Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

Was I DDoS-ed (URGENT)

Discussion in 'General Discussion' started by Giorgi, Jun 8, 2007.

  1. Giorgi

    Giorgi Member

    Joined:
    Mar 11, 2007
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    151
    Hello gr8 ppl...

    My server freezed for several hours, then I recieved this report:

    Code:
     --------------------- iptables firewall Begin ------------------------


 Logged 27149 packets on interface eth0
  From 61.9.191.55 - 1 packet to udp(33034)
  From 61.153.241.110 - 2 packets to udp(1434)
  From 61.178.178.43 - 1 packet to udp(1434)
  From 62.16.148.158 - 1 packet to tcp(2967)
  From 62.107.166.220 - 1 packet to tcp(2967)
  From 62.167.71.122 - 4 packets to tcp(5900)
  From 62.168.191.226 - 3595 packets to udp(5353) tcp(1049,1056,1068,1074,1112,1125,1146,1183,1200,1202,1211,1216,1217,1234,1237,1260,1286,1312,1318,1337,1340,1343,1347,1372,1373,1374,1385,1400,1408,1409,1411,1412,1441,1468,1479,1491,1493,1501,1502,1561,1572,1588,1618,1695,1700,1702,1718,1720,1723,1758,1767,1770,1771,1798,1799,1811,1873,1883,1887,1889,1914,1940,1943,1969,1970,2009,2024,2035,2065,2069,2079,2080,2081,2116,2121,2156,2182,2187,2193,2207,2208,2240,2278,2279,2297,2343,2344,2374,2462,2545,2573,2589,2604,2605,2728,2729,2738,2758,2783,2785,2805,2806,2810,2827,2840,2845,2857,2859,2890,2938,2954,2962,2980,2993,2997,3064,3099,3137,3195,3196,3246,3264,3268,3322,3323,3339,3380,3386,3472,3479,3514,3526,3565,3634,3705,3713,3715,3721,3726,3729,3731,3845,3936,3953,3955,3962,4231,4260,4262,4319,4322,4346,4356,4417,4421,4434,4462,4513,4604,4721,4760,4806,4808,4834,4849,4894,4972,5470,6338,6451,7296,9596,10008,10106,10119,10125,10200,10225,10238,10247,10302,10304,10371,10450,10460,10478,10493,10498,10510,10517,10518,10521,10522,10523,10554,10559,10587,10633,10678,10723,10734,10747,10766,10790,10794,10810,10860,10864,10868,10878,10886,10994,11061,11066,11109,11115,11134,11140,11263,11348,11373,11413,11419,11438,11476,11493,11588,11683,11697,11900,11910,11964,11988,12015,12016,12017,12130,12167,12268,12351,12352,12353,12354,12381,12511,12513,12517,12585,12600,12699,12716,12725,12727,12833,12865,12977,12983,13113,13180,13229,13243,13256,13267,13270,13486,13610,13640,13662,13686,13720,13787,13805,13806,13824,13894,13903,13932,13949,13956,14000,14163,14248,14436,14616,14666,14773,14776,14839,14875,14962,15000,15149,15194,15258,15325,15445,15472,15629,15702,15712,15990,16180,16267,16301,16813,16827,16847,16864,16903,17077,17105,17446,17447,17841,17992,18108,18109,18174,18450,18451,18460,18462,18463,18472,18529,18530,18531,18532,18585,18587,18610,18665,18670,18972,18993,19067,19105,19158,19255,19667,20467,20565,20567,21192,21392,21741,21769,22162,22257,22795,23061,23706,23869,23881,24032,24268,24899,25000,25171,25500,25608,25725,25822,25964,25965,26032,26714,26716,26717,27478,27665,27741,27891,27954,28012,28079,28080,28108,28313,28317,28419,28535,28602,28603,28645,28896,28926,28959,29079,29258,29576,29723,29787,30441,31330,33819,33820,33822,33824,33827,33828,33934,34273,34482,35760,36529,36995,36998,37156,39957,42687,43291,47234,49461,49568,49617,50117,50144,50156,50159,50356,50413,50414,50416,50441,50442,50457,50576,50582,50607,50630,50677,50706,50708,50835,50836,50837,50903,51857,52255,52422,52471,52493,52649,52765,53182,53760,54266,54546,54611,54771,55017,55018,55333,56404,57135,57219,57228,57421,57434,57491,57494,57496,57497,57526,57912,57941,58807,59347,59910,60518,61626,62067,62423,62458,62892,63059,63100,63263,63398,63557,63803,64114)
  From 62.183.18.98 - 1 packet to tcp(2967)
  From 62.215.37.86 - 2 packets to tcp(1433)
  From 62.234.141.16 - 1 packet to tcp(2967)
  From 62.241.74.157 - 2 packets to tcp(5900)
  From 64.12.51.146 - 1 packet to udp(32768)
  From 71.229.151.213 - 1 packet to udp(1026)
  From 74.160.70.224 - 2 packets to tcp(5900)
  From 75.111.89.191 - 2 packets to tcp(5900)
  From 81.105.27.202 - 1 packet to tcp(5900)
  From 84.147.210.181 - 4 packets to tcp(5900)
  From 85.114.252.43 - 1 packet to udp(27015)
  From 85.116.64.27 - 4 packets to tcp(1570,5168)
  From 85.117.34.181 - 30 packets to tcp(9000)
  From 88.210.198.9 - 2 packets to udp(27015)
  From 88.210.217.197 - 1 packet to udp(27015)
  From 122.128.227.97 - 1 packet to tcp(5900)
  From 125.46.36.102 - 12 packets to tcp(2268,2354,2497,2503,2525,3128,6588,6649)
  From 142.162.239.9 - 4 packets to tcp(5900)
  From 149.174.54.131 - 1 packet to udp(32768)
  From 149.174.54.132 - 1 packet to udp(32768)
  From 149.174.54.133 - 3 packets to udp(32768)
  From 155.230.106.58 - 3 packets to tcp(5901)
  From 192.168.10.97 - 8391 packets to udp(8225)
  From 192.168.10.151 - 7160 packets to udp(8225)
  From 192.168.10.157 - 7896 packets to udp(8225)
  From 193.254.184.77 - 4 packets to tcp(10000)
  From 202.106.102.195 - 1 packet to udp(1434)
  From 205.188.157.242 - 1 packet to udp(32768)
  From 205.188.157.243 - 1 packet to udp(32768)
  From 207.200.73.68 - 4 packets to udp(32768)
  From 207.200.73.69 - 1 packet to udp(32768)
  From 207.200.73.70 - 1 packet to udp(32768)
  From 210.202.93.112 - 1 packet to tcp(5900)
  From 210.211.225.126 - 1 packet to tcp(5900)
  From 218.75.223.84 - 1 packet to udp(1434)
  From 221.130.192.123 - 1 packet to udp(1026)

 ---------------------- iptables firewall End -------------------------
    Was I DDoS - ed? is this normal?

    Thank you in advance
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #1 Giorgi, Jun 8, 2007
  2. Giorgi

    Giorgi Member

    Joined:
    Mar 11, 2007
    Messages:
    23
    Likes Received:
    0
    Trophy Points:
    151
    Anything???
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #2 Giorgi, Jun 9, 2007
  3. brianoz

    brianoz Well-Known Member

    Joined:
    Mar 13, 2004
    Messages:
    1,146
    Likes Received:
    6
    Trophy Points:
    168
    Location:
    Melbourne, Australia
    cPanel Access Level:
    Root Administrator
    There's no information there that suggests you were (3595 packets, the largest, isn't that high); but you could have been DDOSed in some way that isn't kept track of by that report.
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
    #3 brianoz, Jun 9, 2007
(You must log in or sign up to post here.)
Loading...
Similar Threads - DDoS (URGENT)
  1. daemoncesar

    DDoS apache flood

    daemoncesar, Feb 1, 2018, in forum: Security
    Replies:
    3
    Views:
    703
    cPanelMichael
    Feb 2, 2018
  2. Mehrdad Tari

    Solutions for handling ddos attacks?

    Mehrdad Tari, Jul 9, 2017, in forum: Security
    Replies:
    3
    Views:
    1,539
    postcd
    Aug 19, 2017
  3. 007basaran

    EA4 - Mod_evasive - Nginx Proxy - Layer 7 DDOS Attacks

    007basaran, Feb 28, 2017, in forum: Security
    Replies:
    19
    Views:
    2,411
    cPanelMichael
    Apr 7, 2017
  4. postcd

    How do you mitigate Apache DDoS on one domain index page?

    postcd, Oct 29, 2016, in forum: Security
    Replies:
    1
    Views:
    950
    cPanelMichael
    Oct 31, 2016

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...
    Dismiss Notice