Find source of outgoing traffic - Glam Prestige Journal

My Ubuntu web server has been infected by a bot that is brute-force attacking Wordpress sites.

I can see the outgoing POST requests and their content, but I am not able to find the script, pid or user that are generating these requests. Of course my goal is to remove that malicious software.

Do you know any way to find where is that outgoing traffic being generated?

1 Answer

You can use nethogs, e.g.:

nethogs eth0

Should show you how much traffic is going from given process.

1 Answer

Your Answer

Sign up or log in

Post as a guest

Related Journals

How high up does a mob spawner have to be for it to NOT have reduced mob drops from any caves that may be below it

Where's Brother Vernan's hidden lair?

Plan B for spy (What spy revolver?)

Where to locate png for nether portal in assets