Received this reply from Nick about the latest attacks on Jaguar
Quote:
Hello David,
I apologize for replying late.
Yes it was done using the same method of BFD and password crack.
Pure-FTPd is a fast, production-quality and standards-compliant FTP server.
Pure-FTPd contains a bug in the accept_client function handling the setup of new connections. When the maximum number of connections is reached an attacker could exploit this vulnerability to perform a Denial of Service attack or Brute Force Attack. There is no known workaround at this time.
The only solution is to upgrade the pure-ftpd version to latest stable version pure-ftpd v1.0.21 which is already done.
Also, we have installed the BFD on sever and reduced the number connection per IP address per sec. This will block the IP if there are more than 4 connections per IP per sec.
I am still investigating it and would update you if there any configuration changes made on server.
Regards,
NickJ
Senior Admin
Support Team.
|
So I guess the attacks may well continue - and all we can do is check
website hostings every day and perhaps change passwords every day. As I have well over 60
website hostings on this server that is a lot of checking and cleaning to do every day - my business is starting to suffer due to all this extremely time consuming extra work!
David
Ps What is BFD (i thought it was Brute Force something - but as Nick says its installed on the server I guess not)