egafd.com

I have just suffered a Brute Force Attack and read in Wikipedia that the machine to do this cost $25,000 so whoever it is must be quite powerful. If I knew who it was then I could become friends with their enemies!

Also they overloaded my Webmail with over 4000 SPAM emails and deleted my entire address book.

Anyone got any information on this?

Mike Freeman.

Hi mike,iv hard of simple programs using Brute Force Attacks on systems,scanning ip config & mac spoofing software can have a Brute Force on it,thats all i no,check a whitehat hacks site,defcon should give you a answer.

A brute force attack can be done by anybody, there are countless programs on the net that will do it for free and anybody with some brief programming knowledge could write a simple program in a couple of lines.

Most of them can be done by a single individual, using a single internet connection, if the security on your systems is very weak. If the security is stronger it normally requires significantly more connections (normally a bot net).

I don't know why anybody would feel the need to target yourself, so it could just be that your host was targeted and they got access to your account when they compromised the root/admin account for the server. Either way any user/pass combo you used for your email is now insecure and you should make sure to change it immediately after the security of the server has been confirmed.

Hi Twingo,
I am thinking of changing my host because I keep getting blocked, both Webmail and Control Panel and they keep sending me messages saying it's unblocked with a list of login failures. What do you think that I should do?
Mike Freeman.

Hi Stefano,
Don't quite understand your message but thanks anyway.
Mike Freeman.

Does the list they send you contain any information as to what IP address is being used when the login fails, as this would indicate where the attacker is coming from. I would probably send them a request and see what they are willing to do to help you out, they could put a block on your account with the exception of your ISP or even your IP if its static. If they are not willing to help i would seriously consider moving.

If you do, you should make sure that the user/pass for your new control panel should be different to your name/website domain names, doing so will make it a lot harder for them to target you.

As for your webmail you can move your entire over to googles email system, completely free of charge (still using the same email address you currently have). It has one of the best spam blockers (postini) and would probably be a harder target for attackers. It's also independant of your webhosting, so it means if one gets hacked it cant compromise the other

Twingo,
You were right it was the host under attack and not just me. I am wondering how to move my mike@eroticartist.co.uk to GMail.
Thanks for all the technical advic that you have given me now and in the past Mike Freeman

Mike

First of all you have to sign up to the "Google Apps Standard Edition" its completely free and you can do so here http://www.google.com/apps/intl/en/group/index.html

Click the blue "Get Started" button on the right hand side.
Select you wish to use "an existing domain name"
Select you are an administrator and that you own the domain
Type in your domain name (eroticartist.co.uk)

Once you have gone through the necessary steps (not much), your free google account for that domain will be setup on google sides. Then you will have to change the MX records for your domain to google, once this is complete your email will now be hosted on google. Full instructions for making the "MX Records" change will be on the google page, however if you get stuck you can post back here and i'll get you any info you need.

Google will allow you to use 50 free email addresses for that domain, with ample of space and one of the best anti-spam.