UDP Flood Attack

Post Reply
Varnish
Posts: 2
Joined: Thu Jun 02, 2022 6:19 pm

Hello everyone,

I'm afraid there are vulnerabilities in myVesta.

This morning I receive a communication from my provider who tells me that my cloud instance has been suspended.
By going to check their report, UDP Flood attacks on some IP addresses, apparently Russian, are evoked.
I state that the server in question is used only and exclusively by me, no SSH/FTP access is provided to others and that PHP does not allow the execution of shell/exec. Also, no servers like exim or dovecot are installed, only php-fpm, and other basic services like mysql/mariadb. The firewall service works regularly, as well as fail2ban and ssh access is allowed only by key.
The panel, although present with a different door from the original one, is exposed to the outside as well as the bees. Is there a flaw in one of these resources?

I await your feedback on this.
Thank you for your attention.

A greeting,
Varnish.
Post Reply