BetaArchive Logo
Navigation Home Screenshots Image Uploader Server Info FTP Servers Wiki Forum RSS Feed Rules Please Donate
UP: 24d, 21h, 25m | CPU: 43% | MEM: 5582MB of 12227MB used
{The community for beta collectors}

Forum rules


Any off topic discussions should go in this forum. Post count is not increased by posting here.
FTP Access status is required to post in this forum. Find out how to get it


Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 8 posts ] 
Author Message
 PostPost subject: The Problems of FTP        Posted: Sun Jun 10, 2007 1:28 am 
FTP Access
Offline

Joined
Fri Nov 03, 2006 10:51 pm

Posts
164

Location
massachusetts

Favourite OS
4074
I have had an FTP server for about 3 days now that me and my friends use for exchanging small files. It seems like every 3 hours or so now, when i look in the log files, i see stuff like this:

Quote:
(000011) 6/10/2007 8:28:09 AM - (not logged in) (61.132.74.244)> 220 Welcome To Ben Mayo's FTP Server!
(000011) 6/10/2007 8:28:10 AM - (not logged in) (61.132.74.244)> USER Administrator
(000011) 6/10/2007 8:28:10 AM - (not logged in) (61.132.74.244)> 331 Password required for administrator
(000011) 6/10/2007 8:28:10 AM - (not logged in) (61.132.74.244)> PASS
(000011) 6/10/2007 8:28:10 AM - (not logged in) (61.132.74.244)> 530 Login or password incorrect!
(000011) 6/10/2007 8:28:11 AM - (not logged in) (61.132.74.244)> USER Administrator
(000011) 6/10/2007 8:28:11 AM - (not logged in) (61.132.74.244)> 331 Password required for administrator
(000011) 6/10/2007 8:28:11 AM - (not logged in) (61.132.74.244)> PASS abel
(000011) 6/10/2007 8:28:11 AM - (not logged in) (61.132.74.244)> 530 Login or password incorrect!
(000011) 6/10/2007 8:28:12 AM - (not logged in) (61.132.74.244)> USER Administrator
(000011) 6/10/2007 8:28:12 AM - (not logged in) (61.132.74.244)> 331 Password required for administrator
(000011) 6/10/2007 8:28:12 AM - (not logged in) (61.132.74.244)> PASS absolon
(000011) 6/10/2007 8:28:12 AM - (not logged in) (61.132.74.244)> 530 Login or password incorrect!
(000011) 6/10/2007 8:28:13 AM - (not logged in) (61.132.74.244)> USER Administrator
(000011) 6/10/2007 8:28:13 AM - (not logged in) (61.132.74.244)> 331 Password required for administrator
(000011) 6/10/2007 8:28:14 AM - (not logged in) (61.132.74.244)> PASS achile
(000011) 6/10/2007 8:28:14 AM - (not logged in) (61.132.74.244)> 530 Login or password incorrect!
(000011) 6/10/2007 8:28:16 AM - (not logged in) (61.132.74.244)> USER Administrator
(000011) 6/10/2007 8:28:16 AM - (not logged in) (61.132.74.244)> 331 Password required for administrator
(000011) 6/10/2007 8:28:18 AM - (not logged in) (61.132.74.244)> PASS adam


i look up the IP address every time and it always seems to come from Asia. Does anybody else who has a server ever get these? it seems the attacker is running a script to guess every password possible, and he fails miserably every time. Is this some type of DoS attack or an attempt to add warez to my computer?


Top  Profile
 PostPost subject:        Posted: Sun Jun 10, 2007 1:36 am 
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12459

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
Its an automated "hack attempt". Do you have a user called "administrator"? If not ignore it, they'll never get in.

If you're using FileZilla, activate the autobanning feature and set it to 10 incorrect attempts. It'll ban the IP after 10 bad tries. I get them all the time, they're nothing to worry about unless they're hitting a username that exists.l

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject:        Posted: Sun Jun 10, 2007 1:39 am 
FTP Access
Offline

Joined
Fri Nov 03, 2006 10:51 pm

Posts
164

Location
massachusetts

Favourite OS
4074
thanks for the help! i guess that i should have realized that i dont have an administrator account they can hack... I didn't no FileZilla had the autobanning thing either, i guess i still have a lot to learn about FTP management


Top  Profile
 PostPost subject:        Posted: Sun Jun 10, 2007 1:41 am 
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12459

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
I forgot to mention the ban hours should be 12, at least thats what I set mine to.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject:        Posted: Sun Jun 10, 2007 1:45 am 
FTP Access
Offline

Joined
Fri Nov 03, 2006 10:51 pm

Posts
164

Location
massachusetts

Favourite OS
4074
i set mine to 24, i figure they wont do it again for that long anyway


Top  Profile
 PostPost subject:        Posted: Sun Jun 10, 2007 1:46 am 
Administrator
User avatar
Offline

Joined
Fri Aug 18, 2006 11:47 am

Posts
12459

Location
Merseyside, United Kingdom

Favourite OS
Microsoft Windows 7 Ultimate x64
benny1091 wrote:
i set mine to 24, i figure they wont do it again for that long anyway


Their program will keep trying but obviously they will be denied if the IP is blocked.

_________________
Image

BetaArchive Discord: https://discord.gg/epK3r6A


Top  Profile  WWW
 PostPost subject:        Posted: Sun Jun 10, 2007 3:47 am 
Donator
Offline

Joined
Sat Sep 30, 2006 5:00 pm

Posts
3557
I had something similar happen to me when I temporarily had a SSH server running on my main box, with a DynDNS service, of course. Some guy kept on trying to connect and log in as root, but fortunately, this account is disabled by default on OS X. :lol: I've since changed the port number used for SSH to be on the safe side (yes, I am paranoid).


Top  Profile
 PostPost subject: IIS        Posted: Sun Jun 10, 2007 4:49 am 
Donator
Offline

Joined
Tue Oct 17, 2006 8:26 pm

Posts
930
They are looking for IIS deployments with no default password (or weak common passwords)


Top  Profile
Display posts from previous:  Sort by  
Post new topic This topic is locked, you cannot edit posts or make further replies.  [ 8 posts ] 




Who is online

Users browsing this forum: Courage, Google [Bot] and 4 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum

Jump to:  

All views expressed in these forums are those of the author and do not necessarily represent the views of the BetaArchive site owner.

Powered by phpBB® Forum Software © phpBB Group

Copyright © 2006-2018

 

Sitemap | XML | RSS