Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Is this an indication I was hacked?

Discussion in 'General Discussion' started by Webmaster Mitch, Oct 28, 2009.

  1. Webmaster Mitch

    Jan 7, 2009
    Likes Received:
    Trophy Points:
    A few days ago I was getting hourly reports that two of the sub-domains on my server had suspicious processes running. I couldn't figure out what they were, so I rebooted the server. Those messages have not returned.

    However, in my Logwatch email, in the Named section, I have the following messages;

    **Unmatched Entries**
    /etc/named.conf:13: using specific query-source port suppresses port randomization and can be insecure.: 1 Time(s)
    adjusted limit on open files from 1024 to 1048576: 1 Time(s)
    network unreachable resolving './NS/IN': 2001:500:2f::f#53: 1 Time(s)
    network unreachable resolving '': 2001:7b8:3:1f:0:2:53:2#53: 1 Time(s)
    network unreachable resolving '': 2001:7b8:3:1f:0:2:53:1#53: 1 Time(s)

    ... 1,071 more entries in between ...

    network unreachable resolving '': 2001:dc7:1000::1#53: 1 Time(s)
    network unreachable resolving '': 2001:dc7::1#53: 1 Time(s)
    the working directory is not writable: 1 Time(s)
    using default UDP/IPv4 port range: [1024, 65535]: 1 Time(s)
    using default UDP/IPv6 port range: [1024, 65535]: 1 Time(s)
    using up to 4096 sockets: 1 Time(s)

    I don't understand what's happening or what I should do about it. Any suggestions will be deeply appreciated.

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice