hello everyone
Of late, our company has been getting attacks from someone on the internet and this has led us to being black listed. The administrator thinks its through my machine that the attacker is gaining access. I use ubuntu 10.04.3 on a windows network. How can I tell if someone is broken on to my system. something else my machine is trying to override the domain controller. is it possible?
Jump to PostCheck your open ports and install a firewall (i.e. "ufw"). Make sure SSH is disabled.
Jump to PostHi!
What kind of attacks are we talking about here? Blacklisted from what?
If your client somehow is infected and it effects the entire network something is seriously wrong.
Check your open ports and install a firewall (i.e. "ufw"). Make sure SSH is disabled.
Hi!
What kind of attacks are we talking about here? Blacklisted from what?
If your client somehow is infected and it effects the entire network something is seriously wrong.
To enhance your system against bruteforce attacks you may want to use fail2ban, which blocks multiple SSH attempts. You may look at [http://www.daniweb.com/hardware-and-software/linux-and-unix/threads/417280/configuring-iptables-to-block-multiple-ssh-attempts](this recently solved post).
You can also read the [http://www.la-samhna.de/library/brutessh.html](excellent post by Rainer Wichmann) that discusses bruteforce attacks.
Good luck!
-FH
Oops the links came a bit garbled, sorry.
First link to solved post.
And link to Rainer Wichmann's post about bruteforce
On a second thought, you can also look through /var/log/auth.log to see if someone's been naughty. There are several logs in the /var/log directory that are useful to see if someone is trying to access your machine. Try to look for ssh attempts in hours/times when you weren't the one initiating them.
This is, of course, if the attack you are refering to is ssh attack.
-FH
We're a friendly, industry-focused community of developers, IT pros, digital marketers, and technology enthusiasts meeting, networking, learning, and sharing knowledge.