howto prevent outgoing brute-force attacks

Community support for Plesk, CPanel, WebMin and others with insight from two of the founders of Plesk. Ask for help here! No question is too simple or complicated. :-)
wgalafassijr
New Forum User
New Forum User
Posts: 1
Joined: Wed Nov 23, 2016 9:09 am
Location: Brazil

howto prevent outgoing brute-force attacks

Unread post by wgalafassijr »

Hi,

Recently i have 2 security incidents caused by outdated software used by our customers (shared server).
In both cases an outdated joomla installation permit code execution and my server was been used to try brute-force attacks to others servers wordpress.
Something like this: https://nixtree.com/blog/detecting-word ... om-server/
My question is how is possible to prevent and detect this. What is the best way to deal with this because i can't force all customers to have updated software and i believe that exist a way to sniff periodicly the traffic or check the outgoing traffic, etc...
I'm looking for some security tool for that. Some ideas?

Thanks for advice,
Wilson
faris
Long Time Forum Regular
Long Time Forum Regular
Posts: 2321
Joined: Thu Dec 09, 2004 11:19 am

Re: howto prevent outgoing brute-force attacks

Unread post by faris »

Well, I'd be keen to know why the site was able to be compromised if your server was running ASL.

I know that ASL can't protect against everything. One site on one of our systems was compromised via a vulnerability in the script. But if we can discover what was going on, it might help to create a new rule to protect against the same thing happening again.
--------------------------------
<advert>
If you want to rent a UK-based VPS that comes with friendly advice and support from a fellow ART fan, please get in touch.
</advert>
Post Reply