Answer the question
In order to leave comments, you need to log in
Strange DDoS attack, what to do?
Hello, the situation is very strange. They are ddosing my server, I was watching netstat/htop, everything is fine in Htop and there are no extra processes in netstat, but the funny thing is that the terminal lags unrealistically and everything takes a very long time to download. As I understand it, the Internet channel is clogged with something? The hoster blocked my VPS by writing the following:
We are contacting you because, right now, your server is the target of an extremely large network attack. This attack has been detected and mitigated by our network to ensure the availability of your server.
Answer the question
In order to leave comments, you need to log in
Who cares, I’m writing the answer:
There was a very strange brute force, the most obvious one that could be on port 22, but at the same time it added a bunch of sessions and processes, and also added a lot of cron tasks, changing the ssh port helped a little, but then they got angry and started ddosing SYNs. I think while iptables to twist to solve it.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question