AstroBoy Online Forums

hay guies, I have setup a public download site on my server
public.diehard67.dyndns.org/pub

just about all the stuff on the server I have collected from elseware.

comments sugestions questions corections!! are welcome.

You should consider hiding the version of your web server If you don't, someone wanting to attack you will just go for a search to pick an attack tailored for your exact web server version irate:

Don't think no one will pay attention to you. As you, I have a web server in my bedroom online since more than 6 years, and it was hit by countless vicious attacks. Fortunately none of them went through.

thanx for the tip, I have seen a bunch of ssh login atempts in the logs once but nothing happened from it, except for me emailing there isps snippets of log files reporting the hacking lol.

You have Eternal boy!?!?!
I am downloading it to test it.

They work!
I'm going to use windows movie maker to put all 3 pieces together.

I am thinking of recoding all the flv files indo mpeg 2 (like a dvd, sortof), let me know what you think

fafner, any spesfic apache settings you recommend changeing, I altered a bunch this afternoon.

Do you have anymore subbed episodes?

The server version isn't visible anymore

About those ssh connections, I must say I have litterally millions of them in my logs. At first I tried to send e-mails here and there, but never got an answer. I learned later that they come from a big botnet class that exploit badly secured servers. Basically, it just scans for frequent accounts with default passwords (such as "john/johnpw"). Decently secured servers don't get exploited, but given the awesome number of connection attempts I found in my logs, I guess there are countless incompetent sysadmins roaming everywhere around the net

The best way to cope with those is to move the ssh port elsewhere (it seems you did, or at least you restricted it by IP address as I couldn't find it). Personnally I decided to let it on port 22, just to have some statitics; I never bothered to put a honeypot instead. To make sure none of them manage to login by pure chance, I put a smoke of screen:
1) root account is forbidden by ssh. It acts as if you could connect using root, accepting username and password, but invariably returns an access denied even if the password is correct. So all attempts on root are doomed from the beginning.
2) I set up a special account that is the only one that can connect from the outside and is in the wheel group (it has no other purposes, and therefore holds no data and no privilege except the wheel group). Some other accounts are accessible from the outside, but aren't in the wheel group, making them useless for the root compromission. The username of the account is secret, similar to a (weak) password, making things even more difficult for a potential attacker. So far, none of the failed connection attempts tried the correct username, unless my own failed attempts.

I have no doubt that if, say, the FBI wanted to root my computer they might make their way to it (with a big "maybe" though). But otherwise it is simply not cost-effective for the standard botnet, which has anyway tons of badly-secured computers everywhere.

you are fight I did move the ssh prots in my router to some high number ports to get them out of the way, havent seen any access atempts scence other then ming, my servers are inside of my network and I faward ports threw a router for the relivent services.

faram45, I have no more subbed eps