1. Contracting
    1. General
      1. Brexit
    2. Business / Contracts
      1. Coronavirus Assistance
    3. Accounting / Legal
      1. Umbrella Companies
      2. HMRC Scheme Enquiries
      3. The Future of Contracting
      4. IR35 Reform
    4. Technical
    5. Welcome / FAQs
  2. Social
    1. Light Relief
    2. Social / Events
  • Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

Those of you responsible running commercial websites

Collapse
X
11 to 17 of 17 Previous 1 2 template Next
Collapse
Reply to Thread
  •  
  • Filter
  • Time
  • Show
Clear All
new posts
11 to 17 of 17 Previous 1 2 template Next
    #11
    Originally posted by stek View Post
    Somebody exploited an ntp hole on the aLom on my colo'd box, turned out I was the relay of a fair amount of havoc!
    I think if they target you , there's nothing you can do . If they see they can milk you , or you upset them enough (visa, Sony etc)
    Hasn't happened to me though

    Comment

      #12
      Originally posted by diseasex View Post
      I think if they target you , there's nothing you can do . If they see they can milk you , or you upset them enough (visa, Sony etc)
      Hasn't happened to me though
      Just a port scanner found an unpatched hole - and Ddos'd from it, fixed a sec as soon as they told me.

      Comment

        #13
        Originally posted by meridian View Post
        I have no idea what you just wrote.
        ntp = Network Time Protocol

        aLom = Advanced Lights Out Management (i.e. remote access/power card running Linux Busybox)

        Colo = Colocation - my box, their DC.

        Simples!

        Comment

          #14
          Thanks chaps.

          The system runs on Azure Web Sites (PaaS) so less worries about ports, security updates etc.

          Comment

            #15
            Originally posted by stek View Post
            Check your server authlog and be amazed at the number of bots on Chinese IP's trying to guess the root password......
            Which is why I run sshd on a non-standard port, as well as use group permissions to restrict logins. It still gets attacked, but then fail2ban adds their IP to the firewall.

            Comment

              #16
              Originally posted by Contreras View Post
              Which is why I run sshd on a non-standard port, as well as use group permissions to restrict logins. It still gets attacked, but then fail2ban adds their IP to the firewall.
              Me too...

              Comment

                #17
                If you are running a Wordpress site always make sure you have the Sucuri plugin and iThemes Security (formerly Better WP Security) plugins

                This allows you to block most automated bots from trying to hack sites

                Comment

                Reply to Thread
                11 to 17 of 17 Previous 1 2 template Next

                Advertisers

                1. Contracting
                  1. General
                    1. Brexit
                  2. Business / Contracts
                    1. Coronavirus Assistance
                  3. Accounting / Legal
                    1. Umbrella Companies
                    2. HMRC Scheme Enquiries
                    3. The Future of Contracting
                    4. IR35 Reform
                  4. Technical
                  5. Welcome / FAQs
                2. Social
                  1. Light Relief
                  2. Social / Events
                Working...
                X