Questions tagged [abuse]
47 questions
2
votes
1 answer
How to automatically get abuse email address based on IP address
Unfortunately I've been the target of a DDoS attack. The attackers are abusing DNS services of others. I'd like to email the owners of these DNS services, but I don't want to manually run 500+ whois lookups. Is there a way / script to automate this…
XTF
- 165
- 1
- 8
2
votes
3 answers
Limiting CPU/IO usage for linux services
I've seen EXIM crash a system when it gets loaded by 10000s of e-mails from a user/script. I was wondering if there was a way to limit it's usage on a system and protect the system or service from abuse.
Tiffany Walker
- 6,541
- 13
- 53
- 77
2
votes
1 answer
How do I know if an abuse report about unsolicited is actually about my server?
I received an Abuse-Message from the operators of dnsbl.de. To me it sounds like it has nothing to do with me, but since it is too serious I don't want to do "guess work" and check whether it really is.
What I got
Here is an excerpt of the mail…
yankee
- 177
- 2
- 6
1
vote
2 answers
Another domain is pointing to my server, and Google is indexing that one rather than mine
So I own www.example.com.
I have an A record pointing to my IP, and also have a CNAME for www.
Clearly my IP is shared, because if I access it, I get taken to www.domain.com
Anyway, last week, I googled for www.example.com, and it's been indexed…
chongus
- 11
- 2
1
vote
1 answer
Why is kjournald showing up 700 times in `netstat`?
AFAIK, kjournald is not a network program, but a program that deals with the journal of EXT3 (I am running EXT4 on Ubuntu 16.04). Still, when running sudo netstap -tapn it shows up almost 700 times, connecting to an IP belonging to some company in…
oligofren
- 601
- 2
- 8
- 21
1
vote
2 answers
reporting abuse of phishing site (email not monitored)
The following server is phishing our university site:
http://webmailadm-unipi-it-src-login-php.mywap.lt/main.php?z=1
Looking into WHOIS database I find a contact email (which coincides with registrar email). I send an email and the response…
Emanuele Paolini
- 161
- 5
1
vote
1 answer
Does somebody know a lot of linux debian and abuse warnings?
I received the last week a lot of e-mails from the company where I have a server.. Can somebody please help me to fix this 'abuse'? Using Linux Debian 8
We have detected abuse from the IP address XX.XX.XXX.XX, which according to a whois lookup is on…
Ask_Overflow
- 15
- 4
1
vote
1 answer
Do I have to have the IP address of a server to initiate a DMCA takedown if the server is behind a service like Cloudflare?
We have some content that is, well, "contested". The site that is misusing our content is being hosted by Cloudflare. I'm concerned that I will need to know the IP address of the server hosting the content in order to issue a DMCA takedown. Does the…
MostlyCarbonite
- 29
- 2
1
vote
2 answers
Which domain should have 'abuse' or 'postmaster' or "fbl" email accounts?
Consider that I am providing SMTP services for several clients and the sender / SMTP domain is mails.mysmtp.com. When client A is using my email infrastructure, he may use from address (from header) as 'info@client1domain.com', same way client B may…
mark
- 11
- 1
1
vote
1 answer
Debian 7.2 (wheezy) - Block domain
0 down vote favorite
A few days ago I figured out that someone was trying to get access to my mailserver, obviously to send spam emails through.
After some research I found out that the sender uses a domain, refering to my server. Like you bind your…
Thyrador
- 13
- 2
1
vote
2 answers
spamming domain registrar with multiple host records, same IP
Yesterday, I noticed that a client (who has just enough knowledge of networking to be dangerous) had messed up one of his nameserver records. We'd recently relocated to a different colocation provider, and ns2.his-domain.com was pointing back to…
Matt Hucke
- 113
- 5
1
vote
1 answer
How can I block all traffic to PlayStation network?
Guys I have multiple servers with OpenVPN installed on them and they are all getting suspended left and right due to abuse reports from PlayStation network . Now , I'm assuming that my VPN clients are trying to crack PlayStation accounts , right ?…
master lfc6
- 27
- 1
- 6
0
votes
1 answer
Server Abuse/Proxy Abuse -- Automated Tunneling (Unique IP's = Hundreds, Thousands of Requests)
I run a simple Proxy/General-Use website me and a few friends use at kerenua.xyz, however, starting 3~ weeks ago, an enormous amount of traffic started flooding in from hundreds of (unique) IP addresses.
At peak 'usage' this traffic amounted to 200…
Riley Wells
- 9
- 2
0
votes
2 answers
Detecting proxy server connections
We are having issues with users using proxy servers and causing trouble on our website. Is there an updated SQL list of proxy servers, indexed by IP, available anywhere so that we can query it and prevent access to those using proxy servers?
Yak
0
votes
1 answer
My Python webserver is being bombarded with malicious PHP requests. Should I do something?
My Python server (running Flask, uWSGI & NGinx) is currently receiving a ton of GET requests for what I assume are PHP hacks and exploits. Here's a few I've pulled from my logs:
"GET /dbadmin/index.php HTTP/1.1" 404
"GET /web/phpMyAdmin/index.php…
Stephen Malone
- 123
- 1
- 6