Security problems ?!

B

BadSpeed

Verified User
Joined
Nov 20, 2004
Messages
30
I had some usual traffic (100% more than usual) on my server.
I'm currently using Direct Admin.

And i may have been attacked my some people.
Wanted to know if there were some security patches for DA or if there is a way for people to use DA in order to get 40mbps up and down on my server.

Cause I need to find how this happen and mainly I have an SSH and DA ( with Apache, Proftp and co) on the server and that is it :D

Thx for your time
 
Your server may have been compromised, hit with a DOS attack, or just may have gotten a lot of hits; you really don't give enough information to determine which.

There are lots of threads on these forums explaining how to update the packages DA maintains. As for packages included in your OS, you'll have to use your OS tools to manage them; many of us set up automatic updating as defined by our OS of choice.

DA by itself neither allows nor disallows the amount of traffic your server can or does use; it just doesn't care.

For apache, search these forums for mod_throttle.

Jeff
 
I wish I can give you more infos... but I don't have any.
The people who rent me the server told me that I was making over 40 mbps up and down.
I've looked at the logs and didn't find anything about this traffic.

My guess is a DOS attack, but I really don't know why ... :s (The server is for personal use (me and some friends))

Anyway I'm gonna update my apache and stuff :)
 
Good Idea.
There is also a Domain Monitoring tool in the 3rd party forums which will collect usage for each domain. It might help you determine which domain is causing it.

I think there is also a tutorial for configuring an apache module to limit the number of connections per ip per second depending on what rules you specify.

All that is assuming that it is a DoS attack, and directed specifically at apache.

A firewall blocking all non essential ports is also a good idea.
 
You must log in or register to reply here.
Back
Top