-
Prescript: The last paragraph of this post is important reading for any adult webmaster,
using Strongbox or not.
There are two main types of notices you may receive. One type will mention an
apparent brute force attack in the email. Those indicate that indeed someone
is probably trying a brute force attack, or to be more technically correct a dictionary
attack. That's really nothing to worry about most of the time. In the rare case
where the attacker is able to put enough load on the server to make it noticeably
slower or the attack goes on for more than a couple of hours you may want to take
some action. If the attack is not noticeably slowing the server or going on for days,
just smile and be glad that Strongbox is protecting you.
If some action IS needed, look at the Strongbox reports, checking to see if just a few IPs
are responsible for most of the attack. If so, those few IPs can be directly blocked via
.htaccess or better yet via your firewall. On the other hand if the attempts are fairly
evenly spread over thousands of IPs, we have some addon scripts you can use to
help Strongbox more efficiently handle such a huge attack by automatically adding IPs
to .htaccess or preferably to your firewall in an efficient manner.
On the other hand, there is another type of email that warns you of compromised
passwords. If you get many of these with different user names that means many of
your passwords are compromised. Most likely, the attacker has found some security
hole in some PHP script you use and used it to download your whole password file.
Because your password file is using decades old encryption that can be easily cracked,
the attacker then decrypts all of your passwords and posts them on password sites.
This can be a real headache. If this has NOT happened to you yet, imagine what it
would be like if it did and consider upgrading your processor's password management
script to our improved version with strong encryption. More information on how to prevent
that and what to do if it has already happened is available on our site:
http://bettercgi.com/strongbox/passgen/
http://bettercgi.com/strongbox/passg...adyhacked.html
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
Reply With Quote
Bookmarks