DigitalOcean

Report this

What is the reason for this report?
Question

Server down because of portflood attack by the server

Posted on August 5, 2016
Security
Ruby on Rails
psaravanan11

By psaravanan11

Hi Guys,

Kindly help me on these,

I received below messages from the server people,

"your Server/Customer with the IP: x.x.x.x (x.x.x.x) has attacked one of our servers/partners. The attackers used the method/service: portflood on: Thu, 04 Aug 2016 13:59:17 +0200. The time listed is from the server-time of the Blocklist-user who submitted the report. The attack was reported to the Blocklist.de-System on: Thu, 04 Aug 2016 13:59:37 +0200

The IP has been automatically blocked for a period of time. For an IP to be blocked, it needs to have made several failed logins (ssh, imap…), tried to log in for an “invalid user”, or have triggered several 5xx-Error-Codes (eg. Blacklist on email…), all during a short period of time. The Server-Owner configures the number of failed attempts, and the time period they have to occur in, in order to trigger a ban and report. Blocklist has no control over these settings.

Please check the machine behind the IP x.x.x.x (x.x.x.x) and fix the problem. To search for AS-Number/IPs that you control, to see if any others have been infected/blocked, please go to: https://www.blocklist.de/en/search.html?as=62567"

Thanks!



This textbox defaults to using Markdown to format your answer.

You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!

Sign In or Sign Up to Answer
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
0
Ryan Quinn
Ryan QuinnDigitalOcean Employee badge
August 9, 2016

Based on this information, chances are that your server is compromised. Without any further information the only course of action I can recommend is to take the server offline and investigate. You will most likely want to re-deploy from a clean backup.

This guide should help you with the next steps.

Become a contributor for community

Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.

Sign Up

DigitalOcean Documentation

Full documentation for every DigitalOcean product.

Learn more

Resources for startups and AI-native businesses

The Wave has everything you need to know about building a business, from raising funding to marketing your product.

Learn more

Get our newsletter

Stay up to date by signing up for DigitalOcean’s Infrastructure as a Newsletter.

New accounts only. By submitting your email you agree to our Privacy Policy

The developer cloud

Scale up as you grow — whether you're running one virtual machine or ten thousand.

Get started for free

Sign up and get $200 in credit for your first 60 days with DigitalOcean.*

*This promotional offer applies to new accounts only.

© 2026 DigitalOcean, LLC.Sitemap.