Forum Discussion

Nimbostratus

Nov 27, 2015

Suspicious traffic over GTM

Hi, We are seeing some suspicious traffic over GTM. We are seeing its listener IP address making multiple conmectiins to some IP addresses over the internet over port 22. This is generating...

Employee

Feb 08, 2016

a lakh = 1 hundred thousand.

I would suggest the box has probably been compromised. You should reinstall the OS and restore the config from a UCS, and open a support case to check there aren't unexpected files in the UCS. Make sure that your port lockdown settings are appropriate and do not allow connections to public facing self-ips (allow none), allowing tcp/4353 where appropriate for iQuery.

Help guide the future of your DevCentral Community!

What tools do you use to collaborate? (1min - anonymous)