Is my server sending malicious requests?

Asked May 13 '20 at 16:05

Active May 14 '20 at 11:28

Viewed 55 times

I'm running a VPS with Ubuntu 20.04. Yesterday I received notice from my VPS provider that they got an abuse report pointing to the ip of my server. After some back-and-forth they asked the reporter for some logs and sent them to me: https://pastebin.com/FdZc5WH0

I checked all logs that could be remotely relevant, but there's nothing that has to do with these requests. I did a bunch of scans for malware/rootkits, but again nothing.

I'm actually starting to think it's a case of ip spoofing... is that a realistic scenario? Should my VPS provider be able to check if that's the case?

asked May 13 '20 at 16:05

batu.one

No, but he should be able to verify if they came from you. They do keep logs themselves, the "back-and-forth" is just for fun. – Gerard H. Pille May 13 '20 at 17:04
Thanks, I asked if they could verify from their side if these request indeed came from me. It’s under investigation. – batu.one May 15 '20 at 12:25

Is my server sending malicious requests?

0 Answers0