Results 1 to 5 of 5
Thread: Âèðóñè â ìðåæàòà?
Hybrid View
-
20th March 2016 10:50 #1Registered User
Join Date: Nov:2014
Location: Ïåðíèê
Posts: 114
Âèðóñè â ìðåæàòà?
Çäðàâåéòå, ìîæå ëè äà ìè ïîìîãíåòå ñ òîâà:
your Server with the IP: (âúíøíîòî íè IP) has attacked one of our server on the service:
"postfix" on Time: Wed, 16 Mar 2016 16:14:11 +0100 The IP was automatically blocked for more than 10 minutes. To block an IP, it needs
3 failed Logins, one match for "invalid user" or a 5xx-Error-Code (eg. Blacklist)!
Please check the machine behind the IP and fix the problem.
Åòî è ëîã ôàéëà:
attacked server: relay.netpilot.net
envelopesender: DuncanShawn1754@kyokushin-kz.com
enveloperecpient: mw4273@mucweb.de
Helo: [âúíøíîòî íè IP]
source-ip: âúíøíîòî íè IP
protocol: ESMTP
instance: predata22.67e5.56e97843.2c196.0
size: 0
reason: 22 -->570 Blocked by http://www.clean-mx.de/public?ip=%s ip of sending client is helo_name sender=<%s> helo_name=<%s> client_name=<%s>:
Evidences so far in total for this ip:1
*******
hint: apperently this is a nat device and some machine(s) in your internal networks is/are compromised.
please allow only your central MTA to traverse your firewall and block and log all others to detect infected zombies on your network.
******
 ìðåæàòà èìà 2 ñúðâúðà è îêîëî 30 êîìïþòúðà, äî òóê ïðîâåðèõ è äâàòà ñúðâúðà, íà åäèíèÿ ïîëçâàì ESET NOD 32 è Malwarebytes, íà íåãî íÿìà íèùî ïîíå ñïîðåä òåçè äâà àíòèâèðóñè, íà âòîðèÿ ñå ïîëçâà System Center 2012 Endpoint Protection è malwarebytes ñàìî çà ñêàíèðàíå. Ïúðâèÿ àíòèâèðóñ êàêòî íîäà íà äðóãèÿ å real time, äîêàòî Malwarebytes ãî ïîçëâàì ñàìî çà ðú÷íî ñêàíèðàíå, Êàòî àíòèâèðóñíàòà íå õâàùà íèùî, äîêàòî Malwarebytes-a òóê õâàíà íÿêîëêî ñïîðåä íåÿ Malware-à â ðåãèñòðèòå (ForceClassisControlPanel), êîåòî îáà÷å ñïîðåä Google íå å âèðóñ. Ìîëÿ çà ñúäåéñòâèå, ÷å àêî ñå îêàæå ÷å å íÿêîé êîìïþòúð íàäîëó ïî ìðåæàòà ùå å ìíîãî òðóäîåìêî
Ùå ñúì ìíîãî áëàãîäàðåí íà íÿêîé ñúâåò, êîéòî ùå ìå óëåñíè, ïðèìåðíî íà Server 2003 ÎÑ èìà ëè ëîãîâå íÿêúäå íà PC-òàòà â ìðåæàòà, òà äà òúðñÿ òàêúâ â òîçè ÷àñ è äåí, êîéòî å íà log ôàéëà.
-
20th March 2016 11:57 #2Registered User
Join Date: Oct:2003
Location: Ñîôèÿ
Posts: 4,317
Êîìïþòúð îò ìðåæàòà å è äà, ùå å òðóäîåìêî. Îò äðóãà ñòðàíà, òàêà è òàêà ùå òðÿáâà äà îáèêîëèø âñè÷êè êîìïþòðè, ïîíå ùå ìîæåø äà èì èíñòàëèðàø àíòèâèðóñíà ïðîãðàìà. Èìà äîñòàòú÷íî íà áðîé áåçïëàòíè.
-
20th March 2016 16:41 #3Registered User
Join Date: Sep:2003
Location: Where you live
Posts: 976
ïðîñòî íÿêîé îòâúí ñå îïèòâà äà òè èçïðàòè ìåéë (âåðîÿòíî ñïàì). Òî ñè ïèøå, àìà êîé äà ÷åòå: "attacked server: relay.netpilot.net"
-
20th March 2016 17:46 #4Registered User
Join Date: Nov:2014
Location: Ïåðíèê
Posts: 114
Òîâà å ÷å äîêîëêîòî çíàì íàâñÿêúäå èíà ëèöåíçèðàí íîä, îñâåí äà å áèëî åäíîêðàòíî îò pc âúðçàëî ñå â ìðåæàòà ïðèìåðíî ïðåç wifi òî. Çàòîâà è ïîïèòàõ èìà ëè íÿêàêúâ âàðèàíò äà ðàçáåðà êîé, ïðèìåðíî íÿêàêâè ëîãîâå íà ñúðâúðà? ÎÑ å server 2003
-
31st March 2016 20:28 #5Registered User
Join Date: Nov:2014
Location: Ïåðíèê
Posts: 114
Ïóñêàì è report-a:
Reported-From: abuse@clean-mx.de
Category: info
Report-Type: harvesting
Service: postfix
Version: 0.1
User-Agent: V2.1.8(09.10.2013) anti-scam-bot clean-mx.de
Date: Tue, 01 Mar 2016 14:28:41 +0100
Source-Type: ip-address
Source: âúíøíîòî íè ip
Port: 25
Report-ID: 90754800@postfix.clean-mx.de
Schema-URL: http://support.clean-mx.de/schema/xarf.json
Attachment: text/plain
- - - Àâòîìàòè÷íî ñëåòè ìíåíèÿ - - -
Ðóòåðà å Sysco Linksys E4200, ìîëÿ çà ñúâåò êàê äà áëîêèðàì òîçè ïîðò (25), àêî èçîáùî òîâà èìà åôåêò, ïîíå äîêàòî ìèíà ïðåç âñè÷êè PC -òà çàä íåãî.




Reply With Quote
Íå âúçìîæíîñò äà èçêëþ÷à êîìïþòúðà
7th May 2023, 16:02 in Îáù ôîðóì çà PC õàðäóåð