Highest Voted 'abuse' Questions - Server Fault Stack Exchange

0

votes

0 answers

failed/unauthorized logins attempts via SMTP/IMAP

My server host sent me this message: 80 failed/unauthorized logins attempts via SMTP/IMAP We have detected abuse from the IP address xx.xxx.xx.xx, which according to a whois lookup is on your network. Jan 31 07:24:30 server postfix/smtpd[12371]:…

asked Feb 03 '16 at 10:39

khalid

101
1

0

votes

2 answers

Prevent abuse of sendmail for spam

In web servers that host many websites there is always the possibility of a hacked site being abused in order to send spam mails with some kind of php mailer bot. In my case sendmail is configured for mailing in the php.ini of each site, and I am…

sendmail spam abuse

asked Jul 10 '14 at 18:42

Cobra Kai Dojo

447
2
6
21

0

votes

3 answers

Online domain or link filter?

I plan to do a tinyurl like site. The problem is i dont want domains to hide behind me if they are up to no good. An example site is http://www.noob.com/. Firefox+google reports it as a attack site. If i can get an automatically updating blacklist…

asp.net blacklist abuse

asked Aug 26 '09 at 13:19

user274

0

votes

2 answers

Prevent hotlinking at DNS level

I used my own server to host an example file (an image) when I posted an answer to a question at StackOverflow. Now someone has copied the code I used, including the URL to the file on my server. The site they are using it on is relatively high…

domain-name-system hotlinking abuse

asked Dec 13 '12 at 17:32

Tatu Ulmanen

161
1
7

0

votes

3 answers

Help locate DNS blockage

It appears that there is something blocking a large number of consumers from getting to www.webs.com. This seems to be caused by a blockage of dns queries ending with webs.com. Can anyone duplicate this problem and determine where the blockage is…

domain-name-system abuse

asked Feb 20 '11 at 19:05

Zeki

113
4

0

votes

0 answers

How to prevent NetScan on a dedicated server?

we have a dedicated server from Hetzner, we are using it to provie nat vps to users, the problem we are facing is that users (which we don't know how to trace) is attempting netscan due to which our dedicated server is getting its ipv4 access to…

networking nat ipv4 abuse

asked Aug 01 '22 at 15:41

Blohsh

1

0

votes

0 answers

What is best practice for reporting vulnerability scans?

While reading our logs I came across several requests that seems to be scanning for vulnerabilities on our web app. 2021-09-25T17:32:44.164858+00:00 app[web.1]: 54.39.216.121 - - [25/Sep/2021:17:32:44 +0000] "GET…

whois vulnerabilities abuse

asked Sep 25 '21 at 18:18

dotnetCarpenter

133
1
5

0

votes

1 answer

Why my port 27015 is scanned by several ISP across the world?

I configured my server to block all ports except 22,80 and 443 with UFW. I then created a fail2ban rule to put in jail every IP that scan ports unsuccessfully more than 5 times and report it to AbuseIP. After some adjustments it's working well so…

port fail2ban ufw port-scanning abuse

asked Aug 24 '21 at 00:31

Climbatize

101
2

0

votes

1 answer

My Server is sending malicious SSH requests

I am facing weird issue on my server (Unix). There are couple vendors reported me that my server is sending malicious requests to their server by using SSH Protocol. I have already checked the system logs under /var/log but didn't get anything…

ssh unix unix-shell abuse malicious

asked May 19 '20 at 14:05

sumit vedi

11
1
1

0

votes

0 answers

Is my server sending malicious requests?

I'm running a VPS with Ubuntu 20.04. Yesterday I received notice from my VPS provider that they got an abuse report pointing to the ip of my server. After some back-and-forth they asked the reporter for some logs and sent them to…

ubuntu abuse requests malicious

asked May 13 '20 at 16:05

batu.one

1

0

votes

1 answer

SSH Brute Force Login Attempts - enable automated email to abuse-mailbox

Running some servers I noticed increased SSH Brute Force Login Attempts over the years. fail2ban is a great tool which massively slows them down and can email the abuse-mailbox/OrgAbuseEmail of the network admin's IP range by querying the RIPE…

ssh fail2ban brute-force-attacks abuse

asked Mar 05 '20 at 22:29

Rainer Rillke

123
5

-1

votes

1 answer

Hetzner netscan abuse

A few days back I have received the abuse notification from Hetzner datacenter. There seems to be a netscan going on my server. What I don't understand is that why the destinations are the local network IPs? What does that mean and how should I stop…

linux centos hetzner abuse

asked Jun 19 '18 at 14:02

Liverpool Alid

1
1
1

-1

votes

2 answers

How can I block a geo DNS host?

I am currently operating a free VPN service and lately I've been getting a lot of abuse emails from the Sony Playstation network saying that there is brute forcing coming from my server IPs against their users account API. Email Below: To whom it…

iptables abuse geodns

asked Apr 26 '17 at 06:03

samgreeneggsham

1
1
1

-1

votes

1 answer

How to prevent an openly recursive DNS server from being abused for DNS amplification

I have a business need to provide an open and recursive DNS. This DNS has of course been heavily abused by DNS amplification attacks, resulting in 5-10 Mbps sustained outbound load only caused by spoofed ANY requests. I thus had to find a solution…

domain-name-system iptables block spoofing abuse

asked Jan 03 '17 at 00:31

John

103
1
5

-1

votes

2 answers

How to handle an abuse complaint?

I have just received an abuse complaint from my hosting service: [2014-04-04 03:30:23 CET] [Timestamp:1396575024] [11717182.634230] Firewall: UDP_IN Blocked IN=eth0 OUT= SRC=My IP DST=128.204.203.251 LEN=70 TOS=0x00 PREC=0x00 TTL=118 ID=6181…

domain-name-system firewall udp abuse

asked Apr 05 '14 at 06:16

kleinohad

109
2

Questions tagged [abuse]