From: [email protected]
Subject: Abuse from your IP address - 67.160.52.165
Message:
Hello Networking/Systems Admin,
We have detected abuse from the IP address 67.160.52.165, which according to a whois lookup is on your network. We would appreciate if you would investigate and take action as appropriate.
** THIS IP ADDRESS IS NULL ROUTED on our entire network, including peering and transit, for a period of time not exceeding 24 hours from the date and time of this email.
Log lines are given below, but please ask if you require any further information.
(If you are not the correct person to contact about this please accept our apologies - your e-mail address was extracted from the whois record by an automated process. This mail was generated by Fail2Ban.)
Note: Local timezone is -0500 (EST)
/var/log/maillog:Mar 10 16:50:30 mail-av9.dca2.superb.net smtpd: 1331416230.016699 simscan:[25696]:CLEAN (0.20/10.00):0.6540s:Abuse - 67.160.52.165 connecting to port 22 on 46 hosts:66.148.95.125:[email protected]:[email protected]
/var/log/maillog:Mar 10 17:25:32 mail-av8.dca2.superb.net smtpd: 1331418332.227554 simscan:[14286]:CLEAN (0.20/10.00):1.6248s:Abuse - 67.160.52.165 connecting to port 22 on 168 hosts:66.148.95.125:[email protected]:[email protected]
/var/log/messages:Mar 10 16:50:28 sonar.superb.net nfsen[16688]: SCSD Compromised: external 67.160.52.165 Port 22 46 hosts.
/var/log/messages:Mar 10 16:50:28 sonar.superb.net nfsen[16688]: SCSD: Found 67.160.52.165 0 times in database within the last 12 hours
/var/log/messages:Mar 10 16:50:29 sonar.superb.net nfsen[16688]: SCSD: Sending email to : Abuse - 67.160.52.165 connecting to port 22 on 46 hosts
/var/log/messages:Mar 10 17:25:30 sonar.superb.net nfsen[17224]: SCSD Compromised: external 67.160.52.165 Port 22 168 hosts.
/var/log/messages:Mar 10 17:25:30 sonar.superb.net nfsen[17224]: SCSD: Found 67.160.52.165 1 times in database within the last 12 hours
/var/log/messages:Mar 10 17:25:30 sonar.superb.net nfsen[17224]: SCSD: Sending email to : Abuse - 67.160.52.165 connecting to port 22 on 168 hosts
We have detected abuse from the IP address 67.160.52.165, which according to a whois lookup is on your network. We would appreciate if you would investigate and take action as appropriate.根据一项明细调查,我们检测到在你的网络上有个IP地址67.160.52.165受到了滥用,** THIS IP ADDRESS IS NULL ROUTED on our entire network, including peering and transit, for a period of time not exceeding 24 hours from the date and time of this email.这个IP地址在我们的网络上是空的行径,包含了对等和转接,在这封邮件发出的时候已经运行了不超过24小时。 Log lines are given below, but please ask if you require any further information.计程线已经列在下面了,如果你需要任何进一步的信息,请来问我们。You may contact us at [email protected]你可以联系[email protected]
(If you are not the correct person to contact about this please accept our apologies - your e-mail address was extracted from the whois record by an automated process. This mail was generated by Fail2Ban.)(如果你不是接收邮件的正确人选,请接受我们的道歉---你的邮件地址是通过自动程序的明显记录追踪到的。这封邮件是由Fail2Ban发送的。)
发表于 2012-3-11 16:02:35
发表于 2012-3-11 16:17:17
楼主