Home > 客服支持|备份服务 > linode vps被入侵当做垃圾邮件转发该如何处理?

linode vps被入侵当做垃圾邮件转发该如何处理?


We have received a report of spam originating from your Linode. We ask that you investigate this matter as soon as possible to determine why mailings originating from your Linode are being marked as spam. If you were not aware that activity of this nature was originating from your Linode, it is likely that your Linode has been compromised, and you’ll want to take appropriate action.

We take the integrity of our network very seriously, and we appreciate your cooperation in investigating this activity. Please keep us updated via this ticket as you look into the issue.

If you have any questions or concerns, please let us know!


帮网友代购了不少linode,很少听说过linode vps被入侵当做垃圾邮件转发服务器的。此VPS其实是我帮忙搭建的环境,当时搞的是webmin,当时跟网友说的是等他搬完家后,我再做个定期备份和基础安全,后来因为某些原因,把基础安全这个事儿给忘记了。看来网络基础安全还是必须要做的,因为互联网上,不停的有人在尝试服务器的root密码。



You may want to audit the following log files and writable directories:

– “/var/log/auth.log”: You may have fallen victim to a SSH brute force attack.
– “lastlog”: You can cross reference recent account logins with the brute force attempts in “/var/log/auth.log”.
– /tmp: This directory is often used by attackers to store their files in.
– Web server logs: You may have installed a vulnerable script or web application.
– “ps aux”: Check for foreign processes.

If you do find that your system has been compromised, I’d strongly suggest completely redeploying your Linode as it is often very difficult to determine the full scope of an attack. If downtime is a concern to you, the following guide will assist you with safely recovering your data and redeploying your Linode with minimal downtime:

– http://library.linode.com/troubleshooting/compromise-recovery

If you do not want to spin up a new Linode as advised in the above guide, you can simply deploy a new distribution and mount your old disk images within it to copy your data over. You will first need to free up some space to deploy the new distribution. You can do this by resizing your existing disk image:

– http://library.linode.com/linode-platform/manager/managing-disk-images#resize_a_disk_image

You can then deploy your new distribution and attach your old disk images to it:

– Select the “Deploy a Linux Distribution” link on your dashboard.
– Choose your desired distribution, fill in the the required values, and then click on “Deploy”.
– Return to the dashboard and select your new configuration profile.
– Attach your old disk image to the drive setup of your new deployment.
– Boot into your new deployment and mount your old disk image.
– Copy your data.

Once you have redeployed your Linode, I’d also recommend implementing some of the security measures advised in our “Security Basics” guide to minimize the risks of a security breach in the future:

– http://library.linode.com/using-linux/security-basics

I hope that you have found this information helpful. Please keep us updated on your progress and findings.


若非注明,本博客内容均为原创或翻译自Linode Library,教程默认Centos为linux发行版,转载请注明转自linode中文教程www.linode.im。linode中文教程QQ群:185393826,一起讨论linode及linux,linode中文教程、linode代购、linode合租、linode推介、linode返佣、linode优惠。日本VPS、美国VPS、海外独立服务器代购均在linode.im。

  1. No comments yet.
  1. No trackbacks yet.