I had very slow internet for a while today and then my router finally crashed,
I had my webserver and my mail server running, luckily my mail server requires
authentication for smtp because I cheked it's log and there were a shitload of
bruteforce attempts from 67.152.208.130, Which would have explained the 3000
connections my router showed connected to my server. I found out that this is a
sbs 2k3 box that I'm pretty sure has been "compromised", Talked to Road Runner
and asked them if they could let the server owner know that their server may have been
compromised. I guess this is why Road Runner doesn't want people running mail servers,
luckily mine was secure , Now I just need to setup a router that actually blocks ip's after
a certain amount of concurrent connections.
I had my webserver and my mail server running, luckily my mail server requires
authentication for smtp because I cheked it's log and there were a shitload of
bruteforce attempts from 67.152.208.130, Which would have explained the 3000
connections my router showed connected to my server. I found out that this is a
sbs 2k3 box that I'm pretty sure has been "compromised", Talked to Road Runner
and asked them if they could let the server owner know that their server may have been
compromised. I guess this is why Road Runner doesn't want people running mail servers,
luckily mine was secure , Now I just need to setup a router that actually blocks ip's after
a certain amount of concurrent connections.