刚给我发的邮件 然后我就赶紧登上去看看 一看 被封了,好气 啥也没干 直接删了
По факту обнаружения вредоносной активности с вашего IP адреса, в соответствии пунктам 2.3 и 2.4 Приложения 1 к Договору публичной оферты ваш сервер будет остановлен и заблокирован.
Во избежание блокировки просим устранить указанные далее нарушения в течение суток.
Пожалуйста, ознакомьтесь с инцидентом:
Лог копировать сюда или ссылка на SBL
----
Kind regards,
Ruvds abuse team.
---- Пересылаемое сообщение от root@pluto.tectus.net (root) ---
Отправитель: root@pluto.tectus.net (root)
Получатель: support@ruvds.com
Тема: attacks from your network to my server
Дата: 05.09.2020 19:59:05 (Europe/Moscow)
Dear support/abuse/whatever team/or to whom it may concern,
I've been running this server (tectus.net / 85.183.147.115) a while now and I've
allways been tolerant to some script kiddies trying to breach into it using port
22 (ssh).
But after some time it began to anoy me and now I will report each of these
incidents to your distribution lists for further action.
Below is the jwhois output from the delinquent using the IP 45.143.94.92 at
2020-09-05 18:58:06 (GMT+1) from where I got your contact details:
--------------------------------------------------------------------------------
[Querying whois.arin.net]
[Redirected to whois.ripe.net]
[Querying whois.ripe.net]
[whois.ripe.net]
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '45.143.94.0 - 45.143.94.255'
% Abuse contact for '45.143.94.0 - 45.143.94.255' is 'support@ruvds.com'
inetnum: 45.143.94.0 - 45.143.94.255
netname: RU-RUVDS-20191211
country: RU
org: ORG-MFL16-RIPE
admin-c: RVS268-RIPE
tech-c: RVS268-RIPE
status: ASSIGNED PA
mnt-by: IP-RIPE
mnt-routes: MNT-RETN
mnt-domains: MNT-RETN
created: 2019-12-11T11:28:12Z
last-modified: 2019-12-11T11:28:32Z
source: RIPE
organisation: ORG-MFL16-RIPE
org-name: MT FINANCE LLC
org-type: OTHER
address: Glinischevskiy per., 3, kom. 226
address: 125009 Moscow
address: Russia
abuse-c: RVS268-RIPE
mnt-ref: IP-RIPE
mnt-by: IP-RIPE
created: 2018-10-16T15:38:35Z
last-modified: 2018-10-16T15:39:37Z
source: RIPE # Filtered
role: RU VDS Support
address: Glinischevskiy per., 3, kom. 226
address: 125009 Moscow
address: Russia
abuse-mailbox: support@ruvds.com
admin-c: YB1456-RIPE
tech-c: YB1456-RIPE
nic-hdl: RVS268-RIPE
mnt-by: IP-RIPE
created: 2018-10-16T15:38:36Z
last-modified: 2018-10-16T15:39:16Z
source: RIPE # Filtered
% Information related to '45.143.94.0/24AS9002'
route: 45.143.94.0/24
descr: RU-RUVDS
origin: AS9002
mnt-by: MNT-RETN
created: 2019-12-11T12:50:36Z
last-modified: 2019-12-11T12:50:36Z
source: RIPE
% This query was served by the RIPE Database Query Service version 1.97.2
(HEREFORD)
--------------------------------------------------------------------------------
The reason why I'm sending you this mail, is the following /var/log/secure log
entry of my server:
--------------------------------------------------------------------------------
Sep 5 18:58:06 pluto sshd[22231]: Failed password for root from 45.143.94.92 port
40726 ssh2
--------------------------------------------------------------------------------
So could you please give the above mentioned user of your network a warning, block
the ip traffic to my server, or do whatever else is needed to stop me sending you
these messages.
Thanks
root@tectus.net
---- Конец пересылаемого сообщения --- |
发表于 2020-9-6 06:50:20
楼主
然后就给封了 真是搞不懂