1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Warning about using Webmin (port 10000)

Discussion in 'Plesk for Linux - 8.x and Older' started by jamesyeeoc, Jun 28, 2005.

  1. jamesyeeoc

    jamesyeeoc Guest

    For those of you out there who have decided to use Webmin on your Plesk server, be advised that several of my honey pot servers have (the last couple of days) been showing signs of dictionary and brute force password attacks happening.

    So if you have not already done so (and I *know* you're out there), you should make sure the interface is only accessible from your IP instead of from all/any IPs....

    Make sure (obviously) that you have a *strong* password.

    Maybe change the default port from 10000 to some other port.

    I just love seeing what they try to do when they find a (sacrificial) server which looks exploitable or hackable..... rofl

    ...and all they're doing is giving me logs full of their IP addresses to report....
  2. sieb@

    sieb@ Guest

    This happens nightly to my ssh and ftp ports, all they accomplish is filling my logs with denied entries.. ug..
  3. jamesyeeoc

    jamesyeeoc Guest

    Yeah, I figured those occur all the time, so I don't worry about that, but it's not often I see anyone latch onto port 10000 and try to break a password (not as commonly anyways).

    You aren't still running your SSH on the default port are you? (if you are, then shame on you!) :)
  4. fgilain

    fgilain Guest

    how could i change the default port for SSH ?
  5. jamesyeeoc

    jamesyeeoc Guest

    Edit the /etc/ssh/ssh_conf file (or wherever it is on your particular server) and change the Port line to a different number, then restart the sshd service
  6. atomicturtle

    atomicturtle Golden Pleskian

    Nov 20, 2002
    Likes Received:
    Washington, DC
    I run mine on the default port, since finding SSH on another port is trivial. A more robust solution would be to use RSA/DSA public key authentication. Then you can disable password authentication completely, so they can try and brute force the port until the cows come home, it would never work.