The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Security Feature - Modification

Discussion in 'Security' started by Razor Head, Sep 24, 2011.

  1. Razor Head

    Razor Head Registered

    Joined:
    Sep 21, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    We just switched from Plesk to cPanel (love it).

    Almost at once, we noticed that cPanel emails out intrusion alerts. I would guess that most on this forum have seen them. What we get is an IP address for someone who has attempted to log in 5 times. This is a great, great feature, especially for old timers like me who have been fighting spammers and hackers since the early days of Usent.

    As a person who owned a small to medium sized ISP back before the phone companies killed independents, I know about how an ISP, even the abuse departments of a phone company, might view complaints. I would love to be able to take a log from cPanel and go complain. I am good at it having been an inside guy for years.

    Here is what I would like to know:

    1. Log attempts at xx:xx:xx time GMT (or whatever time zone) for the five attempts before cPanel shut them down.
    2. User name used for each attempt.
    3. Password used for each attempt.
    4. IP address.

    This would give me ammunition AND it would give me something to sink my teeth into. The user name and password could tell me things - and that would vary by the actual names used and password; example, a dictionary attempt.

    It would also be useful, but might be a stretch for cPanel to do, is to know how many other IP addresses tried the same user name and possibly the passwords. That might give me a lead on computers that were under control of some script kiddie or real hacker. There is a possibility that cPanel might just want to create a database where they stuff all login attempts and let us sort them out :eek:)

    That would work. I was told by one of the guys at cPanel to post this to see what you folks thoughts.

    Comments?

    Larry aka Razar Head
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,476
    Likes Received:
    202
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
  3. Razor Head

    Razor Head Registered

    Joined:
    Sep 21, 2011
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    cPanel Access Level:
    Root Administrator
    Thank you, thank you.

    I was looking for a simple AP and the one you directed me to isn't simple, but someone obviously sat down and thought of everything anyone would ever want in a security Script - near as I can tell. After scanning the features, I think we could use more than just what I was asking for, which appears to be available within the script.

    If I had been more alert, I could have found it with a scan of the forums. :(

    Unless it's a bad idea, when we get it running I'll share a couple of examples of what we do with it as we interface with ISP security groups. Don't know why we didn't discover cPanel before now. It is well worth the money and this donation ware script makes it worth even more - so we will if we use it.

    Again, thank you.

    Larry aka Razor Head

    larry.on.ma at gmail.com
     
  4. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,476
    Likes Received:
    202
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    In some ways its actually quite simple to use. Just need to spend some time reading thu things to get familiar with it.

    I've moved your thread out of the Feature Requests forum.
     
Loading...

Share This Page