Solved

what is eating up my centos VPS bandwidth

Posted on 2013-06-24
4
748 Views
Last Modified: 2013-06-29
Hi experts
I have  a VPS that running CentOS 5.4 32 bit .. kloxo  control panel .. got only one site with very few traffic .
I was using that VPS for more than 2 years  with no problem
this month I got this message  from SolusVM Admin
 
"We are sending you this email because you have exceeded  more than 90% of your bandwidth allocation on the virtual server listed below:"


Based on kloxo my usage still very little ,, but SolusVM  has different say .

What I want :- a step by step solution to identify what could be eating my bandwidth and how to stop it .. ( I'm afraid my VPS could be hacked ... )
Many thanks
0
Comment
Question by:honestman31
  • 3
4 Comments
 
LVL 25

Expert Comment

by:Zephyr ICT
Comment Utility
Hi...

Do you have "iftop" installed, or can you install it on your VPS?

This will allow you to monitor what is eating your bandwidth

either as root, or a user with the necessary rights run:

iftop

Open in new window


Or with a filter:

iftop -f icmp

Open in new window


This way you get to see if some process or program is connecting somewhere that shouldn't.

Besides that, check all your logs for any irregularities ... Things that shouldn't be there.

- Check for failed logins in /var/log/messages
- Are there any new and unknown users created?
- When you use "top" are there any processes that you don't recognise?
- Check if any new programs were installed (rpm -Va).
0
 
LVL 10

Author Comment

by:honestman31
Comment Utility
Hi spravtek,
iftop  not installed ,,
tried yum install iftop  but did not work  ,, ( how to install it )

attached is what I see when use top ..
top.jpg
0
 
LVL 10

Accepted Solution

by:
honestman31 earned 0 total points
Comment Utility
just now i know the reason ,
my VPS got suspended and i got this message

"DNS Servers on your network are being used in DNS Amplification Attack's Worldwide."

So it is
DNS Amplification Attack's

Thanks for trying to help
0
 
LVL 10

Author Closing Comment

by:honestman31
Comment Utility
was a DNS Amplification Attack's
0

Featured Post

How to improve team productivity

Quip adds documents, spreadsheets, and tasklists to your Slack experience
- Elevate ideas to Quip docs
- Share Quip docs in Slack
- Get notified of changes to your docs
- Available on iOS/Android/Desktop/Web
- Online/Offline

Join & Write a Comment

Transparency shows that a company is the kind of business that it wants people to think it is.
Is your computer hacked? learn how to detect and delete malware in your PC
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

14 Experts available now in Live!

Get 1:1 Help Now