A hacker in my VPS Server! Please help me stop h

There are 7 replies in this Thread which was already clicked 666 times. The last Post () by afoenis.

    Hello,


    There is a hacking in my VPS Server that take everytime lines from my server. I saw the log file and found no IP, only mine, so he is using a VPN that doesn't log his IP. I already changed 4 times my password but he has everytime acces to my server. I scanned my PC with all different scanners and found no virus. Is there a way that only me can log in in my server ?


    Thanks for the help!

    Check your router settings mate, maybe he is getting access through there and maybe you could do something like -


    Code
    http://linuxsat-support.com/enigma2-tutorials/14664-how-configure-ssh-key-authentication.html


    I am not obligated, or connected to any particular brand, seller or retailer so any opinions given are not biased in anyway.
    Any information given is for hobby and research purposes only, and whilst every effort is made to ensure that all my responses are accurate, - Any action you may take based on my replies is done so at your own risk.
    Viewing Premium Channels or Media, without paying for them is illegal and if you do so, you do so at your own risk!

    BpGgW.jpg



    • Official Post

    First i would install webmin; Webmin


    Then install ConfigServer Security & Firewall; ConfigServer Security & Firewall


    Use Webmin to check the system logs and find the hackers ip address, then you can quick deny with ConfigServer Security & Firewall.


    Port 80 is used for HTTP/apache, you`re not running a webserver so theres no need for this port to be open, close it.


    Change SSH port 22 to something else less obvious to the hacker and open new port in ConfigServer Security & Firewall.


    Setup a new FTP user and lock root access to the server.


    If you need help with any of this let us know buddy.

    A lot of default ports still in the setup
    12000 and 16001 are defaults settings for all the setup files/scripts run on this site so that may be the start of the problem!


    You should change ANY and ALL default port settings and Passwords given in any set up scripts for added security!


    Try changing them and then go from there.....Master G should/will add if anything else is required but either way change them settings



    And he beat me to it lol



    lssdalogo.png



    "Don't Gain The World & Lose Your Soul, Wisdom Is Better Than Silver Or Gold"
    “Herb is the healing of a nation, alcohol is the destruction”




    Thanks a lot guys!! There is 1 think, he is using a nVPN, so it doesn't save any logs with his IP

Participate now!

Don’t have an account yet? Register yourself now and be a part of our community!

Register Yourself Login