After discussing an issue I was having with files disappear from my web server I have decided that the system was, as it's called, owned?
I ran iftop on my server and noticed a LOT of traffic to what should be a very low volume web site. In the range of 30 mb in less than 10 minutes. While that may not seem like much, it is for my little sever. I reinstalled the server from 12.04 LTS server cd and re-ran iftop. Traffic was about 30 mb over an 8 hour period. On the recommendation of the others here, I ran iftop on both my local systems as well and I see a lot of traffic on those when there should be NONE.
I configured ufw on both the block everything but ssh and to only allow that from the other computer, but is there any way to find out if/what has been done and to undo it?
I am not proficient with with Linux hacking to even know where to begin looking so any help or finger pointing in the right direction would be great. Thanks in advance.
Adv Reply
Originally Posted by rebeltaz
Bookmarks