What's new
Net Hosting Talk

We are a community of individuals and businesses passionate about web hosting. Let's build, learn, and grow together.

how to stop server doing bruteforce xml-rpc?

hughes

hughes

New Arrival
Registered
Hello,

I just received abuse email from the data center that my server is doing xml-rpc bruteforce, I use this server for shared hosting.
please help to check which account is doing bruteforce and how to stop this bruteforce attack.

thanks
 
  • Advertisement
    • Try checking outbound connection using netstat
    Code: 
    # netstat -nputw

    looking for IP destination there, there is a PID too.

    can also use tcpdump when the attack is running, or check running suspicious programs.
     

    Similar threads

    J
    dedicated server location
    Replies
    3
    Views
    7K
    hosterbros
    H
    J
    managed or unmanaged dedicated server?
    Replies
    7
    Views
    4K
    hosterbros
    H
    S
    Websites on my server are not loading
    Replies
    5
    Views
    4K
    hosterbros
    H
    W
    The cPanel license server replied that the license has been activated on too many machines
    Replies
    1
    Views
    6K
    geniusmojo
    geniusmojo
    R
    How can i redirect my server ip login url to server hostname?
    Replies
    1
    Views
    2K
    alvarez
    A

    Advertisement

    Back
    Top