Results 1 to 6 of 6
  1. #1

    Am i hacked/hotlinked?

    Hi,
    I have a raq3 (4webspace) and run several sites on it.
    On an average day i use about 3-4 gigs BW.
    This morning i got this system email and it said that one of my sites:
    is very near or over the disk space limit allocated on the Cobalt server.
    Once the quota limit is reached, no more data can be stored. Consider moving
    some data to another location or increasing the limit.

    Quota Limit: 200.00 MB
    Quota Used: 347.15 MB
    Percent Used: 173 %

    I went to the admin area and noticed my BW has gone up to 8 gig's!
    "Quota Used: 347.15 MB" its impossible i have that much mb's in use for that site.
    And whats also fishy is that i didnt touch that site for a week and today i suddenly get that e-mail.
    Anybody know what i can do? I have to fix this quick cause 8 gigs would be a bit expensive at the end of the month.
    Thanks.

  2. #2
    Do you have anonymous ftp were people can drop and retrieve software. You may have become a wares drop box.

  3. #3
    Join Date
    Apr 2001
    Location
    FL, USA
    Posts
    949
    Check the actually usage for that site by running the du command for that directory, .eg.
    du -sh directoryname
    or to get a summary of each directory/file
    du -sh *

    Sometimes the cobalt panels do not correctly report disk usage.


    Check for anonymous ftp. pojo is correct in that when warez distributors discover anonymous ftp, your bandwidth and server can quickly become overloaded. Your servers IP and the list of files available circulate the internet very quickly via newsgroups. Look in all of your ftp site folders for a possible warez dump. Also, people use similar techniques to distribute movies and pornography.

    We save you time, money, and frustration by handling the server management tasks required to run an online business successfully.
    No prodding required. We just do it right the first time. Red Hat, MySQL, Plesk, and cPanel certified staff.

  4. #4
    i would bet that 147 mesg of storage is from stats, if your using 8 gigs it would create a lot of statistics data.

    Steve

  5. #5
    Thanks guy,
    Its not the stats, i use webalizer and those stats files arent even near those 147 mb's
    That du command, do i use that in Telnet?
    I have no clue how that stuff works.
    And no i dont have anomynous ftp.

  6. #6
    Join Date
    Apr 2001
    Location
    FL, USA
    Posts
    949
    du should be ran at the command line as root to get accurate results.

    scruntinize your web stats logs and refferrer logs. make sure images are not being called directly from another web site. also go to the site that is over limit and look for any large files.

    also, could this just be a burst in traffic -- did the site get some press or something??? we once had a site that tripled its daily hits in one day do to some press coverage.

    We save you time, money, and frustration by handling the server management tasks required to run an online business successfully.
    No prodding required. We just do it right the first time. Red Hat, MySQL, Plesk, and cPanel certified staff.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •