network flooded with requests
Hi all,
Recently I have been testing out Cpanel till one day, my network was flooded with request for something, causing a network outage. After identifying those IP, added firewall rules to drop request from such IP from my router as a temporary solution.
After investigating, i notice a very high network traffic in every hour for 5mins, a very specific time frame?
after checking netstats -apn
Found connection to some IP very suspicious which is suspended in SYN-SENT 413807/Smarvtd for very very long hours.
Two processes or files i find very suspicious "smarvtd" and "sshhdd"
What's going on?
-
Hello :) You can run a malware scanner on your system (e.g. CXS, Maldet) to see if anything is detected, but typically you should consult with a qualified system administrator or security specialist if you are concerned about a security-related issue with your system. Thank you. 0
Please sign in to leave a comment.
Comments
1 comment