Been away a week, what should i check
Guys.
I've been away for 10 days, is there anything obvious i should be looking at to confirm security hasn't been breached.
My mailbox has almost 1000 messages, so i can't possibly read every single one.
-
is there anything obvious i should be looking at to confirm security hasn't been breached
Hello, Is there anything in particular that leads you to believe your server was hacked? Thank you.0 -
Not really, but i have a daily routine of scanning through the CSF emails every morning. I decided that almost 1000 entries was far too many to scan though so i checked a few things that i thought should be obvious had there been a compromise. Mail queue ..... nothing queued. Cpanel Login logs. A quick scan via FTP of user folders. There were a few warnings about files changed which caught my eye, but these were due to an update of some sort. 0 -
Guys. I've been away for 10 days, is there anything obvious i should be looking at to confirm security hasn't been breached. My mailbox has almost 1000 messages, so i can't possibly read every single one.
The most obvious is, those emails. They are your eyes and ears when you're away from your desk. Check Rootkit emails, worth viewing. CXS emails, always. LFD emails, always. cPanel Service monitor emails, always. upcp emails are mostly boring but worth a look. Backup complete emails, boring as well but worth a look. Logwatch emails too. The second most obvious thing might be to trim down unneeded emails. I prefer to disable updates while I'm away and I don't need to see Brute Force emails, I disable those. As a few examples. No matter where I am I have 10 minutes a day to go thru server emails.0
Please sign in to leave a comment.
Comments
3 comments