Dear colleagues, our IDS department has detected suspicious network patterns related to a VM owned by user_id burkhard-krome (tenant_id 77480c33ee364afc9a6379b83e8dadc0). We're seeing sustained packet rates of about 140k packets/s, with more than 3TB of data transferred since Friday. The pattern appears to be consistent with a DoS traffic. In the meanwhile, we have paused both VMs that the user was running here in Prague. What is the recommended form of notification to the user? What is the procedure for blocking their access to the nodes? What are the next steps that we should take? With kind regards, Jan
You can get more information about our cookies and privacy policies clicking on the following links: Privacy policy Cookies policy