Stronbox website will be moving to https://www.comglobalit.com/en/strongbox/ in the next weeks
Strongbox Support Email: strongbox@comglobalit.com
--
Clonebox website will be moving to Clonebox.net
Clonebox Email: support@bettercgi.com

There are two main types of notices you may receive. One type will mention an apparent brute force attack in the email. Those indicate that indeed someone is probably trying a brute force attack, or to be more technically correct a dictionary attack. That's really nothing to worry about most of the time. In the rare case where the attacker is able to put enough load on the server to make it noticeably slower or the attack goes on for more than a couple of hours you may want to take some action. If the attack is not noticeably slowing the server or going on for days, just smile and be glad that Strongbox is protecting you.

If some action IS needed, look at the Strongbox reports, checking to see if just a few IPs are responsible for most of the attack. If so, those few IPs can be directly blocked via .htaccess or better yet via your firewall. On the other hand if the attempts are fairly evenly spread over thousands of IPs, we have some addon scripts you can use to help Strongbox more efficiently handle such a huge attack by automatically adding IPs to .htaccess or preferably to your firewall in an efficient manner.

On the other hand, there is another type of email that warns you of compromised passwords. If you get many of these with different user names that means many of your passwords are compromised. Most likely, the attacker has found some security hole in some PHP script you use and used it to download your whole password file. Because your password file is using decades old encryption that can be easily cracked, the attacker then decrypts all of your passwords and posts them on password sites. This can be a real headache. If this has NOT happened to you yet, imagine what it would be like if it did and consider upgrading your processor's password management script to our improved version with strong encryption. More information on how to prevent that and what to do if it has already happened is available on our site:

http://bettercgi.com/strongbox/passgen/

http://bettercgi.com/strongbox/passgen/alreadyhacked.html


HomePage
This page is read-only |
Last edited 2007-07-16 8:47 pm
Search: