iceraven721 Posted February 17, 2009 Share Posted February 17, 2009 Hey, I have a person who is DDOSing my servers through FTP. Is there any way to configure IP bans for ftp or change the ftp server port to something like 42? Thanks Link to comment Share on other sites More sharing options...
jcroom Posted February 17, 2009 Share Posted February 17, 2009 System Settings > Plugins Manager > TC_Security Link to comment Share on other sites More sharing options...
ECF Posted February 17, 2009 Share Posted February 17, 2009 TO change the FTP port goto System Settings Servers and click on the server line. Change the FTP port and then restart your monitor program. Link to comment Share on other sites More sharing options...
no-server Posted February 17, 2009 Share Posted February 17, 2009 But he will search an other Port. Just get a good anti-ddos system, ban his ips (ask the provider). Link to comment Share on other sites More sharing options...
Johnny5_Hull Posted February 17, 2009 Share Posted February 17, 2009 Is the attack you are having a DOS attack, or DDos attack? If it's a simple DOS attack, it can be quite easy to stop, if it's a DDOS attack, you better start calling the bank manager up and getting your good suit out Just as a side note, if it is the same Ip that is performing the attacks (doubtful I know, but...) then you could always config your firewall tyo block this person out. It is by far the better solution to have your security OUTSIDE your servers, rather than just on them, think castles with walls outside them If you do not have a firewall, then I suggest you either invest in getting one, or alternatively speak to whoever hosts your server or co-locates it for you, as the professional ones amongst us will always be able to offer a shared firewall solution of sorts. Remember if you don't have a firewall solution in place, you are just asking for trouble!! If you do have a firewall and the intruder is still getting through, speak to the datacenter/isp who manages the network, they will be able to provide not only detailed reports on the attacks, but also offer some really good solutions on how to prevent this from happening. Link to comment Share on other sites More sharing options...
Dan M Posted February 17, 2009 Share Posted February 17, 2009 Indeed, as the post relatively stated above... DDOS = Distributed Denial of Service attack DOS = Denial of Service Attack Distributed meaning more than one person. I would contact whoever you are hosted with, mainly the datacenter and ask them about protection.. many setups vary as to how protection can be implemented Good luck Link to comment Share on other sites More sharing options...
nosit1 Posted February 17, 2009 Share Posted February 17, 2009 If you do have a firewall and the intruder is still getting through, speak to the datacenter/isp who manages the network, they will be able to provide not only detailed reports on the attacks, but also offer some really good solutions on how to prevent this from happening. They will be able to filter IP's on a upstream basis rather than at server level, making it harder for the intruders to penetrate. Link to comment Share on other sites More sharing options...
Magnetar Posted April 25, 2009 Share Posted April 25, 2009 But they can just get new IPs or give all their hacker buddies the hack tools and do it again. You can't stop them that way if they really want your servers down. Keep blocking their IPs and IP subnets but... Call their ISPs and get their Internet services shut down for DOS attacks coming from the US. Then call the FBI if you have logs. Send them all the logs and any other info you have on them. If it is DDOS coming from China or Korea IP block both countries IP subnets for example. I had to block both of them, too many attacks were coming in for over there. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.