[abuse at checkdomain.de: Abuse-Message [AbuseKey:QHVVF0XB1]: Attacks/Troubles Report for IP 217.149.246.3]

Artur Frysiak wiget at pld-linux.org
Tue Jan 11 13:00:07 CET 2011


2011/1/11 Andrzej 'The Undefined' Dopierała <undefine at aramin.net>:
> to juz chyba drugie zgloszenie dot tej maszyny. ktos sie wlamal? :)

Ja naliczyłem już 5 zgłoszeń.

> ----- Forwarded message from "Checkdomain.de - Abuse-Team" <abuse at checkdomain.de> -----
>
> X-Spam-Checker-Version: SpamAssassin 3.2.5 (2008-06-10) on
>        piastlan.piastlan.net
> X-Spam-Level:
> X-Spam-Status: No, hits=0.2 required=7.0 tests=SARE_SUB_OBFU_Q1 autolearn=no
>        version=3.2.5
> X-Spam-Report:
>        *  0.2 SARE_SUB_OBFU_Q1 FVGT - subject contains odd letter combination
> X-Original-To: undefine at aramin.net
> Delivered-To: undefine at aramin.net
> X-Virus-Scanned: by amavisd-new (PLD-Linux) at piastlan.net
> X-Original-To: feedback at lists.pld-linux.org
> Delivered-To: feedback at lists.pld-linux.org
> Delivered-To: feedback at pld-linux.org
> X-policyd-weight: NOT_IN_BL_NJABL=-1.5 NOT_IN_SPAMCOP=-1.5
>        NOT_IN_SBL_XBL_SPAMHAUS=-1.5 CL_IP_EQ_HELO_IP=-2 (check from:
>        .checkdomain. - helo: .host2a.checkdomain.)
>        FROM_MATCHES_HELO=-2 <client=85.10.200.87>
>        <helo=host2a.checkdomain.de> <from=abuse at checkdomain.de>,
>        rate: -8.5
> Date: Tue, 11 Jan 2011 04:57:24 +0100
> X-Authentication-Warning: host2a.checkdomain.de: www-data set sender to
>        abuse at checkdomain.de using -f
> To: feedback at pld-linux.org
> Subject: Abuse-Message [AbuseKey:QHVVF0XB1]: Attacks/Troubles Report for IP
>        217.149.246.3
> From: "Checkdomain.de - Abuse-Team" <abuse at checkdomain.de>
> X-Mailer: Checkdomain Express 0.14
> X-BeenThere: feedback at lists.pld-linux.org
> X-Mailman-Version: 2.1.9
> Precedence: list
> List-Id: "PLD: Feedback from users" <feedback.lists.pld-linux.org>
> List-Unsubscribe: <http://lists.pld-linux.org/mailman/listinfo/feedback>,
>        <mailto:feedback-request at lists.pld-linux.org?subject=unsubscribe>
> List-Archive: </mailman/pipermail/feedback>
> List-Post: <mailto:feedback at lists.pld-linux.org>
> List-Help: <mailto:feedback-request at lists.pld-linux.org?subject=help>
> List-Subscribe: <http://lists.pld-linux.org/mailman/listinfo/feedback>,
>        <mailto:feedback-request at lists.pld-linux.org?subject=subscribe>
> Errors-To: feedback-bounces at lists.pld-linux.org
>
> [english version below]
>
> Guten Tag feedback at pld-linux.org,
>
> von einem Rechner in Ihrem Netzwerk sind wiederholt Attacken/Störungen
> auf mindestens einen unser Server ausgegangen. Bitte tragen Sie dafür
> Sorge, dass Attacken/Störungen zukünftig unterbunden/abgestellt werden.
>
> Vorsorglich haben wir die verursachende IP-Nummer 217.149.246.3 bis
> zum:
>          Tue, 18 Jan 2011 03:40:59 +0100
> von der Kommunikation mit unseren Servern ausgeschlossen.
>
> Um mehr Details zu erfahren und/oder ein Rückmeldung an uns zu über-
> mitteln, steht Ihnen nachstehender Link zur Verfügung:
>     https://www.checkdomain.de/blacklist/?k=QHVVF0XB1
>
> Abuse-Team Checkdomain
>
> +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
>
> Dear feedback at pld-linux.org,
>
> a computer within your network repeatedly attacks at least one or
> more of our servers. Please ensure that attacks are prevented in future.
>
> Preemptively we blocked the respoonsible ip number 217.149.246.3 until:
>          Tue, 18 Jan 2011 03:40:59 +0100
> and excluded it from the communication with our servers.
>
> For more details and / or for providing feedback to us, you can use the
> following link:
>   https://www.checkdomain.de/blacklist/?k=QHVVF0XB1&l=en
>
> Abuse-Team Checkdomain
>
> ---------------------------------------------------------------------
> Checkdomain GmbH, Große Burgstraße 27/29, 23552 Lübeck, Germany
>
> tel +49 (0)451 70 99 70, fax +49 (0)451 70 99 727
> abuse at checkdomain.de, http://www.checkdomain.de
>
> ---------------------------------------------------------------------
> Geschäftsführer/CEO: Johannes Herold, Amtsgericht Lübeck, HRB 5100 HL
> ---------------------------------------------------------------------
>
> DETAILS ZU DEN ATTACKEN/STÖRUNGEN | DETAILS OF THE ATTACKS
> (letzten 60 Tage / max. 100 St.) | (last 60 days / max. 100 hits)
>
> ---------------------------------------------------------------------------------
> | IP-NUMBER: 217.149.246.3                                                      |
> | HOSTNAME : akcyza.pld-linux.org                                               |
> ---------------------------------------------------------------------------------
> | TIMESTAMP                  | ATTACKS             | TARGET-HOST                |
> ---------------------------------------------------------------------------------
> | 2011-01-11T04:44:56+01:00  | ssh: brute force    | host26.checkdomain.de      |
> | 2011-01-11T04:09:35+01:00  | ssh: brute force    | host31.checkdomain.de      |
> | 2011-01-11T03:40:59+01:00  | ssh: brute force    | host39.checkdomain.de      |
> ---------------------------------------------------------------------------------
>
> VORHERIGE SPERREN DER IP-NUMMER | BANNED HISTORY OF THIS IP-NUMBER
> ------------------------------------------------------------------
> 217.149.246.3: this ip-number was never banned before
>
>
> _______________________________________________
> feedback mailing list
> feedback at lists.pld-linux.org
> http://lists.pld-linux.org/mailman/listinfo/feedback
>
>
> ----- End forwarded message -----
>
> --
> Andrzej 'The Undefined' Dopierała
> Linux && Unix && Network administrator
> PLD Linux Developer      HomePage: http://andrzej.dopierala.name/
> JID: undefine at piastlan.net         e-mail: andrzej at dopierala.name
> _______________________________________________
> feedback mailing list
> feedback at lists.pld-linux.org
> http://lists.pld-linux.org/mailman/listinfo/feedback
>



-- 
Artur Frysiak


More information about the feedback mailing list