The friendly name of my server was changed to a, let’s say, not so family friendly name. I changed the password on my account and blocked the incoming port for now. I am looking through the logs. Does this mean someone hacked my account or could it have been changed through the open port? The password on the account was reasonably secure with 10 characters, symbols, and numbers.
If you think you were hacked;
- make certain you don’t have any other security holes via ssh / telnet / remote desktop / etc to your computer itself.
- If your server has not been set to require secure connections (except for local lan) enable it.
- If you have a reverse proxy, double check it. When misconfigured, a remote connection can appear as if local, giving them unrestricted access to your server
- Go to Plex.tv. Sign into your account, Change the password, and, most importantly, check the box to kick/disconnect/sign out all devices. Doing so will break all connections. You will have to reauthenticate with all your accounts. If anyone has your password, it will be voided.
Besides above, when changing the password a tip is to also check the setting that enables email only login. It makes it a tad bit harder at least since your email isn’t visible here for instance.
Is your server running on FreeBSD or FreeNAS?
If so, check the advanced server settings, especially the setting
disableRemoteSecurity
it must either be set to 0 (or it must not exist at all)
