IDC说我 恶意扫描 发垃圾邮件 我汗

6326***

We've gotten an abuse complaint for an IP belonging to you, 199.30.52.203.

In order to make sure you receive this email without it being filtered by spam filters, we haven't copied / pasted the complaint, so if you'd like to view the full complaint, please log in to our ticket system at https://manage.ioflood.com where you can see the full complaint ticket.

It would seem that one of your IPs is port scanning other servers, which is usually used to look for hosts with weak passwords or insecure software for the purpose of hacking into them.

------------------------
(管理员: Thierry) 发表时间: 2012-07-08 18:39
In most cases, this is being done without the knowledge of the customer who is doing the scanning, and is a result of their own service being infected in a similar manner. As such, an OS reinstall (or reinstall of a customer's VPS if applicable) is usually necessary to completely clear out the issue, although in some cases the infection may only be affecting a non-root account, in which case it may be possible to clear this up without reinstalling your OS.

------------------------
(管理员: Thierry) 发表时间: 2012-07-08 18:39
This kind of port scanning activity is not allowed as per our ToS, so if you could look into the matter and get back to us, it would be greatly appreciated.


------------------------
(管理员: Thierry) 发表时间: 2012-07-08 18:39
(time zone of log is PDT, which is UTC-07:00, date is MMDD)
log entries are from Cisco netflow, time is flow start time
date.time srcIP srcPort dstIP dstPort proto #pkts
0707.10:56:46.924 199.30.52.203 4935 131.215.109.27 3389 6 1
0707.10:57:57.812 199.30.52.203 4935 134.4.107.172 3389 6 1
0707.10:58:01.909 199.30.52.203 4935 134.4.130.4 3389 6 1
0707.10:59:47.175 199.30.52.203 4935 131.215.254.31 3389 6 2
0707.11:01:17.191 199.30.52.203 4935 131.215.213.37 3389 6 1
0707.11:02:55.362 199.30.52.203 4935 134.4.127.242 3389 6 1
0707.11:03:01.423 199.30.52.203 4935 134.4.84.166 3389 6 1
0707.11:03:02.468 199.30.52.203 4935 134.4.219.162 3389 6 1

------------------------
(管理员: Thierry) 发表时间: 2012-07-08 18:40
0707.11:14:57.086 199.30.52.203 4935 131.215.169.7 3389 6 1
0707.11:21:28.159 199.30.52.203 4935 131.215.47.80 3389 6 1
0707.11:25:47.090 199.30.52.203 4935 134.4.93.6 3389 6 1
0707.11:27:14.990 199.30.52.203 4935 131.215.4.182 3389 6 1
0707.11:28:24.681 199.30.52.203 4935 131.215.35.202 3389 6 1
0707.11:34:59.921 199.30.52.203 4935 134.4.92.222 3389 6 1
0707.11:44:49.822 199.30.52.203 4935 131.215.6.3 3389 6 1
0707.12:13:25.730 199.30.52.203 4935 131.215.11.88 3389 6 1
0707.12:14:44.458 199.30.52.203 4935 131.215.105.153 3389 6 1
0707.12:17:23.876 199.30.52.203 4935 131.215.220.205 3389 6 1
0707.12:33:21.075 199.30.52.203 4935 134.4.169.180 3389 6 1
0707.12:33:38.996 199.30.52.203 4935 134.4.164.236 3389 6 1
------------------------
(管理员: Thierry) 发表时间: 2012-07-08 18:40

天外***

你自己的网站 干什么了 你自己清楚啊

6326***

天外*** 发表于 2012-7-9 08:09
你自己的网站 干什么了 你自己清楚啊

关键我自已不清楚啊······

天外***

6326*** 发表于 2012-7-9 22:48
关键我自已不清楚啊······

那没招儿了