(Solved) Why is my CPU at 100%? A hard lesson learned on security.

[Pain_Twain]

Hey total noob here,

 

I run an Unraid server for 2 gaming VM's and sometimes a dedicated server for games. The last two days since setting up my dedicated server I have been maxing out CPU at 100%. I tried EVERYTHING, short of wiping all drives and reinstalling Unraid. The server was maxing out with no VM's or Docker containers active. I reboot and wait to see how long it takes to 100%, less than 2 minutes from fresh restart. I check the logs and I realize that my server was actively being attacked by random IP's on random ports. Some IP's led to Beijing and some may have gotten into my server. My password was probably the simplest password ever. Anyway I locked down my network, reset my Unraid password to something a toddler couldn't type and my logs show no external connection attempts. 

 

This post is half confession/warning to others. SECURITY! Make good passwords! I can't wait till next Unraid version and the forced strong passwords! Attached is hopefully none threatening screencap of my log during the "attack". 

 

TLDR; Noob wanted to host dedicated server, opened server through DMZ on router, constant login attempts from China. These login attempts 100%'d my CPU while idling. I don't know if they stole anything but lesson learned. Also the CCP couldn't figure out a simple 3 digit password LOL.

[trurl]

You should have a strong password, but even more important, you shouldn't put your server on the internet. Setup Wireguard (builtin) or use My Servers to access your server remotely.

 

https://wiki.unraid.net/Manual/Security

 

 

[Pain_Twain]

Thank you so so much! I am on it!  Nothing like a big  slice of humble pie for me tonight!