Linux automated SMB connection attempts: has my server been compromised
We have a Linux server running CentOS7. A few days ago we found out that it has started continuously attempting to connect to a Windows server share via port 445 using a certain user’s AD credentials. Every 2-3 seconds there is a SYN_SENT …