Hacking attempt on server

[guest2013-1]

I would do the following :

1. Put a good firewall up, open port 1194 incoming. (Remember to open other ports as well... eg port 80 HTTP for other services). Keep RDP and VNC ports closed.
2. Install openVPN on the server.
3. Use openVPN to connect to the server, then you can RDP/VNC with ease.

All the ne'er-do-wells will see is that port 1194 and port 80 is open - and they can do nothing without the correct openVPN certificates anyway.

+1

Don't rely on windows firewall, it means that the request already got through to your machine, even if you actively deny it. Get a seperate hardware firewall, it really isn't that much more expensive. Then do what Librarian said.

The worst that can happen is they DDos you on port 80, and even then the hardware firewall should protect your ass

 

[koffiejunkie]

The worst that can happen is they DDos you on port 80, and even then the hardware firewall should protect your ass

That's a sweeping statement. Do you mind explaining?

 

[Tim the Techxpert]

Hi there ViperGTI
I asked my anti-hacking friend for his views.
He said the following (yes he is a man of few words)
Limit RDP to static IP ( or few IP's ) work, home etc. or IP ranges ( ie 196.x.x.x 41.x.x.x ) and you should limit fake RDP requests only to ZA range.

You are never going to stop the hackers. It is a bit like getting rid of termites - you can't. You really want to discourage them from visiting you.

Regards

Tim

 

[ViperGTI]

Thanks. I'll look into how to block RDP requests from non-za somehow. However, I haven't had any failed login attempts since activating the Hetzner Firewall. (hopefully not any successful ones either )

 

[jpd]

Move to a better web hosting provider or fix your app.

 

[ViperGTI]

Move to a better web hosting provider or fix your app.

Who is this fruitloop? :wtf:

 

[jpd]

Who is this fruitloop? :wtf:

That would be you

 

[ViperGTI]

That would be you

I don't think so... your one line response had no bearing on the topic. But let's examine:

Move to a better web hosting provider

Firstly, this has nothing to do with the provider. This isn't shared hosting, it is a dedicated server and the clients are responsible for their own security.
Secondly, Hetzner is one of the better hosting providers in SA. It is rare to find better value for money than what they're offering.

or fix your app.

What app???? My apps don't need fixing as they are working fine. The problem was related to someone trying to log onto my server. My apps were not even mentioned.


At first I thought there is some competition running and you are spamming with posts in order to qualify, but then I checked your profile where you state that you're the CEO of Webnow... which is why I'm assuming you're just clowning around.

 

[stacyeva87]

Block the Ip from where it come hacking attempts

 

[noswal]

Going sligtly OT but with the firewall on my pc all ports are closed to incoming traffic to avoid attacks, hence what the firewall is there for, why would you have any open? For me to connect to any service my ports have outbound access.

 

[ld13]

Going sligtly OT but with the firewall on my pc all ports are closed to incoming traffic to avoid attacks, hence what the firewall is there for, why would you have any open? For me to connect to any service my ports have outbound access.

In certain situations a desktop PC might need open incoming ports for applications like TeamViewer/uTorrent or some gaming services etc. No one would be able to connect to your Counterstrike/Teamviewer/Teamspeak server that is running on your PC if you did not have the correct incoming port open.

With a web server the same thing applies. Without an open port 80 (or whatever other ports are needed for the services run thereon) the web server would not be accessible from the internet at all and thereby render it useless.