The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

DDOS Shells!!

Discussion in 'Security' started by Ditz, Mar 18, 2010.

  1. Ditz

    Ditz Registered

    Joined:
    Mar 2, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    I own a dedicated server with cpanel installed, i get some users putting DDOSing shells which sends ALOT of packets out and slows (somtimes crashes my server) for hours..

    I know its outgoing packets becuase i check it with iptraf.

    Thanks for anyone who trys to help!
     
  2. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Have you disabled scripts making outbound connections?

    If the scripts are targeting a specific port, you can also block that port outbound from your server as well in your firewall configuration or iptables

    If you got specific script names, you can set those up to be auto killled.

    Anyway, there is a whole lot you can do there to stop all that.
     
  3. Ditz

    Ditz Registered

    Joined:
    Mar 2, 2010
    Messages:
    4
    Likes Received:
    0
    Trophy Points:
    1
    Have you disabled scripts making outbound connections?

    How do i do this?
     
  4. Spiral

    Spiral BANNED

    Joined:
    Jun 24, 2005
    Messages:
    2,023
    Likes Received:
    7
    Trophy Points:
    0
    Firewall .... limit your outbound ports if not needed or where you notice specific questionable network activity.

    PHP .... turn off "allow_url_fopen" and "allow_url_include" and disable socket, curl, soap and other network related functions in PHP.INI

    Disable perl access (preferred) or limit to pre-approved scripts
     
Loading...

Share This Page