User comments on ISPs
  >> Other Providers (without dedicated forums)


Register (or login) on our website and you will not see this ad.


Pages in this thread: 1 | 2 | 3 | 4 | 5 | [6] | 7 | >> (show all)   Print Thread
Standard User Chrysalis
(eat-sleep-adslguide) Fri 25-Jan-13 19:25:35
Print Post

Re: Warning of Malware on Vivaciti web site


[re: Zadeks] [link to this post]
 
not in my experience, still lots of ftp break in's I see occur on many servers due to weak passwords, and indeed vivaciti seem to have even confirmed it now as a weak password issue.

BT Infinity 2 Since Dec 2012 - Estimate 65.9/20 - Attainable peak 110/36 - Current Sync 71/20
Standard User Zadeks
(experienced) Fri 25-Jan-13 19:45:09
Print Post

Re: Warning of Malware on Vivaciti web site


[re: Chrysalis] [link to this post]
 
Brute force is just only of many methods used by attackers, although it's pretty inefficient. These days it's far easier to exploit a vulnerability in a web script, server-side service or use SQL injection to extract password hashes and run them through a table or two.
Standard User Chrysalis
(eat-sleep-adslguide) Fri 25-Jan-13 23:02:25
Print Post

Re: Warning of Malware on Vivaciti web site


[re: Zadeks] [link to this post]
 
I am aware, but just posted my experience of where most exploitations have come from on servers I have access to.

web script vulns and the like can be mitigated by security filters.

BT Infinity 2 Since Dec 2012 - Estimate 65.9/20 - Attainable peak 110/36 - Current Sync 71/20


Register (or login) on our website and you will not see this ad.

Standard User Zadeks
(experienced) Sat 26-Jan-13 09:08:31
Print Post

Re: Warning of Malware on Vivaciti web site


[re: Chrysalis] [link to this post]
 
If someone is smart enough to harden a server, they'll probably go all the way and disable FTP altogether or at least lock it down.
Standard User RobertoS
(sensei) Sat 26-Jan-13 12:43:55
Print Post

Re: Warning of Malware on Vivaciti web site


[re: Zadeks] [link to this post]
 
?
If you disable FTP then hosting customer websites surely becomes a little difficult? Any normal way of allowing customers to FTP would still be hackable.

My broadband basic info/help site - www.robertos.me.uk | Domains,website and mail hosting - Tsohost.
Connection - Plusnet UnLim Fibre (FTTC). Sync ~ 54.0/14.9Mbps @ 600m. - BQM

"Where talent is a dwarf, self-esteem is a giant." - Jean-Antoine Petit-Senn.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Allergy information: This post was manufactured in an environment where nuts are present. It may include traces of understatement, litotes and humour.
Standard User Zadeks
(experienced) Sat 26-Jan-13 12:52:55
Print Post

Re: Warning of Malware on Vivaciti web site


[re: RobertoS] [link to this post]
 
SFTP over SSH with public key support is superior.

Plenty of ftpds include anti-brute-force protection. It's usually just a case of enabling it in the config.
Standard User RobertoS
(sensei) Sat 26-Jan-13 12:54:04
Print Post

Re: Warning of Malware on Vivaciti web site


[re: Zadeks] [link to this post]
 
/me showing ignorance, again tongue.

My broadband basic info/help site - www.robertos.me.uk | Domains,website and mail hosting - Tsohost.
Connection - Plusnet UnLim Fibre (FTTC). Sync ~ 54.0/14.9Mbps @ 600m. - BQM

"Where talent is a dwarf, self-esteem is a giant." - Jean-Antoine Petit-Senn.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Allergy information: This post was manufactured in an environment where nuts are present. It may include traces of understatement, litotes and humour.

Edited by RobertoS (Sat 26-Jan-13 12:54:26)

Standard User Chrysalis
(eat-sleep-adslguide) Sat 26-Jan-13 14:19:54
Print Post

Re: Warning of Malware on Vivaciti web site


[re: Zadeks] [link to this post]
 
In reply to a post by Zadeks:
If someone is smart enough to harden a server, they'll probably go all the way and disable FTP altogether or at least lock it down.


on shared hosting where the end user expects ftp, sales needs come first.

where I have the power to tho I now enforce strong passwords and apply rate limiting on login attempts.

BT Infinity 2 Since Dec 2012 - Estimate 65.9/20 - Attainable peak 110/36 - Current Sync 71/20
Standard User Chrysalis
(eat-sleep-adslguide) Sat 26-Jan-13 14:21:03
Print Post

Re: Warning of Malware on Vivaciti web site


[re: Zadeks] [link to this post]
 
I agree with both of these things, although on the former its the case of the end user using it or been willing to use it.

BT Infinity 2 Since Dec 2012 - Estimate 65.9/20 - Attainable peak 110/36 - Current Sync 71/20
Standard User vivaciti
(knowledge is power) Sun 27-Jan-13 08:52:30
Print Post

Re: Warning of Malware on Vivaciti web site


[re: Kimi] [link to this post]
 
Yes you can.
Our customers were informed of the issues and the reasons directly, had you been one of our customers, you would have received the information.

www.vivaciti.net
Vivaciti Broadband
0800 0911797

Forum
Facebook
Pages in this thread: 1 | 2 | 3 | 4 | 5 | [6] | 7 | >> (show all)   Print Thread

Jump to