Hi,
Recently i have 2 security incidents caused by outdated software used by our customers (shared server).
In both cases an outdated joomla installation permit code execution and my server was been used to try brute-force attacks to others servers wordpress.
Something like this: https://nixtree.com/blog/detecting-word ... om-server/
My question is how is possible to prevent and detect this. What is the best way to deal with this because i can't force all customers to have updated software and i believe that exist a way to sniff periodicly the traffic or check the outgoing traffic, etc...
I'm looking for some security tool for that. Some ideas?
Thanks for advice,
Wilson
howto prevent outgoing brute-force attacks
-
- New Forum User
- Posts: 1
- Joined: Wed Nov 23, 2016 9:09 am
- Location: Brazil
Re: howto prevent outgoing brute-force attacks
Well, I'd be keen to know why the site was able to be compromised if your server was running ASL.
I know that ASL can't protect against everything. One site on one of our systems was compromised via a vulnerability in the script. But if we can discover what was going on, it might help to create a new rule to protect against the same thing happening again.
I know that ASL can't protect against everything. One site on one of our systems was compromised via a vulnerability in the script. But if we can discover what was going on, it might help to create a new rule to protect against the same thing happening again.
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>