SECURITY ALERT | Server Outbound Connection Activity Detected (TCP 23 / 2323)
- 2026-06-17
- 21:30:00
Dear Users,
We recently observed abnormal outbound connection activities on certain servers, primarily involving TCP ports 23 / 2323 (Telnet-related services).
The issue has been resolved after system reinstallation in affected environments.
At this stage, the behavior appears to be related to unauthorized system-level activities or third-party components in some environments. A full root cause depends on individual server configurations.
⚠️ Important Notice:
If your server is running Nezha Monitoring (哪吒探针) or similar third-party monitoring tools, we recommend:
- Checking for latest official updates
- Reviewing system security configuration
- Reinstalling or hardening the system if any abnormal behavior is detected
Recommended Security Actions:
- Reinstall or update the operating system
- Check unknown processes and scheduled tasks (cron/systemd)
- Block or restrict outbound access to high-risk ports (23 / 2323)
- Ensure SSH credentials are secured and updated
We appreciate your understanding and cooperation.
