|
What is a Malware attack
After wasting a week of my life cleaning up from a Malware attack I have been told;
The happen by forcing the FTP password Then by weakness in the web design (but no explanation on what exactly. I would have thought is would be easy to defend against multiple attempts to log in... I was also told that the attack could come from the uploading or home computer but but anti virus and Microsoft's malware program failed to detect anything. If it is a password problem is it true that usealongsentenceasaspasswordinbetterthan HgtSd55^&8 that it is the length is the stronger PW? |
What FTP program do you use as some are quite easy to steal the password from?
|
Quote:
|
I hope you people are just using "FTP" as a generic term, and you really mean SFTP or SSH, because FTP went out with Gopher and Archie. If you really are using FTP then stop, because it's not secure.
|
Quote:
It doesn't have to be *YOUR* computer that got virused - it could be a designer you hired, a programmer, a copywriter, an seo guy, or even a server admin who's computer was infected with soemthing and had your login data saved somewhere. |
Grim news, the irony is that we were having problems uploading large files and our host recommended Filezilla, and Fillezilla does work very well.
|
:1orglaugh :1orglaugh:1orglaugh :1orglaugh :1orglaugh
|
Quote:
|
Quote:
We had a major malware issue here recently also - but it had nothing to do with FTP. We got the Ukash virus, which seemed to mutate into various forms. It busted through both our anti-virus and firewall and literally locked the system up. It took me three days to completely eliminate it. No permanent damage, just major annoying with the downtime. |
Try using Secure FTP (SFTP) to feel more secure.
|
|
So it could be Filezilla, it could be our computer, it could be our site PW was hacked, it could be a weakness in our website...
|
My advice is to use SFTP and a strong password with capitals and non capital letters, numbers and symbols. :2 cents:
|
Quote:
thisisreallyeasytorememberasapasswordforexample is better than TerD5$$&*H |
^ Why not just make the second one longer.
|
Quote:
so, the solution is 1. Use Total Commander because it has password encryption (versions > 7.5) 2. Use FileZilla portable edition from PortableApps.com because then the virus doesn't know where filezilla is installed. All those viruses scan "c:/Program Files/" folder for installed applications or search the registry... So, by using Portable Applications you will hide from possible attacker information that you are using that software... You can also put that on USB drive and carry with you or store it on Dropbox and use it on any computer, wherever you are... |
this link says your long password is better, see for yourself:
http://howsecureismypassword.net/ |
Quote:
|
Quote:
Thats what all women really think, but simply wont admit... |
Quote:
A single password with uppercase letters only will require up to 26 attempts to crack, but increase that to two and we're now at 676 (26 x 26)... go up to 10 and it's a number I'd have difficulty comprehending... 141,167,095,653,376 Of course there's no point having a "good" password if you're transmitting it cleartext via FTP, or you have something on your desktop or server that is catching the password as it's used. |
Quote:
https://www.grc.com/haystack.htm Example password I typically use 100 char + High ANSI characters „2?“=ŠQƒH[}ƒš!mba͵RXDx…n†!MM‰HJް1k5‚;7b C$wV~V‡‡ͨ7K‹hYœ Massive Cracking Array Scenario: (Assuming one hundred trillion guesses per second) 1.81 hundred million trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion trillion centuries |
Quote:
Thisisveryeasytorememberasitisinwordsbutverylong seems to be the way to go |
| All times are GMT -7. The time now is 12:08 AM. |
Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2025, vBulletin Solutions, Inc.
©2000-, AI Media Network Inc123