Question
My Droplet sending Brute Force attact?
Dear guys,
I have a droplet which I use as an email server.
Applications that I installed there are:
1. iRedmail,
2. Phplist,
3. MySql,
4. Apache httpd
I had been using it for 3 months already, and suddenly I got a ticket from digitalocean support which shows that my droplet has been performing brute force attack against another server's SSH ...
My questions:
1. How can I find out that my server does this things?
2. How can I clean my server that might already invested by a BOTNET?
Thanks in advance,
Bromo
Add a comment
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×