Hi all,

I just ordered an unmanaged vps (openvz-based) last week. There's nothing much on the server, just running sshd, proftp and apache stuff for testing. Everything was fine till today morning. I realized that the server was rebooted for like five times in a row. I do notice there's some SSH dictionary attacks from time to time, but I employ hosts.deny, disable rootlogin and other safety measures, so basically those attempts don't succeed. I don't run any cron job either, just some logrotate and logwatch entries in the hourly/daily/weekly/monthly cronjob dirs.

reboot system boot 2.6.18-128.2.1.e Fri May 21 07:51 - 09:02 (01:11)
reboot system boot 2.6.18-128.2.1.e Fri May 21 07:32 - 07:51 (00:18)
reboot system boot 2.6.18-128.2.1.e Fri May 21 03:56 - 07:15 (03:18)
reboot system boot 2.6.18-128.2.1.e Fri May 21 03:38 - 03:55 (00:16)
reboot system boot 2.6.18-128.2.1.e Fri May 21 01:26 - 03:55 (02:29)


May 21 03:39:28 myvps /usr/sbin/cron[28546]: (CRON) INFO (pidfile fd = 3)
May 21 03:39:28 myvps /usr/sbin/cron[28554]: (CRON) STARTUP (fork ok)
May 21 03:39:30 myvps /usr/sbin/cron[28554]: (CRON) INFO (Running @reboot jobs)


May 21 04:54:59 myvps /usr/sbin/cron[1524]: (CRON) INFO (pidfile fd = 3)
May 21 04:54:59 myvps /usr/sbin/cron[1529]: (CRON) STARTUP (fork ok)
May 21 04:54:59 myvps /usr/sbin/cron[1529]: (CRON) INFO (Running @reboot jobs)

Nothing looks suspicious from the log files, even single reboot would take hours. Eg. 03:56 - 07:15 (03:18). I just couldn't figure out what's wrong. Is my box having problem?

P/S: My vps is back online now, after the recent reboot. I shut down some services at the moment except sshd is listening.

Duh, looks like it was probably unscheduled maintenance.