Search Results

Search found 5084 results on 204 pages for 'brute force'.

Page 1/204 | 1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >

  • Most common account names used in ssh brute force attacks

    - by Charles Stewart
    Does anyone maintain lists of the most frequently guessed account names that are used by attackers brute-forcing ssh? For your amusement, from my main server's logs over the last month (43 313 failed ssh attempts), with root not getting as far as sshd: cas@txtproof:~$ grep -e sshd /var/log/auth* | awk ' { print $8 }' | sort | uniq -c | sort | tail -n 13 32 administrator 32 stephen 34 administration 34 sales 34 user 35 matt 35 postgres 38 mysql 42 oracle 44 guest 86 test 90 admin 16513 checking

    Read the article

  • Preventing brute force attacks against ssh?

    - by grieve
    What tool or technique do you use to prevent brute force attacks against your ssh port. I noticed in my Security logs, that I have millions of attempts to login as various users through ssh. This is on a FreeBSD box, but I imagine it would be applicable anywhere.

    Read the article

  • I am getting brute forced, what do I do

    - by Saif Bechan
    I am getting brute forced to my email server, IMAP and POP3. I have the full package of ASL installed but it just sends me the OSSEC logs. How can I ban the IP. I thought ASL automatically blocked these attacks after a few wrong tries. How can I do that.

    Read the article

  • Windows Server 2003 W3SVC Failing, Brute Force attack possibly the cause

    - by Roaders
    This week my website has disappeared twice for no apparent reason. I logged onto my server (Windows Server 2003 Service Pack 2) and restarted the World Web Publishing service, website still down. I tried restarting a few other services like DNS and Cold Fusion and the website was still down. In the end I restarted the server and the website reappeared. Last night the website went down again. This time I logged on and looked at the event log. SCARY STUFF! There were hundreds of these: Event Type: Information Event Source: TermService Event Category: None Event ID: 1012 Date: 30/01/2012 Time: 15:25:12 User: N/A Computer: SERVER51338 Description: Remote session from client name a exceeded the maximum allowed failed logon attempts. The session was forcibly terminated. At a frequency of around 3 -5 a minute. At about the time my website died there was one of these: Event Type: Information Event Source: W3SVC Event Category: None Event ID: 1074 Date: 30/01/2012 Time: 19:36:14 User: N/A Computer: SERVER51338 Description: A worker process with process id of '6308' serving application pool 'DefaultAppPool' has requested a recycle because the worker process reached its allowed processing time limit. Which is obviously what killed the web service. There were then a few of these: Event Type: Error Event Source: TermDD Event Category: None Event ID: 50 Date: 30/01/2012 Time: 20:32:51 User: N/A Computer: SERVER51338 Description: The RDP protocol component "DATA ENCRYPTION" detected an error in the protocol stream and has disconnected the client. Data: 0000: 00 00 04 00 02 00 52 00 ......R. 0008: 00 00 00 00 32 00 0a c0 ....2..À 0010: 00 00 00 00 32 00 0a c0 ....2..À 0018: 00 00 00 00 00 00 00 00 ........ 0020: 00 00 00 00 00 00 00 00 ........ 0028: 92 01 00 00 ... With no more of the first error type. I am concerned that someone is trying to brute force their way into my server. I have disabled all the accounts apart from the IIS ones and Administrator (which I have renamed). I have also changed the password to an even more secure one. I don't know why this brute force attack caused the webservice to stop and I don't know why restarting the service didn't fix the problem. What should I do to make sure my server is secure and what should I do to make sure the webserver doesn't go down any more? Thanks.

    Read the article

  • How to brute force keepass with certain letters and characters

    - by bobbyq
    I forgot my password to keepass but I know pretty much what letters and the order they go in, but I'm not sure if I put anything before or after my "main" password or capitalized anything. I tried every combo I could think of but I still can't get in (invalid/wrong key error). I also enabled use master password and key file(on my flash drive). My question is is there a way to brute force keepass with only certain letters and characters in order? An example of the password would be userab12c3d45 sometimes with quotes or underscores at the beginning and end. Or Is there a word list generator that will do this?

    Read the article

  • Suspected brute force attack

    - by HarveySaayman
    Recently I acquired a dedicated server from a local ISP to play around with. As the tags suggest, its a windows server 2008 R2 machine. I've only had it for a few days, and no real traffic is going to it yet. I haven't even deployed a "real" website to it yet. Just a silly page so that I could check IIS, my host headers, DNS records, etc are all configured correctly. While playing around, I noticed a ton of Audit Failure entries in the event viewers security logs. It seems something is trying to access the administrator account, and failing. It smells like a brute force attack to me. My ISP gave me the account details of the administrator account and I used those to RDP into the box, which I've heard is not the securest of situations. I created myself another account and added myself to the administrator group, so im using that account to gain acceess to the machine now. In response to all of this i used http://strongpasswordgenerator.com/ to generate me some 20 character length strong passwords and changed all of my account passwords, even the SQL sa user. I also enabled the auto ban feature of FileZillaServer (my FTP server) My questions: 1) how can i detect this kind of thing better? 2) how can i protect my server from unauthorized access better? PS: I'm a software dev, not a sysadmin so please mind my server security idiot-ness-ness

    Read the article

  • Brute force characters into a textbox in c#

    - by Fred Dunly
    Hey everyone, I am VERY new to programming and the only language I know is C# So I will have to stick with that... I want to make a program that "test passwords" to see how long they would take to break with a basic brute force attack. So what I did was make 2 text boxes. (textbox1 and textbox2) and wrote the program so if the text boxes had the input, a "correct password" label would appear, but i want to write the program so that textbox2 will run a brute force algorithm in it, and when it comes across the correct password, it will stop. I REALLY need help, and if you could just post my attached code with the correct additives in it that would be great. The program so far is extremely simple, but I am very new to this, so. Thanks in advance. private void textBox2_TextChanged(object sender, EventArgs e) { } private void button1_Click(object sender, EventArgs e) { if (textBox2.Text == textBox1.Text) { label1.Text = "Password Correct"; } else { label1.Text = "Password Wrong"; } } private void label1_Click(object sender, EventArgs e) { } } } `

    Read the article

  • Brute force a website

    - by bigbrute
    Hi, there's a website i visit that always has these code giveaways where you get a prize for cracking the code. The code is in a format like this: QBYQC-Y??T3-W7G4R-QP4HG-2WQPT and they'll give you a hint such as two letters or a number and a letter. The solution to this is easy, brute-forcing it. However, I need the software that will make my browser repeatedly enter a new combination. What software can I use on Mac (and if not, Windows)?

    Read the article

  • MS SideWinder Force Feedback Wheel under Win7 x64 - steering works but force feedback not

    - by user24752
    I just bought this second-hand ancient but professional steering wheel: Microsoft SideWinder Force Feedback Wheel. I hooked it up to my Win7 x64 machine, it recognized it without installing anything, it did show up in the "Devices and Printers" section. Right-click - I could calibrate it, I could use it under Flatout2 right away. However, force feedback does not seem to work. The steering wheel has a force-button. If I set it using force feedback, it should lit up according to the manual (originally written for Win98). However, instead of lighting up, it blinks. The manual does not associate anything to blinking. I never used any game controllers before on any Windows. Is there a way to check/calibrate force feedback?

    Read the article

  • computational puzzles (brute force)

    - by acidzombie24
    Not that i need it but it was interesting to hear someone speak about their server and protecting it from DOS attack by having a puzzle that the client must solve before the server will do anything (it doesnt do allocations or make a session unless solved). The person also said puzzles can be made to take a quick amount of time or long. And they are easy to check if it is solve correctly but difficult to solve. What are these puzzles? I never heard of one. Can someone give an example (link?)

    Read the article

  • Virus that tries to brute force attack Active Directory users (in alphabetical order)?

    - by Nate Pinchot
    Users started complaining about slow network speed so I fired up Wireshark. Did some checking and found many PCs sending packets similar to the following: (screenshot) http://imgur.com/45VlI.png I blurred out the text for the username, computer name and domain name (since it matches the internet domain name). Computers are spamming the Active Directory servers trying to brute force hack passwords. It will start with Administrator and go down the list of users in alphabetical order. Physically going to the PC finds no one anywhere near it and this behavior is spread across the network so it appears to be a virus of some sort. Scanning computers which have been caught spamming the server with Malwarebytes, Super Antispyware and BitDefender (this is the antivirus the client has) yields no results. This is an enterprise network with about 2500 PCs so doing a rebuild is not a favorable option. My next step is to contact BitDefender to see what help they can provide. Has anybody seen anything like this or have any ideas what it could possibly be?

    Read the article

  • Disadvantages of the Force.com platform

    - by lomaxx
    We're currently looking at using the Force.com platform as our development platform and the sales guys and the force.com website are full of reasons why it's the best platform in the world. What I'm looking for tho, is some real disadvantages to using such a platform.

    Read the article

  • PHP readfile for force downloading files and images

    - by jiexi
    I want to send files through php using readfile() What i've noticed is that readfile forces a download, but what if i want to show an image in the browser and not force a download? Would readfile still force download even if the file is an image? If it does, is there a solution so i can use tags with it when the file is an image? Thanks!

    Read the article

  • force all urls to www and force domain to non-www

    - by Digital site
    I was trying to force my domain to redirect without www and could success through this code: .htaccess: RewriteCond %{HTTP_HOST} ^www\.domain\.com [NC] RewriteRule ^(.*) http://domain.com/$1 [R=301,L] however, this code is going to redirect all www to non-www, which is not what I want. I just want to make the main domain from www.mydomain.com to mydomain.com and the rest of the urls should be forced to www. any idea how to add or modify the code so I can achieve that through .htaccess ? Update: Thanks to all. I found out that swf file from piecemaker was corrupted and updated it with new one. so now it is all fine and works on both www and non-www. I'm still curious how to solve this issue anyways using .htaccess. Thanks again.

    Read the article

  • Android: heavy traffic on server causes app to force close

    - by user522559
    I have developed an app to communicate with my own server and published it. However, sometimes the app force closes. I know there is no bug in the code because the app works properly most of the time, but sometimes it is waiting for an answer from the server forever. I think this is due to the fact that so many people are using the app, and the app refreshes every 1 second or so, so this heavy traffic causes the server to take a large amount of time to respond. So how do you take care of such a use case? should I have a use case where if the server does not respond after some time you just stop the app and throw a message saying that the server is not responding or something like that?

    Read the article

  • Finding what makes strings unique in a list, can you improve on brute force?

    - by Ed Guiness
    Suppose I have a list of strings where each string is exactly 4 characters long and unique within the list. For each of these strings I want to identify the position of the characters within the string that make the string unique. So for a list of three strings abcd abcc bbcb For the first string I want to identify the character in 4th position d since d does not appear in the 4th position in any other string. For the second string I want to identify the character in 4th position c. For the third string it I want to identify the character in 1st position b AND the character in 4th position, also b. This could be concisely represented as abcd -> ...d abcc -> ...c bbcb -> b..b If you consider the same problem but with a list of binary numbers 0101 0011 1111 Then the result I want would be 0101 -> ..0. 0011 -> .0.. 1111 -> 1... Staying with the binary theme I can use XOR to identify which bits are unique within two binary numbers since 0101 ^ 0011 = 0110 which I can interpret as meaning that in this case the 2nd and 3rd bits (reading left to right) are unique between these two binary numbers. This technique might be a red herring unless somehow it can be extended to the larger list. A brute-force approach would be to look at each string in turn, and for each string to iterate through vertical slices of the remainder of the strings in the list. So for the list abcd abcc bbcb I would start with abcd and iterate through vertical slices of abcc bbcb where these vertical slices would be a | b | c | c b | b | c | b or in list form, "ab", "bb", "cc", "cb". This would result in four comparisons a : ab -> . (a is not unique) b : bb -> . (b is not unique) c : cc -> . (c is not unique) d : cb -> d (d is unique) or concisely abcd -> ...d Maybe it's wishful thinking, but I have a feeling that there should be an elegant and general solution that would apply to an arbitrarily large list of strings (or binary numbers). But if there is I haven't yet been able to see it. I hope to use this algorithm to to derive minimal signatures from a collection of unique images (bitmaps) in order to efficiently identify those images at a future time. If future efficiency wasn't a concern I would use a simple hash of each image. Can you improve on brute force?

    Read the article

  • Brute Force Hardware versus Tuning

    - by jchang
    Every now and then, the question is asked “When will servers be powerful enough that performance tuning will not be necessary.” Sometimes I get the impression this was posed not on technical grounds, but rather that ISVs and CIOs don’t like performance specialists. Fortunately (for me) it does not appear that this will ever happen for two principal reasons: 1) hardware and tuning contribute in such completely different aspects that neither can be ignored, and 2) multi-core processors actually introduce...(read more)

    Read the article

1 2 3 4 5 6 7 8 9 10 11 12  | Next Page >