Administrace komentářů

Zdravim, uz nekolik dni je na mou linku vedeny DDOS utok, na apache chodi hromada takovychto requestu:
62.35.200.3 - - [14/Jan/2014:08:42:32 +0100] "POST / HTTP/1.1" 403 276 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
112.200.49.196 - - [14/Jan/2014:08:42:32 +0100] "POST / HTTP/1.1" 403 276 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
83.200.150.147 - - [14/Jan/2014:08:42:40 +0100] "POST / HTTP/1.1" 403 276 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"


To se diky spolupraci s poskytovatelem (UPC) podarilo vicemene odfiltrovat, ovsem na sendmail je vedeny utok, ktery me znepokojuje vice (predpokladam, ze jde o brute hadani hesla, nebo jen snaha o vycerpani pameti). Na mailserveru vidim hromadu takovychto procesu:
root 4817 0.0 0.3 7796 2948 ? S 09:06 0:00 sendmail: server 233.13.112.78.rev.sfr.net [78.112.13.233] cmd read
root 4819 0.0 0.3 7796 2912 ? S 09:06 0:00 sendmail: server 62-193-57-73.as16211.net [62.193.57.73] cmd read
root 4820 0.0 0.3 7796 2912 ? S 09:06 0:00 sendmail: server [194.250.70.41] cmd read
root 4821 0.0 0.3 7796 2916 ? S 09:06 0:00 sendmail: server 109.209-31-46.rdns.acropolistelecom.net [46.31.209.109] cmd read
root 4822 0.0 0.2 7352 2088 ? S 09:06 0:00 sendmail: startup with [147.30.142.123]
root 4823 0.0 0.2 7352 2120 ? S 09:06 0:00 sendmail: startup with ip-125-252-84-90.asianetcom.net
root 4824 0.0 0.3 7796 2900 ? S 09:06 0:00 sendmail: server [171.76.26.245] cmd read


Linka, ackoliv v neni vytizena mnozstvim prenasenych dat, je prakticky nepouzitelna, ikdyz je web i mailserver vypnuty. Nemate prosim nejake napady, co s tim?


Diky