--- Jack quiet_celt@yahoo.com wrote:
My internet server is being actively attacked. I now have a list of 130 addresses attempting to break into my server. Sometimes very aggressivley. ...
I forgot to mention, that somehow these attackers are using two real accounts on the machine. Perhaps one or more of the attackers was thev previous attacker. Or possibly, they got the user id from my mail server. I had a configuration that I forgot to shut off that would respond to requests for user mail accounts. That's been turned off. I may consider deleting those accounts and creating new ones.
Thanks, Brian D.
__________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com
Jack wrote:
--- Jack quiet_celt@yahoo.com wrote:
My internet server is being actively attacked. I now have a list of 130 addresses attempting to break into my server. Sometimes very aggressivley.
I would probably unplug it from the network and investigate, unless you can't take down due to loss of email...
Thanks,
J
On 4/29/05, Jack quiet_celt@yahoo.com wrote:
I forgot to mention, that somehow these attackers are using two real accounts on the machine. Perhaps one or more of the attackers was thev previous attacker. Or possibly, they got the user id from my mail server. I had a configuration that I forgot to shut off that would respond to requests for user mail accounts. That's been turned off. I may consider deleting those accounts and creating new ones.
So by "real accounts" you mean an email account on the mail server? Or are you meaning shell account? And how are they trying to "break in"? ssh? Is this box up-to-date no missed security patches? And is this box behind a firewall with mail port fowarded to it?
-
djgoku -
Jack -
Jonathan