My Droplet sending Brute Force attact?
Dear guys,
I have a droplet which I use as an email server.
Applications that I installed there are:
1. iRedmail,
2. Phplist,
3. MySql,
4. Apache httpd
I had been using it for 3 months already, and suddenly I got a ticket from digitalocean support which shows that my droplet has been performing brute force attack against another server's SSH ...
My questions:
1. How can I find out that my server does this things?
2. How can I clean my server that might already invested by a BOTNET?
Thanks in advance,
Bromo
Log In to Comment