My server was under dictionary attack - how to make it safer?

Similar Messages

• Hi blog server is under DDoS attack.

  Hi blog server is under DDoS attack. It is nginx with fastcgi with wordpress. Any idea how to tune nginx to reduce damage?

  James Spong wrote:
  make sure that all users have strong passwords with a combination of caps,
  lowercase number and letters. This is especially important for 'core' addresses, such as root, admin, > info etc
  Wait a minute. You should *never* allow remote (external) login for root. If you really must then
  setup dsa ssh keys and disallow access via password & disable use of PAM in /etc/sshd_config
  and limit root access to local IPs (ie: IP ranges owned by your ISP for example).
  Same is true for admin.
  _Do NOT send or receive email as root !!!_
  As for properly securing ssh, better to login as a non-admin account and then su to your admin account.
  Don't use "admin" for your admin account-name.
  And yes of course use strong passwords, but you want to get away from allowing ssh access via password anyway.
  It's not as perfect as I'd like (couldn't edit it after the fact), but see my post about securing ssh
  http://discussions.apple.com/thread.jspa?messageID=7082312&#7082312

• I cant find sharing folder under Internet & Wireless,How to make it appear(?)

  I cant find sharing folder under Internet & Wireless,How to make it appear(?)

  Does it still exist here?
  /System/Library/PreferencePanes/SharingPref.prefPane
  You can copy & paste this in Finder > Go > Go To Folder... (Command+Shift+G)

• How to make a safe copy of all mails or to export these?

  Hello, I'n newbie on Mac OS X. I've been wondering how to make a safe copy of all mails in my inbox or to export all of them, like on Outlook with the function "Export". I don't find such function under MAIL. Can you please help me? Thanks
  Best regards.

  Hi
  Welcome to Mac Computing.
  The folder holding your e-mail plus mailboxes etc. is located (via the Finder) in your User Account>Library>Mail folder. You can copy this folder to external media, such as another hard drive, or CD/DVD.
  If you want to save specific e-mails, follow these directions from Mail's Help section (Help Menu):
  Exporting email messages:
  You can save one or more messages as a separate file to archive messages or to import the contents into another application. You can open the saved message in TextEdit.
  Open the message you want to export.
  Choose File > Save As, and enter a name for the file.
  Choose a location for the file from the Where pop-up menu.
  Choose a format from the pop-up menu.
  If you choose Rich Text Format, the text formatting of the message will be visible.
  If you choose Plain Text, the colors, fonts, and other formatting will be lost.
  If you choose Raw Message Source, the full delivery headers will be visible. If the message has attachments, you'll only see the encoded version of the attached files.
  A Good way to familiarize yourself with OS X is to pick up a copy of Scott Kelby's book OS X Tiger: Killer Tips.
  Post back

• FTP dictionary attack - how to prevent ?

  I'm already searched the board but haven't found a solution for our problem:
  During the last weeks the server was being hit by attacks looking like a dictionary attack. Someone tries to log in by ftp thousands of times. This made the server to reboot and finally destroying its mail database, which I rebuilt.
  My biggest problem however is how to prevent this in the future ? Unfortunately the server is used by a nonprofit organization, so we can't spend thousands for intrusion prevention firewall hardware.
  But isn't there a way to configure something like "Each IP is allowed to try logging in via ftp only X number of times per hour" for the ftp service ? I think this would help us.
  I already set to close connections after one wrong password try using Server Admin. By default it was set to "3". But guess that this doesn't really help.
  Any idea would be appreciated.

  No, the people here are used to access the server by ftp and I can't do much. Unfortunately.
  There are alternatives that are (usually) easier to use than ftp. (In my experience, most end-users aren't running a shell-level ftp command, they're running some sort of a front-end or GUI-based ftp client. Finder, perhaps. Which means most don't know they're even running ftp, in any real sense.)
  Also aren't most CMS more vulnerable to DoS attacks and intrusion attempts ? It's complex software with lots of security holes.
  Valid concerns, certainly.
  You do realize that ftp transmits the username and password credentials in cleartext, right?
  Anybody that peeves somebody else sufficiently can end up getting hit with a DoS or (worse) a DDoS or a dictionary attack. Sometimes, you don't even need to peeve somebody. I've dealt with a case of a user launching a DoS to get a tactical advantage over another user in an online game, too.
  Yes, CMS installations can be vulnerable; pick wisely, and stay current. An administrator need do the same thing with a CMS as with most anything else web-facing; evaluate security carefully, track updates and security notices and generally keep a lid on the riff-raff.
  But if you have a situation where you can use, for instance, certificate-based access, you can block most of the trouble and you can block typical open access.
  I find http://www.aczoom.com/cms/blockhosts being an interesting thing. However it's from 2005 - is it still actual or outdated ?
  I tend to either run fairly locked down with the web server and fairly defensive around, or (where applicable) use mod_security, or both.
  And a typical recommendation is to use an out-board firewall, and to house your address-based defenses and blacklists out there. Having users "loose" on the firewall (and I include myself in that) means that a mistake or a configuration change on the server can potentially open up an exposure. I much prefer to have the extra step of connecting to the firewall.
  A VPN server can also be housed out on a firewall (or host-based, if you're so inclined), which can allow you to run ftp and other protocols more securely.
  I do block some IP subnets. But the attacks I (still) see are from all over the IPv4 address space.

• SU01 User Grp Under Logon Tab - How to make Mandatory

  Hi Guys,
  I need to make the user group field mandatory in SU01, the one under the LOGON Tab (field name: CLASS).Can anyone who is knowledgeable about this let me know the process   ....Thanks very much in Advance.
  Anil.

  Hi Anil,
  Please use the search, this has been answered a few times.  The last time was in the last 2 weeks.

• Photoshop says "Rendering Type" and loads for a very long time, how do I fix this? I'm new to Photoshop and I was trying to learn how to make a watermark. This happens once I press the "Text" tool. I'm using a Mac with OS X. Please help, thank you.

  Photoshop says "Rendering Type" under a "Progress" Bar that shows up. I'm trying to create a watermark and this happens when I press the "Text" tool. Please help, I'm new to Photoshop. Thank you.

  So you created a document 192000 pixels wide, and 108000 tall, and  set the type to be 2 inches tall.  Yes, the type is going to take a few minutes to render in that document.
  Yes, you created a document much bigger than you probably intended (you probably wanted 1920 PIXELS by 1080 PIXELS).
  Pixels and inches are not the same, and you need to pay attention to the units.

• After the download of the new version of numbers the cells with formulars are not updated automatically after changing values in cells in the formular. In the previous version this was done automatically. How to make it work again?

  Downloaded new version of Numbers last night. Formulars in excisting spreadsheets are not working anymore.
  Pls. Help.

  You need to give a lot more information if you are to grt help. What are the formulas and how are you using them?

• How to make arch safe enough to remote desktop?

  I have a dsl connection at home, and I need to remote from work to my home usually.
  Sometimes I need to reboot my computer at home from a remote connection because I need to change to another OS.
  The problem with arch, is that if adsl is not able to connect at startup for some reason, it wont try it later, and I will lost the machine.
  Other distributions, like debian, keeps the daemon running until it connects, or try it later; I can do the same with windows and it dsl connection properties; but so far, I have not been able to do it with arch.
  Thanks in advance

  Well, i'd say pppd knows when it has been disconnected, and quits itself.
  So, ensure you have the flag -detach in your pppd configuration file enabled, and configure your inittab similar to this
  pd:23:respawn:/usr/sbin/pppd
  This would ensure to reconnect when the pppd daemon quits. This might not be the proper arch way to go, but it should work
  That's the commandline version, if you are running KDE, kppp has a reconnect method for pppd.
  The other way would be to write a small shell or perl script to check if the daemon is running or if you still have a connection up.
  Hope it helps
  // STi

• How to make thread safe?

  Hi guys,
  I got a backing bean like
  public class UserBean{
  private String firstname;
       public String getFirstname() {
            return firstname;
       public void setFirstname(String firstname) {
            this.firstname = firstname;
  the firstname variable is also use in the jsp page like
  <h:outputText value="#{userBean.firstname}"/>
  If the "setFirstname" method is executed by two threads, then it's likely that the value of the firstnameinstance variable will be replaced by the second thread while the first thread is still using it. So does JSF handle this thread safe condition? Please advice, Thanks !
  regards,
  kmthien

  If the bean is scoped in the request, according to the servlet spec, only one thread should ever access it. If the bean in scoped in the session/application, then it's up to you to manage synchronization within your bean as with every other web framework.

• How to make a server for field "Server name"[ON HOLD]

  <p>How do you create a server to connect to. i circled the part that i need</p><p>i need to make the server but i dont know how to make it this is what is say
  server name
  i want to know how to make the server

  Please try to clarify the question  again :-(
  I am sorry, but it is not clear to me, what you are asking.
  what is "make the server"?
  The server is an application created by Microsoft, you do not need to make it. did you mean install the SQL Server? or maybe how to connect the SQL Server after you installed it?
    Ronen Ariely
   [Personal Site]    [Blog]    [Facebook]

• How to make field editable in Tcode WPED

  Hi,
  Its about upgrade of IS Retail from ECC5.0 to ECC6.0.
  For Inbound IDOCS coming from POS to SAP System, IDOCs which are in unprocessed category in WPER Tcode.
  Now problem is in Tcode WPED there is a transaction date field which is now non editable in ECC6.0
  I want to make it modifiable.
  Earlier in ECC5.0 It was editable.
  So how to make that field modifiable.
  Regards,
  Divya

  Thanks Chenna
  But that field is sometimes coming editable and sometimes not.....may be it depends on some condition.....but I want to make it editable always whenever an Inbound IDOC is in "To be processed" status in WPER tcode.
  Iam going in that screen where field is coming uneditable is:
  Tcode WPER -
  > Inbound IDOC processing---> to be processed idocs---> double clicking on Idoc Number (comes on WPED screen with non-editable fields in overview table).
  If I'm double clicking on that transaction date field it goes to the screen whcih shows Sales Audit Editor: Item list of aggregate sales.
  Suggest me how to make it editable.
  bye
  Divya

• I've been working on our church website and suddenly, my computer will not connect to the site. I keep getting a message saying that the the connection to the server was reset while the page was loading. Does anyone have any ideas of how I can fix this?

  I've been working on our church website and all of a sudden this week, my computer will not connect to the site. I keep getting a message saying that the the connection to the server was reset while the page was loading. Does anyone have any ideas of how I can fix this?

  The "The connection was reset" error message can be caused by a bug fix for the BEAST (Browser Exploit Against SSL/TLS) attack that the server doesn't handle.
  *[[/questions/918127]]
  *[[/questions/918028]]

• I downloaded Firefox but can't open it. I keep getting "The connection to the server was reset while the page was loading" message. If it's a firewall issue, how do I change my firewall to accept Firefox?

  I have used Firefox for a number of years but some time ago I got a virus on my computer. I loaded eset nod32, removed the virus and cleaned the old files etc. using ccleaner.com. Now I keep getting the "The connection to the server was reset while the page was loading" message and I haven't been able to use firefox since then. I have uninstalled and re-installed it several times with no avail. I suspect there is something in my windows frrewall stopping it.

  If you want to check the Firewall, follow this-
  1. Click Start Menu > Control Panel > Security Center.
  2. Under the "Manage security settings for" click Windows Firewall.
  3. On the Exceptions tab, do one of the following-
  1. If Mozilla Firefox Firefox is there in the list, make sure it's checked.
  2. If Mozilla Firefox is not there, close the Windows Firewall window.

• I added apps by syncing with a Mac.  It was under my husband's ACCT. When I tried to update apps on my iPad, it was his account.  How do I change this?  It only happens when I try to update apps

  I added apps by syncing with a Mac.  It was under my husband's ACCT. When I tried to update apps on my iPad, it was his account.  How do I change this?  It only happens when I try to update apps

  Apps will always be tied to the account from which they were purchased.
  If they were purchased from your husbands account, then they will have to update using that account.