On Thu, Jul 7, 2011 at 5:49 PM, M.S.Eesh <[email protected]> wrote:
> Hi, > > I have CentOS 5.0 server. It acts as router. Its serving for web > application,SSH and VSFTP purposes. I have restricted iptables by > mentioning > IP from where these services to be accessible. Sometimes this server is not > responding. Whenever I have this issue, its started to respond again after > restart the server. After restart the server, I have checked firewall rules > using "iptables -L". Here I can see unwanted entries which I didnt include > in iptables rules. How many people have access/rights to the it? Did you check with them. Could you run a rootkit / trojan scanner on it? Do you have good deny all rules on it ? The best way is to allow only few ports and deny everything else. When the service goes funky, you should immediately check syslog and auth logs. Server not responding could very well be a DOS attack / Over flooding requests. > I am afraid that server has hacked by someone. > > Ok, this disrespects lot of real hackers. http://en.wikipedia.org/wiki/Hacking_(innovation) -- krish _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
