what makes CPU overload ? - Page 2

zumaidi · #16 (**permalink**) 16-05-2005, 01:54 PM

it is located under public_html/forum/

This is the phpBB folder.
Btw, there is another fille - log.txt which contains the same thing.

I open it using notepad.

michaelfoo · #17 (**permalink**) 16-05-2005, 03:11 PM

Hi zumaidi,
It appears to be attacked by a bot that is trying to scan for servers that hosted phpBB forums. The log files were created by the bot itself.

Since the bot is scanning for other servers that hosted phpBB, it requires a lot of CPU resources. Now instead of having your visitors to use up the resources, the resources are being used by the bot. It other words, it can be said that your forum has been hacked.

If I have not mistaken, it is a bug with the versions before 2.0.11. If you have upgraded your phpBB forum to the latest version, you should be on the safe side.

Thanks.

jetzkr8 · #18 (**permalink**) 16-05-2005, 08:35 PM

Quote:

Originally Posted by Filuren

i think ddos attack would just bring the whole box down rather than seeing cpu overload.......

Not if you are on clustered network. I had my domain sharing with another domain being under DoS attack. Only http services were effected during the entire attack of about 5 days. Email and Control Panel services as well as others on separate physical boxes were not effected. Pretty tough going if you have all your services lumped into one box, and probably pay the price along the way.

leehanhe · #19 (**permalink**) 18-06-2005, 12:45 PM

Hello Zumaidi,

From the messages that you posted, the attacker have utilized the vulnerability in phpBB and uploaded some bad script to the server /tmp directory.

Those script normally is IRCbot or some spamming script. It will utilized the CPU resources when doing some job such as hosting an IRC server or spamming.

This kind of situation can be resolve by installing a firewall which blocking all unused network ports.

You should disable the custom avatar upload, gallery or any module that can upload files to the server. This can minimized the possibility for an attacker to upload malicious script to the server and execute it remotely.

If your site was hosting on a shared hosting environment, sometime antivirus will utilized the CPU when scanning large size email or the server being used by the spammer to spamming. (Sending to thousand of email address in the same time)

So, upgrade your forum time to time if there is any new release.
Do offen backup your MySQL database during non-peak time by using Cpanel.

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes	Rate This Thread
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode	Rate This Thread:

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
My website makes IE crash	kenspear	Websites Review and Suggestion	1	03-07-2006 12:21 PM
This guy makes USD 20k per month with adsense	phantomic	Revenue and Monetization	7	24-05-2006 02:16 PM

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)