Fórum československých telekomunikací
https://classic.ispforum.cz/
kolousekkk píše:mam tam toto a neni u toho ani bajtik napocitany, cili evidentne neco spatne nebo je to na tom portu ciste. Od poskytovatele mam ze jde neco na portu 8080
59 ;;; BLOCK SPAMMERS OR INFECTED USERS
chain=forward action=drop protocol=tcp src-address-list=spammer
dst-port=25
60 ;;; Detect and add-list SMTP virus or spammers
chain=forward action=add-src-to-address-list connection-limit=30,32
protocol=tcp address-list=spammer address-list-timeout=1d dst-port=25
limit=50,5:bit
To whom it may concern,
Pursuant to Sony Interactive Entertainment LLC ("SIE") corporate policy, the below IP addresses were blacklisted from using our services because SIE detected activity that is abusive to our network services. In our determination, the abusive activity was not related to velocity or volume (many users behind the same IP address, i.e. NAT), but matched the specific patterns of known abuse of our publicly available services. This abuse may be the result of a computer on your network that has been compromised and is participating in a botnet abuse of our services.
The following table of IP addresses, dates and times should help you correlate the origin of the abusive activity. The time stamps are approximate from our logs. The actual timing of the events depend on the signature matched. It is very likely to have occurred both before, during and following the times listed.
Approximate Time Range (UTC), IP Address, Reason2017-01-21 17:06 ~ 2017-01-21 17:36 (UTC), 185.86.99.251, Account Takeover Attempts
It is most likely the attack traffic is directed at one of the following endpoints:
account.sonyentertainmentnetwork.comauth.np.ac.playstation.netauth.api.sonyentertainmentnetwork.comauth.api.np.ac.playstation.net
These endpoints on our network are resolved by Geo DNS, so the IP addresses they resolve to will depend on the originating IP address.
The destination port will be TCP 443.
Please take the necessary measures to correct the malicious activity from the above-listed IP addresses as soon as possible to avoid any further disruptions. If we were to remove any of these IP addresses from the blacklist and subsequent abusive activity is detected, the IP address will be promptly blacklisted again.
We thank you for your prompt attention to this matter. If you require assistance or additional information please contact snei-noc-abuse@am.sony.com and include the IP address in question.
Thank you
pin píše:U sony určitě nejsi na blacklistu kvůli spamům. Jedině, že by někdo dělal neslušné návrhy jejich uklizečce. Tam to bude na 99% kvůli útokům na jejich IP (služby playstation a atd..).
Začni hledat jejich IP rozsahy a pak zapátrej v síti.
Z historie jsem našel i mail od nich. Je dobré, když mají kam napsat při problému...To whom it may concern,
Pursuant to Sony Interactive Entertainment LLC ("SIE") corporate policy, the below IP addresses were blacklisted from using our services because SIE detected activity that is abusive to our network services. In our determination, the abusive activity was not related to velocity or volume (many users behind the same IP address, i.e. NAT), but matched the specific patterns of known abuse of our publicly available services. This abuse may be the result of a computer on your network that has been compromised and is participating in a botnet abuse of our services.
The following table of IP addresses, dates and times should help you correlate the origin of the abusive activity. The time stamps are approximate from our logs. The actual timing of the events depend on the signature matched. It is very likely to have occurred both before, during and following the times listed.
Approximate Time Range (UTC), IP Address, Reason2017-01-21 17:06 ~ 2017-01-21 17:36 (UTC), 185.86.99.251, Account Takeover Attempts
It is most likely the attack traffic is directed at one of the following endpoints:
account.sonyentertainmentnetwork.comauth.np.ac.playstation.netauth.api.sonyentertainmentnetwork.comauth.api.np.ac.playstation.net
These endpoints on our network are resolved by Geo DNS, so the IP addresses they resolve to will depend on the originating IP address.
The destination port will be TCP 443.
Please take the necessary measures to correct the malicious activity from the above-listed IP addresses as soon as possible to avoid any further disruptions. If we were to remove any of these IP addresses from the blacklist and subsequent abusive activity is detected, the IP address will be promptly blacklisted again.
We thank you for your prompt attention to this matter. If you require assistance or additional information please contact snei-noc-abuse@am.sony.com and include the IP address in question.
Thank you
Petr.
