Results 1 to 4 of 4
  1. #1
    Join Date
    Jul 2006
    Posts
    190

    Bruteforced by EV1Servers???!

    WTF...does this mean what i think it means?


    The remote system ev1s-205.15.67-34.ev1servers.net was found to have exceeded acceptable login failures on *******.******.***; there was 137 events to the service sshd. As such the attacking host has been banned from further accessing this system. For the integrity of your host you should investigate this event as soon as possible.

    Executed ban command:
    /etc/apf/apf -d ev1s-205.15.67-34.ev1servers.net {bfd.sshd}

    The following are event logs from ev1s-205.15.67-34.ev1servers.net on service sshd (all time stamps are GMT -0700):

    Oct 24 03:23:08 www1 sshd[1858]: reverse mapping checking getaddrinfo for ev1s-205.15.67-34.ev1servers.net failed - POSSIBLE BREAKIN ATTEMPT!

    Advice?

  2. #2
    Join Date
    Nov 2000
    Location
    Holland
    Posts
    246
    That's not a break-in by Ev1Servers, it's by someone who has an server or acocunt at Ev1Servers.

    So I'd say send this to Ev1Servers' abuse departement and have them handle it.

  3. #3
    Join Date
    Jul 2006
    Posts
    190
    Done that.

  4. #4
    Join Date
    May 2004
    Location
    Toronto, Canada
    Posts
    5,084
    Thats all you can do then. But it isn't EV1 as a company that is trying to get your box lol.
    André Allen | E: aallen(a)linovus.ca
    Linovus Holdings Inc
    Shared Hosting, Reseller Hosting, VPS, Dedicated Servers & Public Cloud | USA, Canada & UK - 24x7x365 Support

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •