0

I have a m3.medium instance on Amazon EC2. Things are under development and my usual bandwidth usage is no more than 200 to 300 MB per day. I just noticed a spike in my EC2 bill and found out that I used 350+ GB bandwidth in just 10 hours yesterday. Is that even possible? Its cost is almost $40. What should I do?

Thanks

Sohail Ahmed
  • 231
  • 2
  • 10

1 Answers1

2

  1. it's likely that your server has been compromised, so do your due diligence to check this out.

  2. start a packet capture so you can determine the nature of the traffic.

  3. If you determine that the server was compromised, you may be able to work with AWS support to get the charges reversed.

EEAA
  • 109,363
  • 18
  • 175
  • 245
  • Do you think 350 GB could be consumed in 10 hours? There is no disk usage or IO, just processor and network-out bandwidth. I have set CloudWatch alarms to get notified whenever there is more than 10% CPU usage or 5 MB network-out bandwidth. So far, no alert. – Sohail Ahmed Aug 06 '14 at 15:12
  • 1
    If amazon says that you used that much transfer, it's highly likely that you did so. – EEAA Aug 06 '14 at 15:19
  • Oh! I will see if I can find something about my server if it is compromised. Would you suggest some tools or ways? I have checked Apache logs but I could not find anything useful. Is there a way to see what happened during that time? – Sohail Ahmed Aug 07 '14 at 03:29