OVH Community, your new community space.

Bruteforce Via > ks389866.kimsufi.com


BBR
24/01/2014, 20h42
- installer fail2ban avec un bantime long et un nombre de tentatives bas
- envoyer les logs à abuse@ovh.net
ici on ne peut rien faire d'autre, et tous les serveurs ont ce genre de choses, c'est banal malheureusement

Caramania
24/01/2014, 20h18
Ce serveur bruteforce mon réseau depuis quelques jours.

Login Failures 307

; <<>> DiG 9.3.4-P1 <<>> -x 176.31.102.72 +noshort
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34585
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 6, ADDITIONAL: 10

;; QUESTION SECTION:
;72.102.31.176.in-addr.arpa. IN PTR

;; ANSWER SECTION:
72.102.31.176.in-addr.arpa. 56276 IN PTR ks389866.kimsufi.com.

;; AUTHORITY SECTION:
176.in-addr.arpa. 68204 IN NS tinnie.arin.net.
176.in-addr.arpa. 68204 IN NS sns-pb.isc.org.
176.in-addr.arpa. 68204 IN NS ns3.nic.fr.
176.in-addr.arpa. 68204 IN NS sec3.apnic.net.
176.in-addr.arpa. 68204 IN NS sec1.apnic.net.
176.in-addr.arpa. 68204 IN NS pri.authdns.ripe.net.

;; ADDITIONAL SECTION:
ns3.nic.fr. 137727 IN A 192.134.0.49
ns3.nic.fr. 154187 IN AAAA 2001:660:3006:1::1:1
pri.authdns.ripe.net. 3520 IN A 193.0.9.5
pri.authdns.ripe.net. 19381 IN AAAA 2001:67c:e0::5
sec1.apnic.net. 172643 IN A 202.12.29.59
sec1.apnic.net. 43107 IN AAAA 2001:dc0:2001:a:4608::59
sec3.apnic.net. 3520 IN A 202.12.28.140
sec3.apnic.net. 29286 IN AAAA 2001:dc0:1:0:4777::140
sns-pb.isc.org. 6448 IN A 192.5.4.1
sns-pb.isc.org. 26827 IN AAAA 2001:500:2e::1

;; Query time: 529 msec
;; SERVER: 213.186.33.99#53(213.186.33.99)
;; WHEN: Fri Jan 24 13:06:41 2014
;; MSG SIZE rcvd: 454