SNMP reflection using installed snmpd
We're new to cPanel, so have to ask what you might consider a basic question - first some background - we're working on our FIRST cPanel server - default installation from a VPS vendor to learn the setup, how easyApache works etc. I have maybe 5 domains on the server.
Today I get an "abuse complaint" saying that the SNMP on this particular server is being used for SNMP reflection dDoS attacks on another server.
Oh noes.. not good - first question...
1. is snmpd used in cPanel to monitor services by default - ie, does native cPanel install *AND* use snmpd?
2. Next logical question - if it is used, why isn't it better configured?
3. How should we configure it better for local use only - or - use between cpanel servers, but not the outside world.
At the moment I just disabled snmpd - I don't want this VPS causing havoc, but I don't want to disable something that cPanel relies on for everyday usage.
cheers
WYB.
-
Hello :) cPanel does not utilize this package to monitor services. You can disable it if you prefer, as cPanel does not rely on it's use. Did the abuse complaint contain specific details about the attack? Did you enable it as a PHP module? Thank you. 0
Please sign in to leave a comment.
Comments
1 comment