The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Huge Bandwidth Used

Discussion in 'Security' started by Alvin Rebulado, Oct 1, 2012.

  1. Alvin Rebulado

    Alvin Rebulado Registered

    Joined:
    Oct 1, 2012
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Sydney, Australia, Australia
    cPanel Access Level:
    Root Administrator
    Hey Guys,

    I have used a huge amount of bandwidth in our colocation for some reason. I stop all the other non-cpanel servers and still eating a lot. We suspect that the cpanel servers have been compromised. I found the below from my logs. Can anyone tell me if this is related?

    --------------------- SSHD Begin ------------------------

    Failed logins from:
    203.144.225.138 (203-144-225-138.static.asianet.co.th): 81 times
    203.240.225.12: 1081 times
    219.235.240.39: 4 times
    Illegal users from:
    203.144.225.138 (203-144-225-138.static.asianet.co.th): 4 times
    203.240.225.12: 438 times
    Received disconnect:
    11: Bye Bye : 1604 Time(s)

    Thanks

    Alvin
     
  2. Sannin

    Sannin Active Member

    Joined:
    May 19, 2011
    Messages:
    34
    Likes Received:
    0
    Trophy Points:
    6
    I can' t say about the used bandwidth but from the log you posted, i can tell that someone is bruteforcing your sshd server. So i guess you don' t have a firewall. I suggest you install csf as soon as possible.
     
  3. pwhjenny

    pwhjenny Well-Known Member

    Joined:
    Aug 31, 2012
    Messages:
    135
    Likes Received:
    0
    Trophy Points:
    16
    cPanel Access Level:
    Root Administrator
    Did you confirm your domain getting organic traffic that may be reason your bandwidth usage is high. I will check server access logs and detect wheter it is bot or any other thing using high bandwidth. Make sure you install firewall as well as block unwanted bots.
     
  4. arunsv84

    arunsv84 Well-Known Member

    Joined:
    Oct 20, 2008
    Messages:
    373
    Likes Received:
    1
    Trophy Points:
    18
    Location:
    127.0.0.1
    cPanel Access Level:
    Root Administrator
    Hi,

    Use a network monitoring tool like IPTraf. Recently I was able to find the culprit by using this tool. You can also use the top command to see if some particular script is executing and causing bandwidth usage.

    Project Home Page :- IPTraf - An IP Network Monitor

    Cheers!!!
     
Loading...
Similar Threads - Huge Bandwidth Used
  1. sweettea
    Replies:
    6
    Views:
    67

Share This Page