Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Thread Tools Display Modes
Prev Previous Post   Next Post Next
Old 20th August 2012, 12:57
Hagforce Hagforce is offline
Senior Member
Join Date: Feb 2006
Posts: 210
Thanks: 37
Thanked 1 Time in 1 Post
Default Urgent. Server used for SYN flood attack


I have a server with Ubuntu 10.04 LTS and ISPConfig 3.
Use it for some Joomla sites, and som other self composed sites.

The server now seems to be used to run SYN flood attack to some destinations.
So I think one of the websites have a security issue, and a script is run.
When I shut down apache, the activity stops.

But I have a hard time tracking down witch website it is, and where the script is. When I know this, the security issue must be dealt with.
I do not want my server being used to cause trouble for others.

I need some quick help here, how do I find witch file the SYN flood originates?
Any way to use lsof, netstat or something?
netstat shows me the connections, but not where they where initialized from.
Reply With Quote
Sponsored Links


Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
Local mail server - final touch Alexhor Installation/Configuration 4 12th April 2012 23:33
amavis & ispconfig 3 yalex2000 Installation/Configuration 20 18th February 2010 18:02
I don't recieve mail. privir Installation/Configuration 2 3rd June 2009 23:08
Problems with Postfix Mysql Courier PatrickAdrichem Installation/Configuration 3 13th April 2007 16:44
The Perfect Setup Suse 9.3 - Postfix problems new_bee05 HOWTO-Related Questions 20 25th November 2005 03:30

All times are GMT +2. The time now is 05:05.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.