edilsonlsouza

Member
Aug 29, 2020
5
0
1
Brazil
cPanel Access Level
Root Administrator
Hi! I'm getting this warning:

---
We have received a notification from the German Federal Office for Information Security (BSI) for (the IP address of) a server you have with us. We are automatically forwarding this notification on to you, for your information.
---

> Affected systems on your network:
>
> Format: ASN | IP | Timestamp (UTC) | RPC response
> 24940 | 1.2.3.4 | 2022-06-07 06:00:59 | 100000 4111/udp; 100000 3111/udp; 100000 2 111/udp; 100000 4111/udp; 100000 3111/udp; 100000 2 111/udp;
> 24940 | 1.2.3.5 | 2022-06-07 07:59:30 | 100000 4111/udp; 100000 3111/udp; 100000 2 111/udp; 100000 4111/udp; 100000 3111/udp; 100000 2 111/udp;

How to solve this?

Thanks!
 
Last edited by a moderator:

cPRex

Jurassic Moderator
Staff member
Oct 19, 2014
16,597
2,617
363
cPanel Access Level
Root Administrator
Hey there! Whenever you receive a message like that, I would check the headers to ensure that it is legitimate.

The message itself doesn't seem to provide much information. Are they saying there is "bad" traffic coming from your server? If so, it looks like your server is making outbound UDP connections, leading to this issue.

This isn't something that would be related to the cPanel tools on the system, so I'd recommend checking the network activity on the server directly to see if you can isolate that traffic.
 
  • Like
Reactions: edilsonlsouza