The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

where do lookup brute force attacks?

Discussion in 'Security' started by webstuff, Nov 12, 2011.

  1. webstuff

    webstuff Well-Known Member

    Joined:
    Jul 19, 2011
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    where do lookup brute force attacks?
     
  2. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    Do you mean how to detect them? You'd want to use netstat to check for connections something like the following for port 80 traffic:

    Code:
    netstat -plan|grep :80|awk {'print $5'}|cut -d: -f 1|sort|uniq -c|sort -n
    If you want a product that will detect a DDoS, you can either try to configure CSF with LFD for brute force protection (and it does have a log), or you can use something like ddos-deflate:

    (D)DoS Deflate - deflate.medialayer.com

    Also, there's an Apache module that can help with connection limiting called mod_qos that's part of EasyApache now. Here are details on mod_qos:

    mod_qos
     
  3. webstuff

    webstuff Well-Known Member

    Joined:
    Jul 19, 2011
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    ok i was in root in cpanel.. and i typed in csf to the list thing and it doesnt seem to show up.. where would i go to get into it? or would i have to install? and if i have to install where would I go to do that? thanks
     
  4. cPanelTristan

    cPanelTristan Quality Assurance Analyst
    Staff Member

    Joined:
    Oct 2, 2010
    Messages:
    7,623
    Likes Received:
    21
    Trophy Points:
    38
    Location:
    somewhere over the rainbow
    cPanel Access Level:
    Root Administrator
    CSF with LFD is at the following location:

    ConfigServer Security & Firewall

    The steps to install on a cPanel machine are these:

    Code:
    wget http://configserver.com/free/csf.tgz
    tar -xzf csf.tgz 
    cd csf
    ./install.cpanel.sh
    After that, log into WHM and at the bottom in Plugins area you will see ConfigServer Security&Firewall. You can start the firewall there. Ensure to take it out of testing mode after you've gotten it setup as you prefer, which is done in WHM > Plugins > ConfigServer Security&Firewall > Firewall configuration area. In that section, you'll see the following:

    Code:
    Testing = 1
    Change the 1 to a 0 once you've determined you have the right ports enabled (since you used the cPanel installation script, it should have the common cPanel ports opened). Then click the "Change" button at the bottom and restart the firewall or start it.

    If you have questions after this on anything for CSF and LFD, please ensure to post them on their forum:

    CSF Forum
     
  5. webstuff

    webstuff Well-Known Member

    Joined:
    Jul 19, 2011
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    hello,

    on xzf csf.tgz i get bash - command not found
     
  6. k-planethost

    k-planethost Well-Known Member

    Joined:
    Sep 22, 2009
    Messages:
    199
    Likes Received:
    4
    Trophy Points:
    18
    Location:
    Athens Greece
    #6 k-planethost, Nov 17, 2011
    Last edited by a moderator: Jun 17, 2014
  7. webstuff

    webstuff Well-Known Member

    Joined:
    Jul 19, 2011
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    how do I check to make sure there ok?
     
  8. storminternet

    storminternet Well-Known Member

    Joined:
    Nov 2, 2011
    Messages:
    462
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
  9. webstuff

    webstuff Well-Known Member

    Joined:
    Jul 19, 2011
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6

    hey i didnt get the bash command this time.. i didn't change anything eles.. Thanks

    I think I forgot the .tar
     
  10. webstuff

    webstuff Well-Known Member

    Joined:
    Jul 19, 2011
    Messages:
    62
    Likes Received:
    0
    Trophy Points:
    6
    Beautiful.. thanks for the help everyone!! I love it!!
     
  11. storminternet

    storminternet Well-Known Member

    Joined:
    Nov 2, 2011
    Messages:
    462
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    That's great :)
     
Loading...

Share This Page