New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
Comments
yeah you are the kind of person who obviously isn't new to system administration
http://www.cyberciti.biz/faq/linux-iptables-drop/
the system put him into black list i know how to use iptables
I ublocked him on porpes to see...
What is the point here? I get more emails than I care to see from CSF. Why do I want to see yours also?
@MCHPhil from all alerts i get this one was flooding in attemps
You really should install CSF/LFD as cPhulk is well... shite.
http://configserver.com/free/csf/install.txt
Dropping all Chinese packets will stop 90% of your brute force attacks.
Unfortunately I would agree. I really wished that the Chinese ISP's would respond to abuse reports.
@nunim we using APF + Externel firewall we have on every server
Properly configuring CSF+LFD will keep the spam to a slight minimum. Still nice to see if an IP is blocked. Incase it was me on accident. After X attempts ban etc. CSF+LFD is very versatile. Properly configured, that is.
I get more brute force alert emails than I care for. Thats just trying to break into cPanel on a LSN ip space...
Just block it and move on. We have all encountered this at-least once.
Some ranges are scanned a lot more then others, for instance my SingleHop IPs are hit more often then any other VPS I have. CSF/LFD really does a great job.
I'm still working on setting up a LFD cluster, I feel this will help take the load off infrastructure quite a bit, just seems to be a pain with a few /24's.
I'm trying to decide if I should do clustering per node or per /24 as ranges are usually scanned consecutively.
Seems to be doing a poor job if you're getting that many emails about the same IP.
@nunim Read my comment http://lowendtalk.com/discussion/comment/534654/#Comment_534654
Well, my wordpress used to have a failed login attempt about 2000times/day.
Do you know CSF is?
I remember the first time I saw these emails, I freaked!
It's trivial nowadays. What's a day without these like? Couldn't tell you myself! lol