network flooded with requests

Amos Tan

Registered
Oct 14, 2014
1
0
1
Singapore, Singapore
cPanel Access Level
Root Administrator
Hi all,

Recently I have been testing out Cpanel till one day, my network was flooded with request for something, causing a network outage. After identifying those IP, added firewall rules to drop request from such IP from my router as a temporary solution.

After investigating, i notice a very high network traffic in every hour for 5mins, a very specific time frame?

after checking netstats -apn

Found connection to some IP very suspicious which is suspended in SYN-SENT 413807/Smarvtd for very very long hours.


Two processes or files i find very suspicious "smarvtd" and "sshhdd"

What's going on?
 

cPanelMichael

Administrator
Staff member
Apr 11, 2011
47,904
2,218
463
Hello :)

You can run a malware scanner on your system (e.g. CXS, Maldet) to see if anything is detected, but typically you should consult with a qualified system administrator or security specialist if you are concerned about a security-related issue with your system.

Thank you.