How do I find total server bandwidth info ?

4

4u123

Well-Known Member
PartnerNOC
Jan 2, 2006
948
29
178
Hi,

An account was hacked yesterday afternoon and they uploaded some bots and stuff to the users images folder and a cmdtmp file to /tmp the server was taken offline by the DC because of excessive bandwidth usage. It looks they used one of the scripts to initiate a DOS attack against another host.

I dont need any advice on securing the server - my question is about bandwidth.

The WHM bandwidth usage stats say that the server has only used 10GB. How do I find out exactly how much bandwidth usage the server has used so I can compare it to what the DC claims to be the usage ? (I've never been in this position before so Ive never needed to know how to do this until now)

They seem to think that we have used up our entire bandwidth allocation for our 35 servers in one night, just with that incident - which I am very dubious about.
 
Last edited:
J

jayh38

Well-Known Member
Mar 3, 2006
1,212
0
166
I believe you will pretty much be at the mercy of the DC. Whm will be your only offering for bandwidth "guess". Of course this is all meaningless if you been hacked as anything can and may have been modified.

all the bandwidth for 35 servers in one night? that would have raised an alarm in their network unless your servers are small vps accounts or very small bandwidth allocations. How much traffic are you talking about here?
 
4

4u123

Well-Known Member
PartnerNOC
Jan 2, 2006
948
29
178
The DC havent told me yet what the usage was but they indicated that the server was pumping out 100 Mbits constantly.

I'd argue that they should have procedures in place for sudden spikes like that - it should be down to them to put systems in that warn when a server suddently starts using 100 times its usual bandwidth.

After all - on servers that are not rigidly maintained - its not unusual for PHP sites to get hacked these days and in most cases its common for these irc bot / dos attack scripts to be uploaded to the server when it happens. If the DC cant identify sudden massive changes in usage then I think its going to cost alot of people alot of money.

The DC said this....

"Unfortuantly all this traffic has pushed you over your bandwidth allowance for all servers which means our providers will hit us with a bandwidth overage charge which we will have to pass on to you. I will send over the stats in an email to you later.
"

I've been running cpanel servers for 4 years and I've never had this problem before on this scale.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
R CPanel resources issue find Account Administration 8
M Where to Find a FULL Audit of cPanel Login History - Successes and Failures (not WHM) ? Account Administration 2
F domain name doesn't resolve correctly and i didn't find any solution for it Account Administration 4
R Find cPanel ID associated with brand e-mail addresses Account Administration 4
T SOLVED How to find total disk space ? Account Administration 14
Similar threads
CPanel resources issue find
Where to Find a FULL Audit of cPanel Login History - Successes and Failures (not WHM) ?
domain name doesn't resolve correctly and i didn't find any solution for it
Find cPanel ID associated with brand e-mail addresses
SOLVED How to find total disk space ?
Top Bottom