The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

attack alert

Discussion in 'General Discussion' started by bluejeans, Apr 4, 2006.

  1. bluejeans

    bluejeans Member

    Joined:
    Nov 16, 2005
    Messages:
    9
    Likes Received:
    0
    Trophy Points:
    1
    hi

    i need some help regarding following msgs its coming in my root email recently since last month iam afraid something strange is going to be happen plz see if anyone can suggest.
    thanks in advance.

    --------------------- PortSentry Begin ------------------------


    **Unmached entries**
    3 Time(s): attackalert: Connect from host: 104.Red-83-35-166.dynamicIP.rima-tde.net/83.35.166.104 to TCP port: 1

    ---------------------- PortSentry End -------------------------
     
  2. madaboutlinux

    madaboutlinux Well-Known Member

    Joined:
    Jan 24, 2005
    Messages:
    1,052
    Likes Received:
    2
    Trophy Points:
    38
    Location:
    Earth
    The message suggest that someone is trying to connect to your server from the given IP. You can block such IP using iptables rules or install BFD and APF firewall. Configure BFD as per your requirement and it will block IPs using APF.

    Also I suggest you to block root login on your server from sshd_config, create a wheel user and then su to root as this will increase your server security.

    Also refer :- http://linux.sys-con.com/read/32843.htm?
     
    #2 madaboutlinux, Apr 4, 2006
    Last edited: Apr 4, 2006
Loading...

Share This Page