I just set up(2 minutes ago) a ftp server for my sister using serv-u and already i checked the log and this person from china with a ip 218.10.86.18 is trying to hack the administrator account luckily i don't have a admin account on it :p but yh FUCKING HELL THAT WAS FAST.
i know its from china by using this site.
http://www.hostip.info/index.html
but i blocked their i.p now but still im shocked
![[Image: 51949666.jpg]](http://arch.kimag.es/share/51949666.jpg)
Just wait...
don't be shocked...i get a few hundred eXx1l3d ip per week from all over the world.
People are just running scripts on blocks of ip addresses and you happen to be in the block someone was running..scans for open ports, then attempts to log in annonymously (sometimes logging in using dictionaries of username/password combos) and then log the attempt. If its a good anon access ftp with upload/download capabilities they will share it wit htheir friends and sometimes you will become a temporary dump site. :)
Depending on your software, i set mine up at home and work so that after 10 invalid logins the ip is eXx1l3d and I have nothing to worry about.
Just make sure you don't have anon access open (or for chocolates n giggles, leave it open and see what kind of stuff gets dumped to you)
Can someone help me now. cause basicly nobody can see the ftp but me. i have forwarded all my ports and it still doesn't work
amzter Wrote:Can someone help me now. cause basicly nobody can see the ftp but me. i have forwarded all my ports and it still doesn't work
disable PeerGuardian2 if you have that running, make sure your firewall IS letting your FTP Server App to work properly.
i have checked everything. nutthing
firstly i would get myself a static ip address (assuming you don't already) i use dyndns.org. next see if your router/modem supports dyndns updating, so that when your ip changes it will automatically correct it. that makes sure your ip address is correct. next make sure your allowing complete access to the ftp through whatever firewall your using - remember there will be more than 1 port will need to be forwarded, and don't forget forwarding in the router/modem. next check local access to the ftp (assuming the server is running on the same machine your testing from -
ftp://127.0.0.1:port/path/) if this step fails then they can't see it because somethings preventing it from working.
i would allow a limited any user account till you get it working then you can make it work for a single person - i had to do this initially because setting up a single user account wasn't as easy as it should have been. i can't remember if theres anything else you can try but i will try and help some more if needed. good luck.
Do what SchMilk said and get a FTP Server where every xx amount of fails = temp ban. (And if you want to be mean, make them permabans.) I get these a lot from Europeans IP's. I just set the switch to 5 fails, and call it a night. Keep it up, and its bann. {period}.
FileZilla Server does all of this ^^
:p Try cross-referencing them with the blocklists of PG2, and from iblocklist.com/lists.php
and ban them in PG2.
I used to get around 30 automatic bans a day for brute force attempts at SSH.
Changed the port and now I get none.
It's not really a threat - it's just annoying. If you find it so, just change your FTP port to something else.
Anger Wrote:firstly i would get myself a static ip address (assuming you don't already) i use dyndns.org. next see if your router/modem supports dyndns updating, so that when your ip changes it will automatically correct it. that makes sure your ip address is correct. next make sure your allowing complete access to the ftp through whatever firewall your using - remember there will be more than 1 port will need to be forwarded, and don't forget forwarding in the router/modem. next check local access to the ftp (assuming the server is running on the same machine your testing from - ftp://127.0.0.1:port/path/) if this step fails then they can't see it because somethings preventing it from working.
i would allow a limited any user account till you get it working then you can make it work for a single person - i had to do this initially because setting up a single user account wasn't as easy as it should have been. i can't remember if theres anything else you can try but i will try and help some more if needed. good luck.
I have a static ip address but i don't use dyndns.org,my router does support it though.