(HELP)I think someone ddos my server

August 15, 2018 2.8k views
Security

Hello, I been using my server droplet for http injector. I am getting always connection timed out. I pinged my server, and shows 8400 data of ping. So I am thinking might someone ddos my server with mega of packs of data , is it possible? What I can do now? Can I change it to prevent it? Please I need assistance immediately.

7 Answers

I have access to ssh normally . Tried apt get update commands, restart squid proxy nothing helped tho

Hey,

did you run top or htop to see the process activity on the box?

  • I don’t know anything about these two commands, I run them, says 6 users on top, 0 zombie. Don’t know what it means. . I cannot upload screenshots here tho :(

    • You should be looking mainly for high CPU activity in top/htop. For network activity you could be using something like iftop(for individual socket monitoring) or nload (for overall network activity).

That term can describe a bunch of things so you’d have to be more specific (ie links to the specific app).

  • Lol. I am from my smart phone, http injector is a Android application. So I assume you are not familiar with it.

Oh wow, you probably should wipe the VM and use something like openvpn instead. Or at least uninstall squid. That app is not a good idea at all imo.

  • How to wipe vm?

    • Edit: this will remove all the information from the VM so be sure to backup everything you may need in the future.

      I believe there is a rebuild option in the Control Panel with which you could load a fresh OS image onto the VM and the VM ip address should remain the same. That is if you’re using DigitalOcean, other providers may have reinstall or reload OS options.

      • Ok I have done rebuild. The matter now I need to setup squid proxy but I followed 4 different guides to do it before the rebuild and all of them almost was unsuccessful . I do not know , the guides was for Ubuntu 18.0 as my server. Can you help me more about setup it?

A VPN(Virtual Private Network) will mask your ip address and help you access some region-restricted content, it has a lot more features ofc. Squid kinda does the same but i don’t feel comfortable with it for some reason. Here’s more info about VPNs: https://www.howtogeek.com/133680/htg-explains-what-is-a-vpn/

Have another answer? Share your knowledge.