Switching Off Port 993 - Is Anyone Using It?

BobHoliday

Member
Sep 6, 2013
23
3
3
cPanel Access Level
Root Administrator
I'm getting pounded by distributed attacks on imap port 993. I've used ConfigServer Firewall to lock down access to only the EU, US, Aus and Canada which has helped but the country source of the attacks now has migrated with my rule change.

I'm pretty sure none of my users use 993 so I could just switch it off but I'd like to be sure.

Where can I view or monitor successful connections to 993 by legitimate users so I can see that there are none, or see who's using it and talk them into using POP instead?

TY!
 

BobHoliday

Member
Sep 6, 2013
23
3
3
cPanel Access Level
Root Administrator
I know how to configure the firewall - I know how to block port 993... I want to know if any of my server users are using it and if so which. Is there a way to do that?
 

rpvw

Well-Known Member
Jul 18, 2013
1,088
446
113
UK
cPanel Access Level
Root Administrator
See this post on StackExchange

superuser.com/questions/604998/monitor-tcp-traffic-on-specific-port/848966#848966

- you could probably modify it to suit your needs
 
  • Like
Reactions: cPanelLauren

BobHoliday

Member
Sep 6, 2013
23
3
3
cPanel Access Level
Root Administrator
I don't know if any of them are - I want to monitor the port for successful logins so I can find out. I would ask them all but none of my clients know the difference between imap and pop3 I don't suspect.