1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

getting always This machine has been suspended for outgoing flood

Discussion in 'Web Hosting' started by madiwz, Jan 11, 2015.

0
  1. #1
    hello,
    i am with dedicated server,
    i am getting suspended by the host
    they telling the reason as "This machine has been suspended for outgoing flood"
    and my server automatically going to rescue mode boot and they are suspending my server upload_2015-1-12_12-4-7.gif
    i didnt do anything.
    when we have asked about the reason to the host why its happening. they give answers with "
    We do not have more information (The switch blocked the server automatically), Most likely it has been caused by an outgoing DDOS attack
    "
    can any body please tell where to find that outgoing flood
     
    madiwz, Jan 11, 2015 IP
  2. gigapros

    gigapros Active Member

    Messages:
    71
    Likes Received:
    9
    Best Answers:
    0
    Trophy Points:
    65
    #2
    These kind of abuse reports from datacenter are generally accompanies by detailed lo files. Was a log file attached to the initial notification email? If not, ask them for log files.

    For immediate damage control, block the outgoing port of your server (in software firewall) to prevent any further attacks from going out of your server. after that, scan your server for malwares.
     
    gigapros, Jan 11, 2015 IP
  3. madiwz

    madiwz Member

    Messages:
    5
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    36
    #3
    currently the server blocked from the host. they telling that need to re install and given me the backup details. they didnt giving the log files. and saying we don't have much information. i am with oneprovider :(
    changing the server completely to the new server will may fix the problem?
     
    madiwz, Jan 11, 2015 IP
  4. gigapros

    gigapros Active Member

    Messages:
    71
    Likes Received:
    9
    Best Answers:
    0
    Trophy Points:
    65
    #4
    now, that's bad. u r really in a sticky situation. sorry, couldn't help much then. :(
     
    gigapros, Jan 11, 2015 IP
  5. madiwz

    madiwz Member

    Messages:
    5
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    36
    #5
    they blocked. but changing the server to the new host may fix the problem? i didnt do anything. changing the server with fresh installs may fix the problem. ?
     
    madiwz, Jan 11, 2015 IP
  6. sarahk

    sarahk iTamer Staff

    Messages:
    28,641
    Likes Received:
    4,486
    Best Answers:
    123
    Trophy Points:
    665
    #6
    ask for your files for backup and analysis. You then need to compare the file sizes with the copies you already have on your system. Then go through those that are bigger looking for the injection. They're likely to be encrypted but they should stand out as being different from the rest of the code.

    If you don't have the skills to do this then you need to hire someone or your security problems will happen again.
     
    sarahk, Jan 11, 2015 IP
  7. gigapros

    gigapros Active Member

    Messages:
    71
    Likes Received:
    9
    Best Answers:
    0
    Trophy Points:
    65
    #7
    may be or may be not. if your sites have a malware hidden in them, it will come back when you restore your sites. If it's in a "outside" folder, then u will be safe.

    but chances are.....it will come back again because it may have already found a vulnerability in your scripts to creep through.
     
    gigapros, Jan 11, 2015 IP