FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu User

 
 
LinkBack Thread Tools
 
Old 02-12-2009, 05:11 PM
"Walton Hoops"
 
Default Security Issue

I could use some help from the Ubuntu wizards out there.
I run a home server, using Ubuntu 8.10. It very low traffic, with most of
the traffic being e-mail. Last night, over the course of an hour it
recorded roughly 8 GB (4 up and 4 down) of traffic over the course of 2
hours (monitoring with vnstat) and then dropped back to normal. Looking at
the logs, the traffic did not come through apache, sendmail,or SSH. Judging
from the fact that the up/down are equal, I'm guessing I've was used as a
proxy for something (I don't have a proxy server installed), but I know not
what. So, I have two questions.
1.) Any suggestions on how to further investigate this? At this point I'm
at a loss.
2.) How would you suggest further hardening my security, since it seems it
was compromised? I use Firestarter to lock down my ports, Fail2Ban to stop
those pesky SSH brute force attacks, and Snort to keep an eye out for other
attacks.
Any input would be appreciated.
Walton


--
ubuntu-users mailing list
ubuntu-users@lists.ubuntu.com
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
 

Thread Tools




All times are GMT. The time now is 05:46 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org