Malware Related > Compromised Servers

Help with server



My server gets hit with requests for something along this line ""
and also .sys or .eoaxl in place of .vdtker

I have removed the files that were written on the server and I have even changed servers with a complete re-upload of all legitimate files.

My problem is that I'm getting hit with a few thousand "not found" requests for this crap every day.
I can find no way to trace the referrer, it's blank.

Is there a cure for this?


There's no way of stopping the requests, no. Though you can of course use a re-write to redirect the requests - but if there's a large volume, I wouldn't recommend it (strictly for bandwidth issues).

These requests are likely coming from either compromised machines, or automated monitors.


[0] Message Index

Go to full version