Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

How can we locate malicious port-scanner on server?

Discussion in 'General Discussion' started by jols, Sep 10, 2006.

  1. jols

    jols Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,111
    Likes Received:
    2
    Trophy Points:
    168
    Just received this via email today:

    "This IP address, xxx.xx.x.xx (our server IP went here), is constantly doing port scans and trying to get into my firewall. Please resolve this matter ASAP."

    I assume this is due to some goofball uploading a malicious port-scanner, probably written in binary, probably in a hidden directory, etc.

    Question - How can we look for this? Netstat? (I know very little about how to use Netstat.)

    By the way, I just ran the latest version of rkhunter and everything looks good there.

    Thanks for any response.
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice