To whoever hacked into my Database

Ferrous Cranus nikos.gr33k at gmail.com
Thu Nov 14 14:24:32 CET 2013


Στις 14/11/2013 2:32 μμ, ο/η Alister έγραψε:
> On Thu, 14 Nov 2013 12:46:29 +0200, Ferrous Cranus wrote:
>>> This must have happened when i was handling my root passwords out in
>>> the open.
>>>
>>> Served me well.
>>
> At least you seem to be learning this lesson
>>
>>
>> Can somebody explain to me why there is so many failed attempts to login
>> into my linux server under various user accounts?
>>
>> http://i.imgur.com/5PaZAWu.png
>>
>> I mean is this some normal background radiation of the Internet or is
>> something directed to me?
>>
>> Does this happen on your servers at this extend too?
>
> any open ports on the internet are likely to attract attention of the
> 'Black Hats'
> this is why you have been advised to check your firewall settings
> you should only expose the ports that are absolutely necessary
>
> for a web server these would be 80 & 443
>
> currently you have many other services also open that probably should not
> be.
> if you check the logs for those services you will probably find even more
> login attempts (I hope they have failed)


Yes i have more ports open as 'nmap' reports but don't forget that i'm 
running cPanel for my customers, hence more ports need to be opened for 
cPanel and WHM use, let alone mail and sshd.

But the response wasn't clear to me.
Ia this randomly normal background Internet radiation or some personal 
directed attacks?





More information about the Python-list mailing list