I have a VPS here at NFO running Windows server 2008
I love the VPS, gives me free reign to do whatever.
I've got: XAMPP and Two game servers running.
The other day, I noticed somebody was trying to Brute Force my FTP server. This means they were using a generic username like "Administrator" and using a hundred different password attempts.
This unsettled me, so I asked around, and found that I could check our a service called "Event Viewer" on my machine.
Sure enough, for the past MONTH there has been constant log in attempts on my computer, like an insane ammount, by various IP's
I took the IP's to this site:http://www.infobyip.com/
Found they were in totally obscure places, which led me to believe they were from a proxy.
The login attemps were almost all some variation of Admin and probably a thousand different passwords.
Occasionaly they would have very strange domain names, including the same name as my VPS! These would be used as the Username instead of Admin sometimes too!
The attacks came from every port imaginable, and have begun seeping into my different applications such as FileZilla.
This whole experience is sort of scary.. but is a good lesson that this sort of stuff happens, and that your computer should be totally locked down in the areas it can be. Strong. Passwords.
I'm going to change any passwords I have now on certain applications. The one i'm worried about it Hamachi running, as it feels insecure.
Any more suggestions that I could do to watch for this or block things off?
Hope this info helps people keep their server safe!