Has my fedora 18 installation been hacked?
petasisg at yahoo.gr
Fri Mar 15 09:05:41 UTC 2013
I have a small server that I have recently upgraded to fedora 18. After
a while, I got notified by
the provider that their firewall catches thousands of requests, with the
following error message:
*Source IP*: ellogon-SKEL
*Source Port*: 35442
*Destination IP*: 184.108.40.206
*Destination Port*: 53
*Description*: Dropped UDP DNS request from dmz:ellogon-SKEL/35442 to
outside:220.127.116.11/53; packet length 1400 bytes exceeds configured
limit of 512 bytes
I have verified all packages (with rpm -Va), and didn't see anything
It is strange that the machine is trying to contact a server in USA,
Is there anything else to do, than re-installing the machine?
(Unfortunately, due to the huge load it creates to their firewall, they
remove the network cord from the server, so I have a few hours to debug
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the users