AudioVayne
Posts: 82 +0
I've setup my own FTP server to share files with family over the net, access files I might need from home etc. I've just looked at my logfile and I'm curious if someones trying to hack my server.
Is there anything I can do to help prevent people hacking my server?
Cheers for your help
Copied from Logfile: - the 15th of this month onwards. The same sorta entries have been going on since the 22-Dec-09. But I get the feeling I wont need to copy n paste that much.
[2010-01-15 00:55:53]:COMMAND [ 1] - USER webmaster
[2010-01-15 00:55:53]: REPLY [ 1] - 331 User webmaster, password please
[2010-01-15 00:55:53]:COMMAND [ 1] - USER webmaster
[2010-01-15 00:55:53]: REPLY [ 1] - 331 User webmaster, password please
[2010-01-15 00:55:54]:COMMAND [ 1] - USER webmaster
[2010-01-15 00:55:54]: REPLY [ 1] - 331 User webmaster, password please
[2010-01-15 00:55:54]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:55:58]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:55:58]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:02]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:02]:COMMAND [ 1] - USER webmaster
[2010-01-15 00:56:02]: REPLY [ 1] - 331 User webmaster, password please
[2010-01-15 00:56:02]:COMMAND [ 1] - USER user
[2010-01-15 00:56:02]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:03]:COMMAND [ 1] - USER user
[2010-01-15 00:56:03]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:03]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:07]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:07]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:11]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:11]:COMMAND [ 1] - USER user
[2010-01-15 00:56:11]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:12]:COMMAND [ 1] - USER user
[2010-01-15 00:56:12]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:12]:COMMAND [ 1] - USER user
[2010-01-15 00:56:12]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:12]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:16]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:16]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:20]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:20]:COMMAND [ 1] - USER user
[2010-01-15 00:56:20]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:20]:COMMAND [ 1] - USER user
[2010-01-15 00:56:20]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:21]:COMMAND [ 1] - USER user
[2010-01-15 00:56:21]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:21]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:25]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:25]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:29]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:29]:COMMAND [ 1] - USER user
[2010-01-15 00:56:29]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:29]:COMMAND [ 1] - USER root
[2010-01-15 00:56:29]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:30]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:34]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:34]:COMMAND [ 1] - USER root
[2010-01-15 00:56:34]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:34]:COMMAND [ 1] - USER root
[2010-01-15 00:56:34]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:34]:COMMAND [ 1] - USER root
[2010-01-15 00:56:34]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:35]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:39]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:39]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:43]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:43]:COMMAND [ 1] - USER root
[2010-01-15 00:56:43]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:43]:COMMAND [ 1] - USER root
[2010-01-15 00:56:43]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:43]:COMMAND [ 1] - USER root
[2010-01-15 00:56:43]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:44]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:48]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:48]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:52]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:52]:COMMAND [ 1] - USER root
[2010-01-15 00:56:52]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:52]:COMMAND [ 1] - USER root
[2010-01-15 00:56:52]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:52]:COMMAND [ 1] - USER root
[2010-01-15 00:56:52]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:52]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:56]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:56]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:57:00]: ERROR [ 1] - Unable to send data
[2010-01-15 00:57:00]: WARN [ 1] - Closing connection: An established connection was aborted by the software in your host machine.
[2010-01-15 00:57:00]:CONNECT [ 1] - Connection Terminated
[2010-01-15 20:36:03]: SYSTEM [Server] - WAN IP detected as 60.234.143.178
[2010-01-16 05:37:45]:CONNECT [ 2] - Incoming connection request on interface 192.168.2.20
[2010-01-16 05:37:45]:CONNECT [ 2] - Connection request accepted from 125.211.216.232
[2010-01-16 05:37:45]: ERROR [ 2] - Unable to send welcome message
[2010-01-16 05:37:45]:SUGGEST [ 2] - Check that a firewall is not blocking connections
[2010-01-16 05:37:45]: ERROR [ 2] - Error: Unable to send Welcome message - Terminating connection
[2010-01-16 05:37:45]:CONNECT [ 2] - Connection Terminated
[2010-01-16 20:06:05]: SYSTEM [Server] - WAN IP detected as 60.234.143.178
[2010-01-17 02:45:17]:CONNECT [ 3] - Incoming connection request on interface 192.168.2.20
[2010-01-17 02:45:17]:CONNECT [ 3] - Connection request accepted from 203.251.81.197
[2010-01-17 02:45:21]: SYSTEM [ 3] - The client closed the connection
[2010-01-17 02:45:21]:CONNECT [ 3] - Connection Terminated
[2010-01-17 05:03:25]:CONNECT [ 4] - Incoming connection request on interface 192.168.2.20
[2010-01-17 05:03:25]:CONNECT [ 4] - Connection request accepted from 203.251.81.197
[2010-01-17 05:03:28]: SYSTEM [ 4] - The client closed the connection
[2010-01-17 05:03:28]:CONNECT [ 4] - Connection Terminated
[2010-01-17 19:36:07]: SYSTEM [Server] - WAN IP detected as 60.234.143.178
[2010-01-18 19:06:12]: SYSTEM [Server] - WAN IP detected as 60.234.143.178
Is there anything I can do to help prevent people hacking my server?
Cheers for your help
Copied from Logfile: - the 15th of this month onwards. The same sorta entries have been going on since the 22-Dec-09. But I get the feeling I wont need to copy n paste that much.
[2010-01-15 00:55:53]:COMMAND [ 1] - USER webmaster
[2010-01-15 00:55:53]: REPLY [ 1] - 331 User webmaster, password please
[2010-01-15 00:55:53]:COMMAND [ 1] - USER webmaster
[2010-01-15 00:55:53]: REPLY [ 1] - 331 User webmaster, password please
[2010-01-15 00:55:54]:COMMAND [ 1] - USER webmaster
[2010-01-15 00:55:54]: REPLY [ 1] - 331 User webmaster, password please
[2010-01-15 00:55:54]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:55:58]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:55:58]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:02]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:02]:COMMAND [ 1] - USER webmaster
[2010-01-15 00:56:02]: REPLY [ 1] - 331 User webmaster, password please
[2010-01-15 00:56:02]:COMMAND [ 1] - USER user
[2010-01-15 00:56:02]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:03]:COMMAND [ 1] - USER user
[2010-01-15 00:56:03]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:03]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:07]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:07]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:11]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:11]:COMMAND [ 1] - USER user
[2010-01-15 00:56:11]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:12]:COMMAND [ 1] - USER user
[2010-01-15 00:56:12]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:12]:COMMAND [ 1] - USER user
[2010-01-15 00:56:12]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:12]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:16]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:16]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:20]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:20]:COMMAND [ 1] - USER user
[2010-01-15 00:56:20]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:20]:COMMAND [ 1] - USER user
[2010-01-15 00:56:20]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:21]:COMMAND [ 1] - USER user
[2010-01-15 00:56:21]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:21]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:25]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:25]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:29]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:29]:COMMAND [ 1] - USER user
[2010-01-15 00:56:29]: REPLY [ 1] - 331 User user, password please
[2010-01-15 00:56:29]:COMMAND [ 1] - USER root
[2010-01-15 00:56:29]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:30]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:34]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:34]:COMMAND [ 1] - USER root
[2010-01-15 00:56:34]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:34]:COMMAND [ 1] - USER root
[2010-01-15 00:56:34]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:34]:COMMAND [ 1] - USER root
[2010-01-15 00:56:34]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:35]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:39]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:39]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:43]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:43]:COMMAND [ 1] - USER root
[2010-01-15 00:56:43]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:43]:COMMAND [ 1] - USER root
[2010-01-15 00:56:43]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:43]:COMMAND [ 1] - USER root
[2010-01-15 00:56:43]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:44]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:48]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:48]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:52]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:52]:COMMAND [ 1] - USER root
[2010-01-15 00:56:52]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:52]:COMMAND [ 1] - USER root
[2010-01-15 00:56:52]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:52]:COMMAND [ 1] - USER root
[2010-01-15 00:56:52]: REPLY [ 1] - 331 User root, password please
[2010-01-15 00:56:52]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:56:56]: REPLY [ 1] - 530 Not logged in. Username/password incorrect, user disabled, or user logged in too many times
[2010-01-15 00:56:56]:COMMAND [ 1] - PASS ***********
[2010-01-15 00:57:00]: ERROR [ 1] - Unable to send data
[2010-01-15 00:57:00]: WARN [ 1] - Closing connection: An established connection was aborted by the software in your host machine.
[2010-01-15 00:57:00]:CONNECT [ 1] - Connection Terminated
[2010-01-15 20:36:03]: SYSTEM [Server] - WAN IP detected as 60.234.143.178
[2010-01-16 05:37:45]:CONNECT [ 2] - Incoming connection request on interface 192.168.2.20
[2010-01-16 05:37:45]:CONNECT [ 2] - Connection request accepted from 125.211.216.232
[2010-01-16 05:37:45]: ERROR [ 2] - Unable to send welcome message
[2010-01-16 05:37:45]:SUGGEST [ 2] - Check that a firewall is not blocking connections
[2010-01-16 05:37:45]: ERROR [ 2] - Error: Unable to send Welcome message - Terminating connection
[2010-01-16 05:37:45]:CONNECT [ 2] - Connection Terminated
[2010-01-16 20:06:05]: SYSTEM [Server] - WAN IP detected as 60.234.143.178
[2010-01-17 02:45:17]:CONNECT [ 3] - Incoming connection request on interface 192.168.2.20
[2010-01-17 02:45:17]:CONNECT [ 3] - Connection request accepted from 203.251.81.197
[2010-01-17 02:45:21]: SYSTEM [ 3] - The client closed the connection
[2010-01-17 02:45:21]:CONNECT [ 3] - Connection Terminated
[2010-01-17 05:03:25]:CONNECT [ 4] - Incoming connection request on interface 192.168.2.20
[2010-01-17 05:03:25]:CONNECT [ 4] - Connection request accepted from 203.251.81.197
[2010-01-17 05:03:28]: SYSTEM [ 4] - The client closed the connection
[2010-01-17 05:03:28]:CONNECT [ 4] - Connection Terminated
[2010-01-17 19:36:07]: SYSTEM [Server] - WAN IP detected as 60.234.143.178
[2010-01-18 19:06:12]: SYSTEM [Server] - WAN IP detected as 60.234.143.178