Ok, I finally got everything updated from FreeBSD 8.4 to FreeBSD 10.1.
While doing the upgrade my network been attacked by DDOS and brute force attacks. I had to shutdown my servers.
I used ftpd in the past and was currently using it. Someone on here advised not to use it since it's not secure. I was advised to use sftpd and install ssh. I got ssh installed already. I was told to use that with a firewall and fail2ban.
The thing is that I don't need to remotely use my server. In the same building I use other computers to upload code to my website via ftp. On my routers for internal networks. I have the router only accept my external ips to connect. I have a ip whitelist.
I would feel more comfortable if I have some kind of whitelist for any ftp access they must have that ip address and mac address. I don't know if this is possible?
So, my question here is what is the best towards preventing hackers get access to your servers? Why does fail2ban work? I am on a small network and to me the fail2ban I don't think it can stop ddos attacks?
What are the safety measures for apache, mysql, posfix and I use webmin to help administrate the servers. I just don't want to be compromised.
What do you guys do if under a DDOS attack? I recently reported the attacks to the persons ip address. Their ISP didn't do anything at all. I was told online the only thing is to report it to the police.
How does one stop these attacks? Or at least report it in legal matters?
While doing the upgrade my network been attacked by DDOS and brute force attacks. I had to shutdown my servers.
I used ftpd in the past and was currently using it. Someone on here advised not to use it since it's not secure. I was advised to use sftpd and install ssh. I got ssh installed already. I was told to use that with a firewall and fail2ban.
The thing is that I don't need to remotely use my server. In the same building I use other computers to upload code to my website via ftp. On my routers for internal networks. I have the router only accept my external ips to connect. I have a ip whitelist.
I would feel more comfortable if I have some kind of whitelist for any ftp access they must have that ip address and mac address. I don't know if this is possible?
So, my question here is what is the best towards preventing hackers get access to your servers? Why does fail2ban work? I am on a small network and to me the fail2ban I don't think it can stop ddos attacks?
What are the safety measures for apache, mysql, posfix and I use webmin to help administrate the servers. I just don't want to be compromised.
What do you guys do if under a DDOS attack? I recently reported the attacks to the persons ip address. Their ISP didn't do anything at all. I was told online the only thing is to report it to the police.
How does one stop these attacks? Or at least report it in legal matters?