Search results

Hey, i didnt say i blamed DA that a whmcs script was to blame. Where did i say i blamed DA? I said, if you read my message from start to finish, that DA was insecure and it is, different story for another time. I said the guy logged into my phpmyadmin and grabbed the password and username. I did...

I not going to get into a pissing match here but do you think a reseller can get server stats? WHMCS display server stats on every server in your network displayed on the front page. Doubt they would let resellers gather this info.

Trying to upgrade using custombuild but it poofs out. The i try to install cyrus-sasl2 but that dies on me too. Any ideas? # /usr/ports/security/cyrus-sasl2 > make install clean ===> Building for cyrus-sasl-2.1.25_1 make all-recursive Making all in include Making all in sasldb ar cru...

You probably made an error somewhere. Why dont you reverse what you did to find out if in fact there is a misconfig somewhere. Reverse it then load it. Does it still timeout?

WHMCS requires the username and password of the admin to DA. This is the requriement if you want to gather account stats and or you want to use it to deploy system accounts at signup. I did not design WHMCS but that seems to be the only solution dont you think? Modernbill is the same. When...

Ye but do you want your attacker to know that your SSH port is 4455 instead of 22? And that the allowed users is Admin and Root? Why should you be giving out this info?

I guess im getting too many brute force hits right now, but why is it my server ip is getting that the blacklist??

Here is the thing, if you log into WHMCS as the admin you can log stright into Direct Admin with the push of the button!!!! Very dangerous option. I suspect that this guy did exactly that and that is how he got into my DA account. The other thing he could have done was create a new row in the...

Talking about security, i think the option in DA FILE EDITOR is a very dangerous option. Now anyone who takes access of your DA login can do anything and view anything here. Options like being able to edit sshd_config at the very least should be password protected. Just the same as the option...

Ever since i upgraded to 1.4.x and turned on Brute Force my servers ip address keeps getting added to the blacklist. I have to log in daily to remove it. Any solution to this?

Ye, ran fail2ban on another box once and i got so sick of it i disabled it. It drove me nuts.

Exactly, i am being hit by a few ips since i closed a hacked UDP script they installed they have been hitting my box but that ip is not listed as an ip that DA said is brute forcing the box. I wonder why.

1.3 i think it is. Does it make a difference?

MMX i was wondering if you could comment on thes fin_wait2 states The issue with this setup though is that when "limit" is used and there is a dynamic rule for the traffic, lots of connections build up in the FIN_WAIT_2 state. I have recently seen numbers in the upper hundreds and they stay...

Works a treat and thanks alot if nobody else has said it. I implemented this with Freebsd 6.2. Used these rules as well and it all seems a go.

The problem is the brute force on port 110 which you cant really stop otherwise nobody and pop3. But i turned off dovecot monitoring and stopped dovcot for about 2hrs. During that time i blocked the ip. Then i turned it back on and its good to go until i see another one. Repeat process.

Freebsd does not support iptables to my knowledge

Not on Freebsd.

Anyone have anything for Freebsd?

Iv had to turn off dovecot. After 4,000 brute force attempt using various email accounts iv had to turn off access to port 110. I guess these jackasses didnt like the fact that they got locked out. Now they are attacking my box via pop3.