The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Was I DDoS-ed (URGENT)

Discussion in 'General Discussion' started by Giorgi, Jun 8, 2007.

  1. Giorgi

    Giorgi Member

    Joined:
    Mar 11, 2007
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    151
    Hello gr8 ppl...

    My server freezed for several hours, then I recieved this report:

    Code:
     --------------------- iptables firewall Begin ------------------------


 Logged 27149 packets on interface eth0
  From 61.9.191.55 - 1 packet to udp(33034)
  From 61.153.241.110 - 2 packets to udp(1434)
  From 61.178.178.43 - 1 packet to udp(1434)
  From 62.16.148.158 - 1 packet to tcp(2967)
  From 62.107.166.220 - 1 packet to tcp(2967)
  From 62.167.71.122 - 4 packets to tcp(5900)
  From 62.168.191.226 - 3595 packets to udp(5353) tcp(1049,1056,1068,1074,1112,1125,1146,1183,1200,1202,1211,1216,1217,1234,1237,1260,1286,1312,1318,1337,1340,1343,1347,1372,1373,1374,1385,1400,1408,1409,1411,1412,1441,1468,1479,1491,1493,1501,1502,1561,1572,1588,1618,1695,1700,1702,1718,1720,1723,1758,1767,1770,1771,1798,1799,1811,1873,1883,1887,1889,1914,1940,1943,1969,1970,2009,2024,2035,2065,2069,2079,2080,2081,2116,2121,2156,2182,2187,2193,2207,2208,2240,2278,2279,2297,2343,2344,2374,2462,2545,2573,2589,2604,2605,2728,2729,2738,2758,2783,2785,2805,2806,2810,2827,2840,2845,2857,2859,2890,2938,2954,2962,2980,2993,2997,3064,3099,3137,3195,3196,3246,3264,3268,3322,3323,3339,3380,3386,3472,3479,3514,3526,3565,3634,3705,3713,3715,3721,3726,3729,3731,3845,3936,3953,3955,3962,4231,4260,4262,4319,4322,4346,4356,4417,4421,4434,4462,4513,4604,4721,4760,4806,4808,4834,4849,4894,4972,5470,6338,6451,7296,9596,10008,10106,10119,10125,10200,10225,10238,10247,10302,10304,10371,10450,10460,10478,10493,10498,10510,10517,10518,10521,10522,10523,10554,10559,10587,10633,10678,10723,10734,10747,10766,10790,10794,10810,10860,10864,10868,10878,10886,10994,11061,11066,11109,11115,11134,11140,11263,11348,11373,11413,11419,11438,11476,11493,11588,11683,11697,11900,11910,11964,11988,12015,12016,12017,12130,12167,12268,12351,12352,12353,12354,12381,12511,12513,12517,12585,12600,12699,12716,12725,12727,12833,12865,12977,12983,13113,13180,13229,13243,13256,13267,13270,13486,13610,13640,13662,13686,13720,13787,13805,13806,13824,13894,13903,13932,13949,13956,14000,14163,14248,14436,14616,14666,14773,14776,14839,14875,14962,15000,15149,15194,15258,15325,15445,15472,15629,15702,15712,15990,16180,16267,16301,16813,16827,16847,16864,16903,17077,17105,17446,17447,17841,17992,18108,18109,18174,18450,18451,18460,18462,18463,18472,18529,18530,18531,18532,18585,18587,18610,18665,18670,18972,18993,19067,19105,19158,19255,19667,20467,20565,20567,21192,21392,21741,21769,22162,22257,22795,23061,23706,23869,23881,24032,24268,24899,25000,25171,25500,25608,25725,25822,25964,25965,26032,26714,26716,26717,27478,27665,27741,27891,27954,28012,28079,28080,28108,28313,28317,28419,28535,28602,28603,28645,28896,28926,28959,29079,29258,29576,29723,29787,30441,31330,33819,33820,33822,33824,33827,33828,33934,34273,34482,35760,36529,36995,36998,37156,39957,42687,43291,47234,49461,49568,49617,50117,50144,50156,50159,50356,50413,50414,50416,50441,50442,50457,50576,50582,50607,50630,50677,50706,50708,50835,50836,50837,50903,51857,52255,52422,52471,52493,52649,52765,53182,53760,54266,54546,54611,54771,55017,55018,55333,56404,57135,57219,57228,57421,57434,57491,57494,57496,57497,57526,57912,57941,58807,59347,59910,60518,61626,62067,62423,62458,62892,63059,63100,63263,63398,63557,63803,64114)
  From 62.183.18.98 - 1 packet to tcp(2967)
  From 62.215.37.86 - 2 packets to tcp(1433)
  From 62.234.141.16 - 1 packet to tcp(2967)
  From 62.241.74.157 - 2 packets to tcp(5900)
  From 64.12.51.146 - 1 packet to udp(32768)
  From 71.229.151.213 - 1 packet to udp(1026)
  From 74.160.70.224 - 2 packets to tcp(5900)
  From 75.111.89.191 - 2 packets to tcp(5900)
  From 81.105.27.202 - 1 packet to tcp(5900)
  From 84.147.210.181 - 4 packets to tcp(5900)
  From 85.114.252.43 - 1 packet to udp(27015)
  From 85.116.64.27 - 4 packets to tcp(1570,5168)
  From 85.117.34.181 - 30 packets to tcp(9000)
  From 88.210.198.9 - 2 packets to udp(27015)
  From 88.210.217.197 - 1 packet to udp(27015)
  From 122.128.227.97 - 1 packet to tcp(5900)
  From 125.46.36.102 - 12 packets to tcp(2268,2354,2497,2503,2525,3128,6588,6649)
  From 142.162.239.9 - 4 packets to tcp(5900)
  From 149.174.54.131 - 1 packet to udp(32768)
  From 149.174.54.132 - 1 packet to udp(32768)
  From 149.174.54.133 - 3 packets to udp(32768)
  From 155.230.106.58 - 3 packets to tcp(5901)
  From 192.168.10.97 - 8391 packets to udp(8225)
  From 192.168.10.151 - 7160 packets to udp(8225)
  From 192.168.10.157 - 7896 packets to udp(8225)
  From 193.254.184.77 - 4 packets to tcp(10000)
  From 202.106.102.195 - 1 packet to udp(1434)
  From 205.188.157.242 - 1 packet to udp(32768)
  From 205.188.157.243 - 1 packet to udp(32768)
  From 207.200.73.68 - 4 packets to udp(32768)
  From 207.200.73.69 - 1 packet to udp(32768)
  From 207.200.73.70 - 1 packet to udp(32768)
  From 210.202.93.112 - 1 packet to tcp(5900)
  From 210.211.225.126 - 1 packet to tcp(5900)
  From 218.75.223.84 - 1 packet to udp(1434)
  From 221.130.192.123 - 1 packet to udp(1026)

 ---------------------- iptables firewall End -------------------------
    Was I DDoS - ed? is this normal?

    Thank you in advance
     
    #1 Giorgi, Jun 8, 2007
  2. Giorgi

    Giorgi Member

    Joined:
    Mar 11, 2007
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    151
    Anything???
     
    #2 Giorgi, Jun 9, 2007
  3. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    There's no information there that suggests you were (3595 packets, the largest, isn't that high); but you could have been DDOSed in some way that isn't kept track of by that report.
     
    #3 brianoz, Jun 9, 2007
(You must log in or sign up to post here.)
Loading...
Similar Threads - DDoS (URGENT)
  1. 007basaran

    EA4 - Mod_evasive - Nginx Proxy - Layer 7 DDOS Attacks

    007basaran, Feb 28, 2017, in forum: Security
    Replies:
    19
    Views:
    795
    cPanelMichael
    Apr 7, 2017
  2. postcd

    How do you mitigate Apache DDoS on one domain index page?

    postcd, Oct 29, 2016, in forum: Security
    Replies:
    1
    Views:
    254
    cPanelMichael
    Oct 31, 2016
  3. Ahmed Hany

    Protect server from DDOS attacks

    Ahmed Hany, May 25, 2016, in forum: Security
    Replies:
    1
    Views:
    823
    cPanelMichael
    Jun 1, 2016
  4. iscwf2014

    Exim DDOS problem

    iscwf2014, Mar 15, 2016, in forum: Security
    Replies:
    1
    Views:
    632
    cPanelMichael
    Mar 16, 2016
  5. meeven

    Configure mod_request_timeout and mod_qos to mitigate slow HTTP ddos attacks

    meeven, Oct 12, 2015, in forum: Security
    Replies:
    3
    Views:
    932
    cPanelMichael
    Oct 14, 2015

Share This Page