用shadowsocks的大神看过来

xieshenglin

分享的shadowsocks帐号，用的linode和krypt服务器，目前都收到了机房的投诉。

投诉内容如下：

Dear Customer,
We received abuse complaint regarding to your server, suxowu8svp.suvm at 98.126.*.*.
Your server is attacking other networks. Please, stop this activities immediately.


COMPLAINT


To whom it may concern,

Pursuant to Sony Network Entertainment International LLC ("SNEI")
corporate policy, the below IP addresses were blacklisted from using our
services because SNEI detected activity that is abusive to our network services.
In our determination, the abusive activity was not related to velocity or
volume, but matched the specific patterns of known abuse of our publicly
available services. This abuse may be the result of a computer on your network
that has been compromised and is participating in a botnet abuse of our
services.

The following table of IP addresses, dates and times should help you correlate
the origin of the abusive activity. The time stamps are approximate from our
logs. The actual timing of the events depend on the signature matched. It is
very likely to have occurred both before, during and following the times
listed.

Approximate Time Range (UTC), IP Address, Reason
2016-06-16 20:16 ~ 2016-06-16 20:46 (UTC), 98.126.219.3, Account Takeover
Attempts

It is most likely the attack traffic is directed at one of the following
endpoints:

account.sonyentertainmentnetwork.com
auth.np.ac.playstation.net
auth.api.sonyentertainmentnetwork.com
auth.api.np.ac.playstation.net

These endpoints on our network are resolved by Geo DNS, so the IP addresses they
resolve to will depend on the originating IP address.

The destination port will be TCP 443.

Please take the necessary measures to correct the malicious activity from the
above-listed IP addresses as soon as possible to avoid any further disruptions.
If we were to remove any of these IP addresses from the blacklist and subsequent
abusive activity is detected, the IP address will be promptly blacklisted again.



We thank you for your prompt attention to this matter. If you require assistance
or additional information please contact snei-noc-abuse@am.sony.com and include
the IP address in question.

Thank you


--
Sincerely,
Kraiphob Tanaboriboon, Anti-Abuse & NOC analyst

Rate us at https://my.krypt.com/app/rate

xieshenglin

请问有没有防止的办法，或者如何找出是哪个端口号干的

doors

被人发滥用了吗？垃圾邮件？

斜阳晚暮

DDos攻击，被人爆了？

xy2938

英语盲也学人家卖ss，小学生厉害的不行
这个是索尼娱乐的投诉，应该是ps3/4
并不是那个索尼影业

xieshenglin

再来一个投诉，这个貌似是被投诉滥用发送垃圾邮件的，解决方案大致有了，打算封掉邮件端口。
但来自索尼的投诉怎不知道该怎么解决或者是预防。

Abuse report for email from: 98.126.*.*.
Email was received: Fri, 17 Jun 2016 17:38:35 -0500 (CDT).
IP Address 98.126.219.3 is now blacklisted.

Paste the following URL into your browser to acknowledge:
http://m.USGOabuse.net/_AbuseAck?nBvc3RtYXN0ZXJAY2hjbC5jb206MjAxNjA2MTcxNzM4MzUxMDEwOTg5MDAwMTM6OTguMTI2LjIxOS4zOl86Og--
OR
If the above URL presents problems, go to:
http://m.USGOabuse.net/_AbuseAck
where you will need to enter the following information:

Mailbox:
nBvc3RtYXN0ZXJAY2hjbC5jb20-
Message:
jIwMTYwNjE3MTczODM1MTAxMDk4OTAwMDEz
Source:
jk4LjEyNi4yMTkuMw--

We ask only that you acknowledge this report, even if the email
appears to be legitimate from your perspective. Repeated reports
regarding the same source that are unacknowledged will eventually
result in blacklisting. Thanks for your kind cooperation.

This report is in Abuse Reporting Format ("ARF", see RFC5965).
As specified by this IETF standard, the complete headers and
text are included in the message/rfc822 section of this email.

When available, the recipient addresses of our reports are
provided by the Abuse Contact DB at abusix.com. Abusix.com
does not maintain the content of the database. All information
which they pass out derives from the RIR databases and is
processed for ease of use. If you want to change or report
non-working abuse contacts, please contact the appropriate RIR.
If you have any further questions about this database, contact
abusix.com via email at info@abusix.com. Information about
the Abuse Contact Database can be found here:
https://abusix.com/contactdb.html
Abusix.com is neither responsible nor liable for the content
or accuracy of this message.

bitss

限制同一IP连接数，限制限制同一IP连接速度.

xieshenglin

斜阳晚暮 发表于 2016-6-24 12:01
DDos攻击，被人爆了？

不是DDos攻击

xieshenglin

xy2938 发表于 2016-6-24 12:03
英语盲也学人家卖ss，小学生厉害的不行
这个是索尼娱乐的投诉，应该是ps3/4
并不是那个索尼影业 ...

嗯，请问是否有解决方案呢，被投诉好几次了

嫂子抱紧我

当跳板搞爆破psn帐号 自己看ip封帐号 有多难