Dashboard Articles Playground Discussions More
Follow

Mail server under attack

focus_dammit
7 years ago | edited 7 years ago

0

Somebody for the last few days has been trying persistently to hack my mail server i own a personal website that i run from home for my personal use first im not exactly sure how they got my address in the first place but someone has been trying to hack it for the last few days
so far i have blocked more than 50 ip addresses they have not succeeded yet they are using dictionary attack the ip addresses seem to be from different places around world i did a port scan on one of the ips (197.245.94.133) and found 3389 was open and decided to connect but
cant crack the password but i was able to discover the account guest is active and is password protected if somebody wants to hack them they are more than welcome has somebody else been targeted by this im going to leave a list of some of the ips they’ve been using..

190.115.163.186
210.239.210.80
96.57.19.234
112.124.76.177
89.216.104.92
82.200.170.116
113.161.80.16
79.70.254.117
217.111.170.217
109.226.61.122
97.101.54.96
96.57.19.234
115.70.20.115
184.68.15.58
183.136.237.112
78.131.87.207
74.92.63.173
181.222.235.252
58.19.180.138
80.152.209.142
58.62.55.140
221.132.28.29
94.183.4.136
200.41.170.131
68.191.218.91
201.190.192.24
114.43.251.208
197.14.14.150

9replies
5voices
245views
dloser
7 years ago

0

This doesn’t necessarily mean you are being specifically targeted. It is common for bots to just scan IP ranges for potentially exploitable services and try to brute force logins when they find one. Best solution is probably something like fail2ban.

B.t.w., you might want to invest in some punctuation.

? [bolofecal]
7 years ago | edited 7 years ago

0

fail2ban is good. You think hard capcthas is need too?

 

?

Image

focus_dammit
7 years ago

0

Thank You for recommending fail2ban very useful tool.
I had no idea something like this existed.

dloser
7 years ago | edited 7 years ago

0

@bolofecal**: captcha on the mail server? oO

220 mail.focus_dammit.**com  
HELO there  
250 Hello spammer!  
RCPT TO: bolofecal@aol.**com  
503 Please do a captcha first  
CAPTCHA  
217     *****     *******   **    **  ********   *******    
217   **   **   **     **   **  **   **        **     **   
217  **   ****  **           ****    **               **   
217 ** *** **  ********      **     ******     *******    
217  ****   **  **     **     **     **        **         
217  **   **   **     **     **     **        **          
217  *****     *******      **     **        *********   
QUIT fuck this shit... i'm only a bot...
? [bolofecal]
7 years ago

0

Because require user and pass lol I not configure mail server before.

 

?

Image

SIGKILL [r4v463]
7 years ago

0

[quote=dloser]i’m only a bot…[/quote]

I was sure you were one :p

? [bolofecal]
7 years ago

0

Your captcha remember me the 6/5 - Ascii art from rankk.org lol

 

?

Image

Mugi [Mugiwara27]
7 years ago

0

such a good bot wow

 

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ‘\’‘ at line 1

SIGKILL [r4v463]
7 years ago

0

He’s a bot based on quantum AI

You must be logged in to reply to this discussion. Login
1 of 10

This site only uses cookies that are essential for the functionality of this website. Cookies are not used for tracking or marketing purposes.

By using our site, you acknowledge that you have read and understand our Privacy Policy, and Terms of Service.

Dismiss