The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

network flooded with requests

Discussion in 'Security' started by Amos Tan, Oct 16, 2014.

  1. Amos Tan

    Amos Tan Registered

    Joined:
    Oct 14, 2014
    Messages:
    1
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Singapore, Singapore
    cPanel Access Level:
    Root Administrator
    Hi all,

    Recently I have been testing out Cpanel till one day, my network was flooded with request for something, causing a network outage. After identifying those IP, added firewall rules to drop request from such IP from my router as a temporary solution.

    After investigating, i notice a very high network traffic in every hour for 5mins, a very specific time frame?

    after checking netstats -apn

    Found connection to some IP very suspicious which is suspended in SYN-SENT 413807/Smarvtd for very very long hours.


    Two processes or files i find very suspicious "smarvtd" and "sshhdd"

    What's going on?
     
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,696
    Likes Received:
    656
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello :)

    You can run a malware scanner on your system (e.g. CXS, Maldet) to see if anything is detected, but typically you should consult with a qualified system administrator or security specialist if you are concerned about a security-related issue with your system.

    Thank you.
     

Share This Page