People trying to hack my MS FTP server (but they're not getting in)
- From: "Spin" <Spin@xxxxxxxx>
- Date: Tue, 18 Oct 2005 16:36:23 -0400
Experts,
Periodic review of my system event logs indicate multiple attempts from the
same IP address to logon to my MS FTP server with accounts which do not
exist. I then jumped over to the C:\WINDOWS\system32\LogFiles\MSFTPSVC1
directory and reviewed the text file logs of the same date. Lo an behold,
this is where I verified that six times within the last 30 days, multiple
attempts from the same IP address to logon to my MS FTP server with accounts
which do not exist. Like on the first of the month it would be from one IP,
a few days later from another, etc. The 230, 331, 550 indicate that they
are not getting in (I do not allow anonymous logon). From the security tab
of the FTP Service properties, I have denied these IP addresses individually
to prevent further attacks from them. I have no doubt that I will continue
to have to do this, the nature of the Internet being what it is today.
My next question is, I wonder if I can go after the owner of these IP
addresses in court, for (1) attempting to hack into my system and (2) using
up system resources while doing so. None of these attacks last for more
than two minutes though.
.
- Follow-Ups:
- Re: People trying to hack my MS FTP server (but they're not getting in)
- From: Todd J Heron
- Re: People trying to hack my MS FTP server (but they're not getting in)
- From: Chris Crowe [MVP 2005/2006]
- Re: People trying to hack my MS FTP server (but they're not getting in)
- Prev by Date: Re: 550 when connecting
- Next by Date: Re: People trying to hack my MS FTP server (but they're not getting in)
- Previous by thread: IIS 6 FTP setup no domain
- Next by thread: Re: People trying to hack my MS FTP server (but they're not getting in)
- Index(es):
Relevant Pages
|
Loading
