Web Hosting Forum | Lunarpages


*
Welcome, Guest. Please login or register.
Did you miss your activation email?



Login with username, password and session length
September 02, 2014, 03:51:12 PM

Pages: [1]   Go Down
  Print  
Author Topic: brute force password cracking attempts  (Read 4872 times)
Runner
Spaceship Navigator
*****
Offline Offline

Posts: 91


« on: November 12, 2008, 07:11:16 AM »

In October someone from Russia cracked one of our FTP accounts and modified several of my web pages adding malware at the bottom of the pages.  I have since reset all passwords and cleaned up the affected pages.  I have a shared hosting account (basic plan) so I don't have shell access.  Is there any way I can detect large numbers of failed password attempts and block the users or at least lock out the account after X number of failed attempts?

By the way, this was done via an FTP account so modifying the .htaccess wouldn't help.  Other than forcing users to set strong passwords, is there anything else I can do to prevent this from happening again?
Logged
perestrelka
Administrator
Master Jedi
*****
Offline Offline

Posts: 1397



« Reply #1 on: November 13, 2008, 11:41:33 PM »

Hi Runner,

First of all, this board is for dedicated server owners and questions related to security of dedicated and VPS servers. However, I'll try to reply on your questions. Unfortunately, due to the nature of the of the shared plan, you don't have access to server logs. However, we have brute force detection scripts running on shared servers which block hosts making too many failed login attempts. What is happening more frequently than successful brute force is login details theft on the client computers via a trojan horse or virus. What is recommended to prevent this from happening is strong passwords as you mentioned, regular password change and up-to-date operating system with firewall as well as up-to-date antivirus with regular scans through entire system.
Logged

Kind Regards,
Vlad Artamonov
Pages: [1]   Go Up
  Print  
 
Jump to: