Sponsor:

Server and Web Integrator
Link:
Kloxo-MR logo
6.5.0 or 7.0.0
Click for "How to install"
Donation/Sponsorship:
Kloxo-MR is open-source.
Donate and or Sponsorship always welcome.
Click to:
Click Here
Please login or register. 2024-04-29, 10:46:13
« previous next »
Pages: [1]   Go Down

Author Topic: how to secure Kloxo-MR ?  (Read 3346 times)

0 Members and 1 Guest are viewing this topic.

Offline weenleen

  • Junior Member
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
how to secure Kloxo-MR ?
« on: 2014-12-28, 08:31:43 »
Checking my log , I see that I am Getting lot of ftp brute force attack .  sometimes my vps provider null route because of DDos attacks.  I am new to vps managing. I want to know how to secure my vps.



is this a targeted attack ?  I see the attacker is trying to use my domain.com as username
Code: [Select]

Dec 28 06:55:34 vps xinetd[7523]: EXIT: ftp status=0 pid=26036 duration=6(sec)
Dec 28 06:55:36 vps xinetd[7523]: START: ftp pid=26038 from=::ffff:175.44.5.91
Dec 28 06:55:36 vps pure-ftpd: (?@175.44.5.91) [INFO] New connection from 175.44.5.91
Dec 28 06:55:40 vps pure-ftpd: (?@175.44.5.91) [WARNING] Authentication failed for user [admin_com]
Dec 28 06:55:41 vps pure-ftpd: (?@175.44.5.91) [INFO] Logout.
Dec 28 06:55:41 vps xinetd[7523]: EXIT: ftp status=0 pid=26038 duration=5(sec)
Dec 28 06:55:41 vps xinetd[7523]: START: ftp pid=26040 from=::ffff:175.44.5.91
Dec 28 06:55:41 vps pure-ftpd: (?@175.44.5.91) [INFO] New connection from 175.44.5.91
Dec 28 06:55:46 vps pure-ftpd: (?@175.44.5.91) [WARNING] Authentication failed for user [root_com]
Dec 28 06:55:46 vps pure-ftpd: (?@175.44.5.91) [INFO] Logout.
Dec 28 06:55:46 vps xinetd[7523]: EXIT: ftp status=0 pid=26040 duration=5(sec)
Dec 28 06:55:47 vps xinetd[7523]: START: ftp pid=26042 from=::ffff:175.44.5.91
Dec 28 06:55:47 vps pure-ftpd: (?@175.44.5.91) [INFO] New connection from 175.44.5.91
Dec 28 06:55:52 vps pure-ftpd: (?@175.44.5.91) [WARNING] Authentication failed for user [www.domain.org]
Dec 28 06:55:52 vps pure-ftpd: (?@175.44.5.91) [INFO] Logout.
Dec 28 06:55:52 vps xinetd[7523]: EXIT: ftp status=0 pid=26042 duration=5(sec)
Dec 28 06:55:53 vps xinetd[7523]: START: ftp pid=26044 from=::ffff:175.44.5.91
Dec 28 06:55:53 vps pure-ftpd: (?@175.44.5.91) [INFO] New connection from 175.44.5.91
Dec 28 06:55:58 vps pure-ftpd: (?@175.44.5.91) [WARNING] Authentication failed for user [domai,.com]
Dec 28 06:55:58 vps pure-ftpd: (?@175.44.5.91) [INFO] Logout.
Dec 28 06:55:58 vps xinetd[7523]: EXIT: ftp status=0 pid=26044 duration=5(sec)
Dec 28 06:56:00 vps xinetd[7523]: START: ftp pid=26047 from=::ffff:175.44.5.91
Dec 28 06:56:00 vps pure-ftpd: (?@175.44.5.91) [INFO] New connection from 175.44.5.91
Dec 28 06:56:05 vps pure-ftpd: (?@175.44.5.91) [WARNING] Authentication failed for user [domainorg]
Dec 28 06:56:05 vps pure-ftpd: (?@175.44.5.91) [INFO] Logout.
Dec 28 06:56:05 vps xinetd[7523]: EXIT: ftp status=0 pid=26047 duration=5(sec)
Dec 28 06:56:16 vps xinetd[7523]: START: ftp pid=26049 from=::ffff:175.44.5.91
Dec 28 06:56:16 vps pure-ftpd: (?@175.44.5.91) [INFO] New connection from 175.44.5.91
Dec 28 06:56:21 vps pure-ftpd: (?@175.44.5.91) [WARNING] Authentication failed for user [admin]
Dec 28 06:56:21 vps pure-ftpd: (?@175.44.5.91) [INFO] Logout.
Dec 28 06:56:21 vps xinetd[7523]: EXIT: ftp status=0 pid=26049 duration=5(sec)
Dec 28 06:56:22 vps xinetd[7523]: START: ftp pid=26051 from=::ffff:175.44.5.91
Dec 28 06:56:22 vps pure-ftpd: (?@175.44.5.91) [INFO] New connection from 175.44.5.91
Dec 28 06:56:28 vps pure-ftpd: (?@175.44.5.91) [WARNING] Authentication failed for user [root]
Dec 28 06:56:28 vps pure-ftpd: (?@175.44.5.91) [INFO] Logout.
Dec 28 06:56:28 vps xinetd[7523]: EXIT: ftp status=0 pid=26051 duration=6(sec)
Dec 28 06:56:28 vps xinetd[7523]: START: ftp pid=26053 from=::ffff:175.44.5.91
Dec 28 06:56:28 vps pure-ftpd: (?@175.44.5.91) [INFO] New connection from 175.44.5.91
Dec 28 06:56:35 vps pure-ftpd: (?@175.44.5.91) [WARNING] Authentication failed for user [domain_org]
Dec 28 06:56:35 vps pure-ftpd: (?@175.44.5.91) [INFO] Logout.
Dec 28 06:56:35 vps xinetd[7523]: EXIT: ftp status=0 pid=26053 duration=7(sec)
Dec 28 06:56:35 vps xinetd[7523]: START: ftp pid=26056 from=::ffff:175.44.5.91
Dec 28 06:56:35 vps pure-ftpd: (?@175.44.5.91) [INFO] New connection from 175.44.5.91
Dec 28 06:56:39 vps pure-ftpd: (?@175.44.5.91) [WARNING] Authentication failed for user [admin_org]
Dec 28 06:56:39 vps pure-ftpd: (?@175.44.5.91) [INFO] Logout.
Dec 28 06:56:39 vps xinetd[7523]: EXIT: ftp status=0 pid=26056 duration=4(sec)
Dec 28 06:56:47 vps xinetd[7523]: START: ftp pid=26058 from=::ffff:175.44.5.91
Dec 28 06:56:47 vps pure-ftpd: (?@175.44.5.91) [INFO] New connection from 175.44.5.91
Dec 28 06:56:51 vps pure-ftpd: (?@175.44.5.91) [WARNING] Authentication failed for user [root_org]
Dec 28 06:56:51 vps pure-ftpd: (?@175.44.5.91) [INFO] Logout.
Dec 28 06:56:51 vps xinetd[7523]: EXIT: ftp status=0 pid=26058 duration=4(sec)
Dec 28 06:56:51 vps xinetd[7523]: START: ftp pid=26060 from=::ffff:175.44.5.91
Dec 28 06:56:52 vps pure-ftpd: (?@175.44.5.91) [INFO] New connection from 175.44.5.91
Dec 28 06:56:56 vps pure-ftpd: (?@175.44.5.91) [WARNING] Authentication failed for user [adomain_com]
Dec 28 06:56:57 vps pure-ftpd: (?@175.44.5.91) [INFO] Logout.
Dec 28 06:56:57 vps xinetd[7523]: EXIT: ftp status=0 pid=26060 duration=6(sec)
Dec 28 13:45:20 vps xinetd[7523]: Exiting...

 I keep getting attacks from different IP not just the one listed in the log

how do I change default pureftp port ?

does LxGuard protect ftp, ssh, too, or only the admin login http://1.2.3.4/7777 ??

why IPtables states is always  "stopped" 


even when I click start it doesn't change.


Logged

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,807
  • Karma: +119/-11
  • Gender: Male
    • View Profile
    • MRatWork Forum
Re: how to secure Kloxo-MR ?
« Reply #1 on: 2014-12-28, 09:04:47 »
LxGuard protect for ssh and ftp. By default, Kloxo-MR set iptables off.
Logged
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline weenleen

  • Junior Member
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Re: how to secure Kloxo-MR ?
« Reply #2 on: 2014-12-28, 09:56:13 »
ok so how to change default ftp port in kloxo?

and how to white list these IP anges in LxGuard  ??
31.77.112.0/21
31.87.128.0/19
71.92.0.0/17
31.137.0.0/16
51.140.0.0/14
01.205.192.0/19
71.214.128.0/17
91.216.224.0/22
11.248.0.0/14
etc ....

does Lxguard accept cidr, or wildcard ?
Logged

Offline weenleen

  • Junior Member
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Re: how to secure Kloxo-MR ?
« Reply #3 on: 2014-12-28, 10:05:16 »
 Lxguard doesn't protect ftp, because I set max Wrong Attempts to 5.
but I can see in the above log there is more than 10 wrong attempt from the same IP !!.

Logged

Offline weenleen

  • Junior Member
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Re: how to secure Kloxo-MR ?
« Reply #4 on: 2014-12-29, 10:01:57 »
Attacks still running for days continuously , Lxgurad doesn't do anything it doesn't protect SSH or ftp and it doesn't even protect the admin login http://12.34.56.78:7777
even when max wrong attempt is enabled.

How do I remove Lxgurad and enable Iptables?

Code: [Select]

s pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:31:26 vps xinetd[27448]: EXIT: ftp status=0 pid=14497 duration=5(sec)
Dec 29 09:31:31 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:31:31 vps xinetd[27448]: START: ftp pid=14501 from=::ffff:192.99.8.99
Dec 29 09:31:31 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:31:31 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:31:31 vps xinetd[27448]: EXIT: ftp status=0 pid=14499 duration=5(sec)
Dec 29 09:31:36 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:31:37 vps xinetd[27448]: START: ftp pid=14503 from=::ffff:192.99.8.99
Dec 29 09:31:37 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:31:37 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:31:37 vps xinetd[27448]: EXIT: ftp status=0 pid=14501 duration=6(sec)
Dec 29 09:31:42 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:31:44 vps xinetd[27448]: START: ftp pid=14505 from=::ffff:192.99.8.99
Dec 29 09:31:44 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:31:44 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:31:44 vps xinetd[27448]: EXIT: ftp status=0 pid=14503 duration=7(sec)
Dec 29 09:31:48 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:31:48 vps xinetd[27448]: START: ftp pid=14509 from=::ffff:192.99.8.99
Dec 29 09:31:48 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:31:49 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:31:49 vps xinetd[27448]: EXIT: ftp status=0 pid=14505 duration=5(sec)
Dec 29 09:31:52 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:31:52 vps xinetd[27448]: START: ftp pid=14511 from=::ffff:192.99.8.99
Dec 29 09:31:52 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:31:52 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:31:52 vps xinetd[27448]: EXIT: ftp status=0 pid=14509 duration=4(sec)
Dec 29 09:31:58 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:31:58 vps xinetd[27448]: START: ftp pid=14513 from=::ffff:192.99.8.99
Dec 29 09:31:58 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:31:58 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:31:58 vps xinetd[27448]: EXIT: ftp status=0 pid=14511 duration=6(sec)
Dec 29 09:32:02 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:32:03 vps xinetd[27448]: START: ftp pid=14515 from=::ffff:192.99.8.99
Dec 29 09:32:03 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:32:03 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:32:03 vps xinetd[27448]: EXIT: ftp status=0 pid=14513 duration=5(sec)
Dec 29 09:32:07 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:32:10 vps xinetd[27448]: START: ftp pid=14517 from=::ffff:192.99.8.99
Dec 29 09:32:10 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:32:11 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:32:11 vps xinetd[27448]: EXIT: ftp status=0 pid=14515 duration=8(sec)
Dec 29 09:32:15 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:32:15 vps xinetd[27448]: START: ftp pid=14519 from=::ffff:192.99.8.99
Dec 29 09:32:15 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:32:16 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:32:16 vps xinetd[27448]: EXIT: ftp status=0 pid=14517 duration=6(sec)
Dec 29 09:32:21 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:32:22 vps xinetd[27448]: START: ftp pid=14521 from=::ffff:192.99.8.99
Dec 29 09:32:22 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:32:22 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:32:22 vps xinetd[27448]: EXIT: ftp status=0 pid=14519 duration=7(sec)
Dec 29 09:32:27 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:32:27 vps xinetd[27448]: START: ftp pid=14523 from=::ffff:192.99.8.99
Dec 29 09:32:27 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:32:27 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:32:27 vps xinetd[27448]: EXIT: ftp status=0 pid=14521 duration=5(sec)
Dec 29 09:32:30 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:32:31 vps xinetd[27448]: START: ftp pid=14525 from=::ffff:192.99.8.99
Dec 29 09:32:31 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:32:31 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:32:31 vps xinetd[27448]: EXIT: ftp status=0 pid=14523 duration=4(sec)
Dec 29 09:32:36 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:32:36 vps xinetd[27448]: START: ftp pid=14527 from=::ffff:192.99.8.99
Dec 29 09:32:37 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:32:37 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:32:37 vps xinetd[27448]: EXIT: ftp status=0 pid=14525 duration=6(sec)
Dec 29 09:32:41 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:32:41 vps xinetd[27448]: START: ftp pid=14529 from=::ffff:192.99.8.99
Dec 29 09:32:41 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:32:41 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:32:41 vps xinetd[27448]: EXIT: ftp status=0 pid=14527 duration=5(sec)
Dec 29 09:32:45 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:32:45 vps xinetd[27448]: START: ftp pid=14531 from=::ffff:192.99.8.99
Dec 29 09:32:45 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:32:45 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:32:45 vps xinetd[27448]: EXIT: ftp status=0 pid=14529 duration=4(sec)
Dec 29 09:32:50 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:32:50 vps xinetd[27448]: START: ftp pid=14533 from=::ffff:192.99.8.99
Dec 29 09:32:50 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:32:51 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:32:51 vps xinetd[27448]: EXIT: ftp status=0 pid=14531 duration=6(sec)
Dec 29 09:32:56 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:32:56 vps xinetd[27448]: START: ftp pid=14535 from=::ffff:192.99.8.99
Dec 29 09:32:56 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:32:56 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:32:56 vps xinetd[27448]: EXIT: ftp status=0 pid=14533 duration=6(sec)
Dec 29 09:33:01 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:33:01 vps xinetd[27448]: START: ftp pid=14537 from=::ffff:192.99.8.99
Dec 29 09:33:02 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:33:02 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:33:02 vps xinetd[27448]: EXIT: ftp status=0 pid=14535 duration=6(sec)
Dec 29 09:33:05 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:33:06 vps xinetd[27448]: START: ftp pid=14539 from=::ffff:192.99.8.99
Dec 29 09:33:06 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:33:06 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:33:06 vps xinetd[27448]: EXIT: ftp status=0 pid=14537 duration=5(sec)
Dec 29 09:33:09 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:33:09 vps xinetd[27448]: START: ftp pid=14541 from=::ffff:192.99.8.99
Dec 29 09:33:09 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:33:09 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:33:09 vps xinetd[27448]: EXIT: ftp status=0 pid=14539 duration=3(sec)
Dec 29 09:33:14 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:33:14 vps xinetd[27448]: START: ftp pid=14543 from=::ffff:192.99.8.99
Dec 29 09:33:14 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:33:14 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:33:14 vps xinetd[27448]: EXIT: ftp status=0 pid=14541 duration=5(sec)
Dec 29 09:33:18 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:33:18 vps xinetd[27448]: START: ftp pid=14545 from=::ffff:192.99.8.99
Dec 29 09:33:18 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:33:18 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:33:18 vps xinetd[27448]: EXIT: ftp status=0 pid=14543 duration=4(sec)
Dec 29 09:33:22 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:33:22 vps xinetd[27448]: START: ftp pid=14547 from=::ffff:192.99.8.99
Dec 29 09:33:22 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:33:22 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:33:22 vps xinetd[27448]: EXIT: ftp status=0 pid=14545 duration=4(sec)
Dec 29 09:33:28 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:33:28 vps xinetd[27448]: START: ftp pid=14549 from=::ffff:192.99.8.99
Dec 29 09:33:28 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:33:28 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:33:28 vps xinetd[27448]: EXIT: ftp status=0 pid=14547 duration=6(sec)
Dec 29 09:33:33 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:33:34 vps xinetd[27448]: START: ftp pid=14554 from=::ffff:192.99.8.99
Dec 29 09:33:34 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:33:34 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:33:34 vps xinetd[27448]: EXIT: ftp status=0 pid=14549 duration=6(sec)
Dec 29 09:33:38 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:33:39 vps xinetd[27448]: START: ftp pid=14556 from=::ffff:192.99.8.99
Dec 29 09:33:39 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:33:39 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:33:39 vps xinetd[27448]: EXIT: ftp status=0 pid=14554 duration=5(sec)
Dec 29 09:33:44 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:33:45 vps xinetd[27448]: START: ftp pid=14559 from=::ffff:192.99.8.99
Dec 29 09:33:45 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:33:45 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:33:45 vps xinetd[27448]: EXIT: ftp status=0 pid=14556 duration=6(sec)
Dec 29 09:33:50 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:33:53 vps xinetd[27448]: START: ftp pid=14561 from=::ffff:192.99.8.99
Dec 29 09:33:53 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:33:54 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:33:54 vps xinetd[27448]: EXIT: ftp status=0 pid=14559 duration=9(sec)
Dec 29 09:33:57 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:33:57 vps xinetd[27448]: START: ftp pid=14563 from=::ffff:192.99.8.99
Dec 29 09:33:57 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:33:57 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:33:57 vps xinetd[27448]: EXIT: ftp status=0 pid=14561 duration=4(sec)
Dec 29 09:34:01 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:34:04 vps xinetd[27448]: START: ftp pid=14566 from=::ffff:192.99.8.99
Dec 29 09:34:04 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:34:04 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:34:04 vps xinetd[27448]: EXIT: ftp status=0 pid=14563 duration=7(sec)
Dec 29 09:34:09 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:34:09 vps xinetd[27448]: START: ftp pid=14569 from=::ffff:192.99.8.99
Dec 29 09:34:09 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:34:09 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:34:09 vps xinetd[27448]: EXIT: ftp status=0 pid=14566 duration=5(sec)
Dec 29 09:34:13 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:34:13 vps xinetd[27448]: START: ftp pid=14571 from=::ffff:192.99.8.99
Dec 29 09:34:13 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:34:13 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:34:13 vps xinetd[27448]: EXIT: ftp status=0 pid=14569 duration=4(sec)
Dec 29 09:34:17 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:34:17 vps xinetd[27448]: START: ftp pid=14573 from=::ffff:192.99.8.99
Dec 29 09:34:17 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:34:17 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:34:17 vps xinetd[27448]: EXIT: ftp status=0 pid=14571 duration=4(sec)
Dec 29 09:34:23 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:34:23 vps xinetd[27448]: START: ftp pid=14578 from=::ffff:192.99.8.99
Dec 29 09:34:23 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:34:23 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:34:23 vps xinetd[27448]: EXIT: ftp status=0 pid=14573 duration=6(sec)
Dec 29 09:34:29 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:34:29 vps xinetd[27448]: START: ftp pid=14580 from=::ffff:192.99.8.99
Dec 29 09:34:29 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:34:29 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:34:29 vps xinetd[27448]: EXIT: ftp status=0 pid=14578 duration=6(sec)
Dec 29 09:34:32 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:34:32 vps xinetd[27448]: START: ftp pid=14582 from=::ffff:192.99.8.99
Dec 29 09:34:32 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:34:32 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:34:32 vps xinetd[27448]: EXIT: ftp status=0 pid=14580 duration=3(sec)
Dec 29 09:34:37 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:34:37 vps xinetd[27448]: START: ftp pid=14584 from=::ffff:192.99.8.99
Dec 29 09:34:37 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:34:37 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:34:37 vps xinetd[27448]: EXIT: ftp status=0 pid=14582 duration=5(sec)
Dec 29 09:34:41 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:34:42 vps xinetd[27448]: START: ftp pid=14587 from=::ffff:192.99.8.99
Dec 29 09:34:42 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:34:42 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:34:42 vps xinetd[27448]: EXIT: ftp status=0 pid=14584 duration=5(sec)
Dec 29 09:34:47 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:34:47 vps xinetd[27448]: START: ftp pid=14590 from=::ffff:192.99.8.99
Dec 29 09:34:47 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:34:47 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:34:47 vps xinetd[27448]: EXIT: ftp status=0 pid=14587 duration=5(sec)
Dec 29 09:34:53 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:34:53 vps xinetd[27448]: START: ftp pid=14592 from=::ffff:192.99.8.99
Dec 29 09:34:53 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:34:53 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
Dec 29 09:34:53 vps xinetd[27448]: EXIT: ftp status=0 pid=14590 duration=6(sec)
Dec 29 09:34:58 vps pure-ftpd: (?@192.99.8.99) [WARNING] Authentication failed for user [domain]
Dec 29 09:34:58 vps xinetd[27448]: START: ftp pid=14596 from=::ffff:192.99.8.99
Dec 29 09:34:58 vps pure-ftpd: (?@192.99.8.99) [INFO] New connection from 192.99.8.99
Dec 29 09:34:58 vps pure-ftpd: (?@192.99.8.99) [INFO] Logout.
....
[log omitted ......]

 
Logged

Offline MRatWork

  • Administrator
  • The Elite
  • *****
  • Posts: 15,807
  • Karma: +119/-11
  • Gender: Male
    • View Profile
    • MRatWork Forum
Re: how to secure Kloxo-MR ?
« Reply #5 on: 2014-12-29, 20:21:15 »
LxGuard must always on but no problem for install/setup iptables for this purpose.
Logged
..:: MRatWork (Mustafa Ramadhan Projects) ::..
-- Server/Web-integrator - Web Hosting (Kloxo-MR READY!) --

Offline weenleen

  • Junior Member
  • *
  • Posts: 20
  • Karma: +0/-0
    • View Profile
Re: how to secure Kloxo-MR ?
« Reply #6 on: 2014-12-29, 21:19:24 »
also I have changed pure ftp default port 21 to 34345, but I can still see log in using port. 21  , the 34345 port doesn't work.
Logged
Pages: [1]   Go Up
« previous next »
 


Top 4 Global Search Engines:    Google    Bing    Baidu    Yahoo
Click Here

Page created in 0.029 seconds with 18 queries.

web stats analysis