Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

HELP!!! The hacker trying to hack my server

Discussion in 'General Discussion' started by goodgbb, Sep 4, 2005.

  1. goodgbb

    goodgbb Well-Known Member

    Joined:
    Aug 15, 2005
    Messages:
    75
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Thailand
    He's trying to login to SSH access. He's using random ports from 40xxx to 52xxx and he's using random users. Anyway the server has auto banned his ip address.

    How can I disallow all port and allow a port that I've specify to use SSH access? is it good?
    Do you have some idea recommend to me? please..

    Thank You So... Much!! :)

    -----------------------------------------------------------------------------------
    server sshd[11689]: Failed password for illegal user building
    from xx.xxx.xx.xxx port 40283 ssh2
    server sshd[11933]: Failed password for illegal user michele
    from xx.xxx.xx.xxx port 52178 ssh2
    server sshd[11935]: Failed password for illegal user brittany
    from xx.xxx.xx.xxx port 52041 ssh2
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 goodgbb, Sep 4, 2005
    Last edited: Sep 4, 2005
  2. AndyReed

    AndyReed Well-Known Member
    PartnerNOC

    Joined:
    May 29, 2004
    Messages:
    2,222
    Likes Received:
    4
    Trophy Points:
    193
    Location:
    Minneapolis, MN
    There are many applications to protect your server including APF, BFD, and mod_security. I suggest you search this forum for information on how to secure your server.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  3. goodgbb

    goodgbb Well-Known Member

    Joined:
    Aug 15, 2005
    Messages:
    75
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Thailand
    Thank You Andy Reed.

    I'm already using APF, SIM, BFD. Do you know that how to specify a port for SSH access?

    Thank You for your kindly :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 goodgbb, Sep 4, 2005
    Last edited: Sep 4, 2005
  4. bijo

    bijo Well-Known Member

    Joined:
    Aug 21, 2004
    Messages:
    475
    Likes Received:
    0
    Trophy Points:
    166
    Location:
    India
    Hello,
    Check the file /etc/ssh/sshd_config and change the ssh port to some other value and then restart your ssh service.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. Zaf

    Zaf Well-Known Member

    Joined:
    Aug 22, 2005
    Messages:
    117
    Likes Received:
    0
    Trophy Points:
    166
    If you are asking how to change or specify a port for SSH access other than the default 22, this thread would be helpful http://forums.cpanel.net/showthread.php?t=30159&highlight=ssh
     
  6. Jeffa

    Jeffa Member

    Joined:
    Jun 19, 2005
    Messages:
    8
    Likes Received:
    0
    Trophy Points:
    151
    If it calms you down, I run a basic server and get on average, 350-400 attempts per day of users hacking my system...

    I had to introduce some password rules to make it harder, but I'm yet to have a succesful hacker.. :P

    And no, that's not an invitation!
     
  7. PuReWebDev

    PuReWebDev Well-Known Member

    Joined:
    May 18, 2004
    Messages:
    47
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Orlando, FL.
    SSH Security

    If you work from a static ip address, you might limit the ip address which can connect to ssh to yourself, and your datacenter.

    In addition, if you want some piece of mind, make sure non of your other user have shell access, and you can also change your root password if you feel it may have been compromised.


    Hope this helps.


    Thanks,
    PuReWebDev
     
  8. goodgbb

    goodgbb Well-Known Member

    Joined:
    Aug 15, 2005
    Messages:
    75
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Thailand
    Thank You from my heart~ bijo, Shahzada, Jeffa, PuReWebDev

    I'll try your recommendations. You're all kindly :)
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #8 goodgbb, Sep 5, 2005
    Last edited: Sep 5, 2005
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice