The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HELP!!! The hacker trying to hack my server

Discussion in 'General Discussion' started by goodgbb, Sep 4, 2005.

  1. goodgbb

    goodgbb Well-Known Member

    Joined:
    Aug 15, 2005
    Messages:
    75
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Thailand
    He's trying to login to SSH access. He's using random ports from 40xxx to 52xxx and he's using random users. Anyway the server has auto banned his ip address.

    How can I disallow all port and allow a port that I've specify to use SSH access? is it good?
    Do you have some idea recommend to me? please..

    Thank You So... Much!! :)

    -----------------------------------------------------------------------------------
    server sshd[11689]: Failed password for illegal user building
    from xx.xxx.xx.xxx port 40283 ssh2
    server sshd[11933]: Failed password for illegal user michele
    from xx.xxx.xx.xxx port 52178 ssh2
    server sshd[11935]: Failed password for illegal user brittany
    from xx.xxx.xx.xxx port 52041 ssh2
     
    #1 goodgbb, Sep 4, 2005
    Last edited: Sep 4, 2005
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    3
    Trophy Points:
    38
    Location:
    Minneapolis, MN
    There are many applications to protect your server including APF, BFD, and mod_security. I suggest you search this forum for information on how to secure your server.
     
  3. goodgbb

    goodgbb Well-Known Member

    Joined:
    Aug 15, 2005
    Messages:
    75
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Thailand
    Thank You Andy Reed.

    I'm already using APF, SIM, BFD. Do you know that how to specify a port for SSH access?

    Thank You for your kindly :)
     
    #3 goodgbb, Sep 4, 2005
    Last edited: Sep 4, 2005
  4. bijo

    bijo Well-Known Member

    Joined:
    Aug 21, 2004
    Messages:
    475
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    India
    Hello,
    Check the file /etc/ssh/sshd_config and change the ssh port to some other value and then restart your ssh service.
     
  5. Zaf

    Zaf Well-Known Member

    Joined:
    Aug 22, 2005
    Messages:
    119
    Likes Received:
    0
    Trophy Points:
    16
    If you are asking how to change or specify a port for SSH access other than the default 22, this thread would be helpful http://forums.cpanel.net/showthread.php?t=30159&highlight=ssh
     
  6. Jeffa

    Jeffa Member

    Joined:
    Jun 19, 2005
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    1
    If it calms you down, I run a basic server and get on average, 350-400 attempts per day of users hacking my system...

    I had to introduce some password rules to make it harder, but I'm yet to have a succesful hacker.. :P

    And no, that's not an invitation!
     
  7. PuReWebDev

    PuReWebDev Well-Known Member

    Joined:
    May 18, 2004
    Messages:
    47
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Orlando, FL.
    SSH Security

    If you work from a static ip address, you might limit the ip address which can connect to ssh to yourself, and your datacenter.

    In addition, if you want some piece of mind, make sure non of your other user have shell access, and you can also change your root password if you feel it may have been compromised.


    Hope this helps.


    Thanks,
    PuReWebDev
     
  8. goodgbb

    goodgbb Well-Known Member

    Joined:
    Aug 15, 2005
    Messages:
    75
    Likes Received:
    0
    Trophy Points:
    6
    Location:
    Thailand
    Thank You from my heart~ bijo, Shahzada, Jeffa, PuReWebDev

    I'll try your recommendations. You're all kindly :)
     
    #8 goodgbb, Sep 5, 2005
    Last edited: Sep 5, 2005
Loading...

Share This Page