<p><strong>When installing HIDS security components in the cloud host, there&#39;s a reminder saying installation failure. What&#39;s the solution? </strong></p> <p>1) Confirm that the cloud host/usr/local/ has permission to install HIDS;&nbsp;</p> <p>2) Whether the cloud host runs normal.</p> <p>&nbsp;</p> <p><strong>How to uninstall HIDS security components</strong></p> <p>Log in Ping An Cloud security product console, click &quot;Uninstall&quot; on the server list page.</p> <p>&nbsp;</p> <p><strong>Solution to brute-force attack </strong></p> <p>Upon successful password cracking, the server may have been hacked with a backdoor left.</p> <p>1) Check the server&#39;s security status to see whether there are other unknown accounts or Trojan files; if yes, please delete it and repair immediately;</p> <p>2) Suggest resetting the server, and setting a complex password containing 15 or more letters, numbers and special characters;</p> <p>3) Use HIDS baseline detection to check the security configuration of your account and password.</p> <p>&nbsp;</p> <p><strong>Solution to abnormal login</strong></p> <p>Identify abnormal login based on the administrator&#39;s common login location; check the login records carefully; if login is not by the administrator, the password may be leaked and you need to perform a careful security check of the server.</p> <p>&nbsp;</p> <p><strong>There&#39;s still a brute-force attack reminder after modifying port 22 configuration. </strong></p> <p>The abnormal HIDS login function detects brute-force attacks based on the frequency of attempting to log in the SSH service, regardless of the port. Thus, even if you&#39;ve modified the default port for the SSH service, HIDS can still detect attacks and alert you when a malicious attacker tries to brute-force attack your SSH service.</p> <p>&nbsp;</p> <p><strong>Add a white list, including login, webshell and malicious process</strong></p> <p>1) Take the following steps in Ping An Cloud&#39;s console</p> <p><img src="https://obs-cn-shanghai.yun.pingan.com/pacloud/20172712164631-179e1a739af0.png" style="height:173px; width:860px" /></p> <p>2) Click &quot;Add White List&quot; on the right</p> <p><img src="https://obs-cn-shanghai.yun.pingan.com/pacloud/20172712164705-1ff758579606.png" style="height:339px; width:860px" /></p> <p>3) Select &quot;IP Address&quot;, select a server and enter the login source IP, click OK</p> <p>&nbsp;</p> <p><strong>Reasons for and solution to abnormal server protection status </strong></p> <p>HIDS security components are not connected to the server, resulting in abnormal back-office display. It is suggested to re-download the security components for installation. The reasons for being offline may be as follows:</p> <p>1) The server has enabled firewall rules;</p> <p>2) The third-party malware installed damaged the security program.</p> <p>&nbsp;</p> <p><strong>Solution to failure to detect Trojan (false negative)</strong></p> <p>If there is any Trojan failed to be detected, submit it to the Ping An Cloud security team through the work order for quick identification.&nbsp;</p> <p>&nbsp;</p>
Did the above content solve your problem? Yes No
Please complete information!

Call us


Email us


Online customer service

Instant reply

Technical Support

cloud products