1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Some A**Hole is brute forcing my VPS

Discussion in 'BlackHat Lounge' started by TwistedMarketing, Sep 5, 2010.

  1. TwistedMarketing

    TwistedMarketing Regular Member

    Joined:
    Apr 18, 2008
    Messages:
    279
    Likes Received:
    113
    When I try to login, this is the message I get :

    This account is currently locked out because a brute force attempt was detected. Please wait a few minutes and try again. Attempting to login again will only increase this delay. If you frequently experience this problem, we recommend having your username changed to something less generic.


    Anything I should be doing ?
     
  2. Theodore

    Theodore Power Member

    Joined:
    Oct 13, 2009
    Messages:
    679
    Likes Received:
    266
    i would contact your hosting company and change your username.
    And please dont say your username is Admin.... lol
     
  3. TwistedMarketing

    TwistedMarketing Regular Member

    Joined:
    Apr 18, 2008
    Messages:
    279
    Likes Received:
    113
    Have already opened a ticket with them :target:
     
  4. minute80

    minute80 Regular Member

    Joined:
    Dec 3, 2008
    Messages:
    310
    Likes Received:
    81
    Report it to hosting company they will block ip range.
     
    • Thanks Thanks x 1
  5. qwidjib0

    qwidjib0 Newbie

    Joined:
    Jun 22, 2010
    Messages:
    43
    Likes Received:
    5
    There's actually a pretty good chance if you're seeing this message that the brute forcer was you. In my experience it's generally just an FTP client that automatically reconnected 5 times with the wrong credentials. If they happen to be using CSF Firewall (which is most commonly paired with cPanel), it should give them a detail line that explains what IP did what, but usually will only block that IP.

    If you have root access you can also employ your own automated methods (APF or CSF Firewall each work nice for this)- generally data center IP ranges see at least dozens of automated attacks attempted daily.
     
  6. TwistedMarketing

    TwistedMarketing Regular Member

    Joined:
    Apr 18, 2008
    Messages:
    279
    Likes Received:
    113
    Good information, but I have checked my "cPHulk Brute Force Protection" section and I can see there are many failed login attempts from different IPs and using different usernames :(