Translate

3/11/2014

Category MALICIOUS IP: 177.55.96.212 (BRAZIL)
Listed at SPAMHAUS (CBL)
Linux, FreeBSD or some other form of UNIX

The IP Address 177.55.96.212 is listed in the CBL (Composite Blocking List). It appears to be infected with a spam sending trojan, proxy or some other form of botnet. It was last detected at 2014-03-04 14:00 GMT (+/- 30 minutes), approximately 6 days, 21 hours ago.

CBL has detected that this IP is infected with (or NATting for) a spambot that attempts to break into other systems using stolen or compromised credentials and sends VERY VERY large volumes of spam. The infected machine is probably Linux, FreeBSD or some other form of UNIX, but sometimes Windows machines are infected. CBL has zero tolerance for reinfections.

Of late some of these infections are facilitiated by a SSH Rootkit. See this link for more details.



In most cases, this IP address would be that of a shared hosting environment. If you are a customer of this environment, you will almost certainly not be able to do anything about it, only the administrators of the hosting environment itself can. Please contact your administrators, and refer them to this page.

If the administrators are reluctant to do anything please try to convince them, because there is nothing you can do to fix this problem.

One way of finding the user that is infected and spewing spam is to use the "lsof" (list open files) utility. "lsof" is available for most versions of UNIX-like systems such as Linux as part of the official distribution, but may not be installed by default. So first, make sure you have it installed. On many systems such as Ubuntu, you can install it by:

TO READ THE REST OF THIS ARTICLE, go to:

http://cbl.abuseat.org/lookup.cgi?ip=177.55.96.212

An example of a Malicious Domain hosted in this IP is for example:
http://jatrol.com.br/
To see the full Report of this Domain, click the .txt Icon:

Document hosting: UploadEdit.com

Keine Kommentare:

Kommentar veröffentlichen