Sudden bandwidth spike

Forum Moderators: phranque

Message Too Old, No Replies

Sudden bandwidth spike

...doesn't show up in logs

Storyman

7:36 pm on Jan 25, 2005 (gmt 0)

One of my domains has a simple "Temporary" index page that is just a few bytes. I've got the bandwidth set pretty low since there isn't any activity.

When other sites are approaching their bandwidth limit an email is sent out to warn of pending doom, which makes what happened this morning that much stranger because it went from nearly 0 bandwidth to 15 megs in a relatively short burst of time.

Looking over the folders I noticed an old folder that had permission set to 777. It is now deleted, but was wondering if there is a way that someone could have used the site for nefarious activity because of the 777 setting.

Another interesting tidbit is that the log shows a spider looking for a series of non-existent folders that would most likely be associated with forums. There was close to a dozen different folders that were requested.

Anyone have an idea if the folder with 777 could have been used in a way that would skyrocket the bandwidth in a very short period of time?

netscan

11:59 pm on Jan 25, 2005 (gmt 0)

I don't know about the usage of the folders, but if you had the folder set to 777 someone could have gained access there and possibly used it, or is still using it or will use it at a later date.

As for the logs, I too have noticed an increase is page request for forum type pages/directories, I think it might have something to do with the recent phpbb worm, perhaps it's poking around for more victims.