Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

ftp hackbots i think i found a easy and permanent solution


  • Please log in to reply

#1
mikeloeven

mikeloeven

    Member

  • Member
  • PipPipPip
  • 305 posts
for all of you that run ftp servers i am sure you have come across that issue where some computer from china will try to log on as administrator trying random passwords till they are auto-banned. so far there are alot of methods to block them but the simplest method is to rely on the bot's own stupidity. i found that the best way to combat them is to rename the administrator account to something random and create a fake account named administrator that is not password protected but pointed to an empty directory with no permissions. all the bots so far have logged in tried to create a folder and than they disconnect themselves when permissions are denied. so instead of filing up your log files and spamming the server they now give up after one shot.
  • 0

Advertisements


#2
dsenette

dsenette

    Je suis Napoléon!

  • Administrator
  • 26,041 posts
  • MVP
that would almost work, except that they're not trying to connect to your ftp server to possibly get files (just hoping that you've got some) they're trying to get into your FTP server to establish a connection to it, which they will quickly exploit to gain access to the rest of the system
  • 0

#3
mikeloeven

mikeloeven

    Member

  • Topic Starter
  • Member
  • PipPipPip
  • 305 posts

that would almost work, except that they're not trying to connect to your ftp server to possibly get files (just hoping that you've got some) they're trying to get into your FTP server to establish a connection to it, which they will quickly exploit to gain access to the rest of the system


yeah but it works for the run of the mill personal server they are only really targeted by script kiddies looking for places to store their porn and wearz. i had mine set up like this for over a year and never had anything happen. i wouldn't recommend doing it on a corporate server. but thankfully in this day and age the REAL black hats are rather rare and normally go after bigger fish like major corporations and government sites.

but i agree the only way to truly be safe from hackers is to encrypt everything that has personal info on it. and back up your data regularly incase they damage something.

Edited by mikeloeven, 01 July 2010 - 05:02 PM.

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP