OVH Community, your new community space.

Wierd Activity from my server..


Winit
19-11-2008, 17:19
Ah, enough said

JALZOO
19-11-2008, 14:01
My box is windows not linux.

Winit
19-11-2008, 00:09
A Linux box isn't exactly insecure. The "hacker" must have exploited something in order to gain access in the first place.

JALZOO
18-11-2008, 17:43
Yeah i got "Semi hacked" Meaning the "Unknown person" Was able to do scans and exploit my server without being root.. Its my fault really i disabled my firewall.. So after a re-install and enabling firewall.. I havent had anymore e-mails about scans and mass e-mails.

slayer2005
18-11-2008, 17:27
sounds like u got hacked maybe?

snJohn
18-11-2008, 16:37
please update us with your story

JALZOO
18-11-2008, 15:39
Hi,

Woke up this morning to find my server dead and e-mails from OVH saying:

Dear Customer,

We have detected a port SCAN and/or intrusion attempts from your server
*****.kimsufi.com.

We are asking you to find the origin of these connections and to correct
at the earliest any security flaws that you can identify.

If these connections have been legitimately made on your server, we ask
you to customize the reverse server: http://help.ovh.co.uk/PersonalisedReverse

If you do not take any action, we will have no choice but to deactivate
your server.

AND


Dear Customer,

We have detected an abnormally high number of SMTP connections from your
server *****.kimsufi.com.
This can be due to massive sending of emails (type mailing-list)
or the exploitation of a security flaw allowing an intruder to send SPAM.

We are asking you to find the origin of these connections and to
correct at the earliest any security flaws that you are able to
identify.

If these connections have been legitimately made from your server, we
ask you to customize the reverse server:
http://help.ovh.co.uk/PersonalisedReverse

If you do not take any action, we will have no choice but to deactivate
your server.

I have not even setup any e-mail on my server that im aware of and i deffinatly dont scan any networks.. Wtf is going on!?

Update on this during re installing my server i got another e-mail saying "We have detected a port scan" :S

Rang OVH support and i have more of an understanding of the problem now.. Just going to try and sort it out thanks to OVH support