![]() ![]() We checked other FreePBX servers, there is none of these. There are a ton of these python processes that are taking up a lot of CPU. We just ran a TOP commant to see what’s taking up most of the CPU resources and this is what we are getting. Does any of these look suspicious or irregular? Thanks for all your inputs! ![]() Below are the currently running processes of our FreePBX instance. The server’s CPU is currently being loaded at up to 100% and we’re trying to figure out what process is causing this. ![]() We do not have that extension, nor do we have guest/unanimous calls enabled.Ĭan someone help us figure out what is going on here? It also looks like there is extension 100 involved. Why is it being originated from our server? It looks like the invites are somehow being sent from our server to scan different IPs for open SIP ports, is that right? From what I understand usually this process is in reverse, directed to our FreePBX server. Then they attached a piece of what they have been receiving from our server: ![]() “Caught scanning for web/mail exploits / compromised hosts”Ī T T E N T I O N ! T H I S I S A C O M P R O M I S E D H O S T ! Tepucom Abuse Dept: IP-OF-OUR-SERVER/32 (root IP: IP-OF-OUR-SERVER) (PTR: .) was added to the RBLDNS for the following reason: that our FreePBX server is sending our spam invites. The server is hosted by a cloud server provider and we have received a message from them that, they have received a message from Tepucom Abuse Dept. It looks like one of the test FreePBX servers that we are using has somehow been compromised. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |