I’m not saying names right now but I have had two very suspicious ftp attacks on my servers in recent month, one of which would have bankrupted my company had i not caught it that day.
Why would i say this?
Well the break-in took place on a server that sits behind a pix firewall which just shows up as a black hole with your standard port scan. So the only people who have the logs that an ftp server lives there are my ISP.
The password has lowercase and uppercase characters as well as numbers AND punctuation. I don’t use this password anywhere else. Again the only people who could find this password on a clear text authentication service such as FTP is the ISP.
What happens & so what?
Both times I’ve had the FTP server flooded with empty directories which pegs my bandwidth usage to 94Mb/Sec! Only a local server could sustain that kind bandwidth for more than a FULL HOUR!
Had I not caught this when it happened my bill could have been over $10,000 in one month for bandwidth usage as it would have been billed based on an over usage rate.
your ads here (468x60) - after 1st post.