Skip to main content

abuse report received, but do not know how to address

Comments

3 comments

  • cPRex Jurassic Moderator

    Hey there!  This wouldn't be related to any of the cPanel tools on the system, and I don't have any one-size-fits-all recommendations to track down the offending account.  tcpdump or iptables both sound like good options to me if you know the IP being targeted. 

    0
  • Daniel Biro

    Thanks @cPRex!

    Just for reference I received a good tip from my colocation-provider and I was able to find out who causes it.

    This is the command that helped me out (with extra filters of course):

    iptables -A OUTPUT -m state --state NEW -j LOG --log-uid

    If using csf, I first disable it, then run the command and then enable it and this way the logging starts...

    0
  • cPRex Jurassic Moderator

    Nice - thanks for sharing that!

    0

Please sign in to leave a comment.