Our customers repoted that their websites we host are exramly slow. We tested our broadband and our upload speed was at 6 kbits/sec!!(download was normal)We beileive we are being hacked because the amount of traffic generated by these sites should not cause this kind of slowdown. A couple of days later, after trying to fix this problem unsuccesfully, we opened DNS and found strange records in some of our forward zones. Most of the records were strange Alias and Host records which we deleted but we did find a set that looked like the kind of records that are automatically created when a domain is setup. They should not be there so we deleted them. The next day some of the deleted host resords reappeared-we deleted. Since then no records have reappeared but our bandwith is still congested.
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Rhinorhino on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
We can't identfy this hack on our servers!!!
- Thread starter pollux0
- Start date
first scan your server for any trojans or viruses, check any open ports your not using, stop all the services your not using, use a firewall, and try to monitor your network traffic.Disable anonymous access you might have (ftp).In general increase your security. A+, MCP, CCNA
marbinpr@hotmail.com
Keep fighting for your knowledge!
marbinpr@hotmail.com
Keep fighting for your knowledge!
- Status
Similar threads
- Locked
- Question
- Locked
- Question
- Locked
- Question
