General

General support issues relating to server security.

Popular Port Numbers

Submitted by Micky on Wed, 05/02/2007 - 15:01
tag(s) :

Control Panels

      cPanel            WHM             Plesk            Helm           Ensim
   * http: 2082     * http: 2086    * https: 8443    * https:8086   * https:19638
   * https: 2083    * https: 2087   * license: 5224

Popular Packages

      Virtuozzo         Urchin
   * https: 4643     * http: 9999

Using Iptables To Block Brute Force Attacks

Submitted by Micky on Fri, 04/27/2007 - 23:14
tag(s) :

Ssh...

Example:

iptables -N SSHSCAN
iptables -A INPUT -p tcp --dport 22 -m state –state NEW -j SSHSCAN
iptables -A SSHSCAN -m recent –set –name SSH
iptables -A SSHSCAN -m recent –update –seconds 300 –hitcount 3 –name SSH -j DROP

Using PAM To Block Brute Force Attacks

Submitted by Micky on Fri, 04/27/2007 - 23:14
tag(s) :

The idea to use PAM (Pluggable Authentication Modules for Linux) to block brute force attacks sounds like a good idea, right? After all, we are using PAM for most of the authentications mechanisms, so adding a module to check against repeated failures would be great. Surprisingly even if this sounded like something normal, I found only one PAM module that was written for this purpose. This is called pam_abl.

ThePlanet's - IP Tables Monitoring Rules

Submitted by Micky on Fri, 04/27/2007 - 23:13
tag(s) :

Recommending the customer to go to that link is definitely your best bet, but if you're too lazy to click the link and login... Here goes:

Syndicate content