PDA

View Full Version : helpful for tracking intruders to your vu+


irishchris
14-10-10, 00:54
if you add the following line to your ccam.cfg
LOG WARNINGS: /tmp/warnings.txt

it creates a log of people trying to access your vu+ without your consent. you will find the log if there is in your tmp folder. i added it today and found an average of 40+ every minute from the same 8 ip numbers. was hogging bandwidth and worrying to say the least so had to scrap that and changer dyndns id. most worrying thing is it prob has been going on for months people trying to accees my vu+ config without me knowing. try it yourself and hopefully your log will be empty unlike me :eek:
irishchris
14-10-10, 09:31
ok checked new config after 12 hours and now does not create a log as noone is now getting access to my vu+ finally :)
malsat
14-10-10, 14:57
Will it take up memory ?
can it be auto over writen ?
irishchris
14-10-10, 19:01
it uses memory on temp which is wiped if you restart the box but uses only small amount if someone is accessing your box without your knowledge. if not then it does not use any temp memory
ttt1892
14-10-10, 19:13
I`m being thick here, so be gentle. Will this log my clients or just people who shouldn`t have access?
Thanx.
ttt.
ttt1892
14-10-10, 19:18
I have 69 intruders since I posted. But everyone was a failed login,so I assume my box is secure?

ttt.
zola25
14-10-10, 19:29
It just logs ips that are not in your cfg file.
They cant get in but the constant requests slow down cccam, they usualy come from lines you just deleted without informing your Shares
ttt1892
14-10-10, 19:35
290 and counting. http://www.smileys.me.uk/smileys/Party/party0024.gif (http://www.smileys.me.uk/smileys/Party/). Thing is I don`t have anyway of contacting the ones I deleted.So it looks like they will keep on trying until they delete me.
Ah well........Thanx for the info.

ttt.
irishchris
14-10-10, 20:01
right i find this strange as i changed my dyndns and port today but there are about 4 attempts per hour failed on my log now and it is from peers ips that i allow and that are connected???
Sicilian
14-10-10, 20:05
Just a little comment from me, this is sailing close to bordering a rule break, please do not go into too much detail with this ;)
irishchris
14-10-10, 20:15
thanks had not considered that apologies again boss
ttt1892
14-10-10, 20:31
Just need to know,as long as these login attempts show as failed,then it`s not a real problem in the grand scheme of things? Mainly security?

ttt.
zola25
15-10-10, 16:33
Not a problem for security and sorry boss