Since restoration of services on servers Altaria and Archevia, we have been monitoring an on going intrusion attempt to our FTP services on these servers. As of now, we have banned approximately 1.2k unique IP’s and their associated ranges.
All logs indicated that these attempts have failed repeatedly, and are all brute force attempts being made using generic user names for a default FTP installation. We do not and have never used default user ID’s, nor do we plan to in the future.
For the time being we will continue to monitor and report on further attempts, as well as maintain the security of our files and logs. We are also establishing a honeypot server code name Lykan which will have all inbound traffic aimed at the FTP services on Altaria and Archevia temporarily redirected.