 111
    Feb 19 07:58:01 steam portsentry[2555]: attackalert: Host: 66.28.166.12 is already blocked. Ignoring
    Feb 19 07:58:02 steam portsentry[2555]: attackalert: Connect from host: 66.28.166.12/66.28.166.12 to TCP port: 111
    Feb 19 07:58:02 steam portsentry[2555]: attackalert: Host: 66.28.166.12 is already blocked. Ignoring
    Feb 19 07:58:02 steam portsentry[2555]: attackalert: Connect from host: 66.28.166.12/66.28.166.12 to TCP port: 111
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #6 TRAIN YARD SOFTWARE, Feb 20, 2002
  7. TRAIN YARD SOFTWARE

    TRAIN YARD SOFTWARE Well-Known Member

    Joined:
    Dec 20, 2001
    Messages:
    224
    Likes Received:
    0
    Trophy Points:
    316
    also in this email

    also in this email how do we fix this?

    Feb 19 04:03:35 tyshost named[23656]: sysquery: findns error (NXDOMAIN) on NS2.TRAINYARDSOFTWARE.NET?
    Feb 19 04:03:36 tyshost named[23656]: sysquery: findns error (NXDOMAIN) on NS1.TRAINYARDSOFTWARE.NET?
    Feb 19 04:03:36 tyshost named[23656]: sysquery: findns error (NXDOMAIN) on NS2.TRAINYARDSOFTWARE.NET?
    Feb 19 04:03:37 tyshost named[23656]: sysquery: findns error (NXDOMAIN) on NS1.TRAINYARDSOFTWARE.NET?
    Feb 19 04:03:37 tyshost named[23656]: sysquery: findns error (NXDOMAIN) on NS2.TRAINYARDSOFTWARE.NET?
    Feb 19 04:03:38 tyshost named[23656]: sysquery: findns error (NXDOMAIN) on NS1.TRAINYARDSOFTWARE.NET?

    this is huge errors everyday
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #7 TRAIN YARD SOFTWARE, Feb 20, 2002
(You must log in or sign up to post here.)
Loading...
Similar Threads - Active Attack
  1. z3d3m0n

    Interactive pdf forms in email blocked

    z3d3m0n, Jul 3, 2019, in forum: E-mail Discussion
    Replies:
    2
    Views:
    222
    cPanelLauren
    Jul 5, 2019
  2. CashDroid

    Wordpress problem No Index active

    CashDroid, Jun 11, 2019, in forum: General Discussion
    Replies:
    7
    Views:
    1,177
    cPanelLauren
    Jun 17, 2019
  3. Rogerio

    Ask users to check inactive email accounts

    Rogerio, May 23, 2019, in forum: E-mail Discussion
    Replies:
    3
    Views:
    332
    Rogerio
    May 29, 2019
  4. 3awh

    Users can go above their accounts in FTP with cagefs active

    3awh, May 18, 2019, in forum: CloudLinux
    Replies:
    2
    Views:
    283
    cPanelMichael
    May 20, 2019
  5. axelg

    Active and Passive files on web site?

    axelg, Apr 16, 2019, in forum: Workarounds and Optimization
    Replies:
    1
    Views:
    253
    cPanelMichael
    Apr 17, 2019

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice