-
Quote:
Originally posted here by nebulus200
As for the weird usernames, you have me on that one.
If you had the anonymous FTP on for a while, you probably drew the attention of a few WAREZ folks, as more and more people hit it and find it is no longer there anymore and is invalid, the number of those attempts will eventually go down to 0...
Any time you setup a service, ESPECIALLY a micro$oft one (because they love to do very insecure things by default), you should have a set of procedures that you go through to ensure that the configuration is as safe and tight as you can make it. It is something that you should get into the practice of, otherwise things could be alot worse than they were this time... It won't garuntee that you aren't hacked, but it will sure as hell make it more difficult...
I remember first setting up the FTP, and I know that I disabled anonymous access. So it never did have anonymous access enabled.
MS is retarded like that. Why would they make anonymous access enabled by default? Ridiculous. There has to be a way to change that default setting. I'm going to do some research. If I find anything I'll be sure to post.
-
might wanna check google, if you got an FTP link on there or a page that links another webpage to it, it will shout to warez sites that you have an ftp up and running. if your not sure if your on google, check "link:[x.x.x.x]" being your ip address, if you have a website that links to the FTP server then you might wanna check the URL in google also (again, link:www.youweb.com) theres a good research point to start.
also, anonymous access by default isnt a bad thing if you have the proper sharing policy for the guest account by default also, how else do you think that these massive download sites (like www.kernal.org or www.download.com) run without you having to register to get a username to download one little small file........ as long as your guest account cant write anything you should be basicly safe from warez kiddies.
hope thats a help
-
Quote:
Originally posted here by LoggOff
might wanna check google, if you got an FTP link on there or a page that links another webpage to it, it will shout to warez sites that you have an ftp up and running. if your not sure if your on google, check "link:[x.x.x.x]" being your ip address, if you have a website that links to the FTP server then you might wanna check the URL in google also (again, link:www.youweb.com) theres a good research point to start.
Tried them both already. :) No links to the IP Address anywhere, and I also searched for just the IP Address, and no results.
I wrote: [email protected] just for shits and giggles to see if he/she replies with anything. Should be interesting.
-
this could be a really dumb idea but mabye they have the wrong ip address and its an accident. thats my only idea for the wierd names. if someone was trying to hack you one would think they would use more common names... you can probably block the ip's with the ftp server if the same ones are always appearing, at least thats an option on my server. theres also firewalls blah blah blah
-
hell, then id probly write it off as a typo. someone was trying to access the wrong ip or wrong address...... then they saw it and corrected it......... then again mabee not, cause the same user/pass would show up a couple of times before they catch it most likely.... hmmmm itd still be a good idea to change the password a bit more often....... you know, normal security routine.....
