SHARE
TWEET

Untitled

a guest Apr 22nd, 2019 64 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. Dear Jur Koerts,
  2.  
  3. This is an important notice regarding your 1&1 IONOS Server.
  4.  
  5. Your server was found to be part of a network of compromised machines leading a Denial-of-Service Attack (DoS-Attack) against other servers. Please find details on the malicious processes at the end of this e-mail.
  6.  
  7. In order to prevent further criminal activity from your server, we have suspended access pending your investigation and resolution.
  8.  
  9. Please follow the instructions below, according to the category of your server, to re-establish the access to your 1&1 IONOS Server.  
  10.  
  11. 1. Dedicated Root Server
  12. 2. Virtual Private Server
  13. 3. Dynamic Cloud Server
  14.  
  15.    1. Dedicated Root Server:
  16.       Log in via your Serial Console and take steps to secure your server.
  17.       Determine the source of the compromise and disable the software
  18.       that is controlling the attack.
  19.  
  20.       Once you have secured your server, get back to us stating the measures
  21.       you have taken and it will be our pleasure to restore network connectivity.
  22.  
  23.       You will find instructions on using your Serial Console on the 1&1 IONOS Help Centre:
  24.       - Linux Servers: https://www.ionos.co.uk/help/index.php?id=1895
  25.       - Windows Servers: https://www.ionos.co.uk/help/index.php?id=1874
  26.  
  27.    2. Virtual Private Server:
  28.       Please reply back to us when you are ready to take steps to secure your
  29.       server. We will re-establish access at that time.
  30.      
  31.       Once the server is unlocked, we recommend you reboot into repair mode and
  32.       fix the problem with the server off-line. This will avoid ongoing attacks.
  33.  
  34.       You can find instructions on using Repair Mode at:
  35.       - https://www.ionos.co.uk/help/index.php?id=1853
  36.  
  37.    3. Dynamic Cloud Server:
  38.       Please reply back to us when you are ready to take steps to secure your
  39.       server. We will re-establish access at that time and stop the server. You can
  40.       then restart it from your 1&1 IONOS Control Panel when you are ready to secure it.
  41.  
  42. To get back to us, simply reply to this e-mail keeping your reference number [Ticket AB116610417] in your message. You can also call us any time at 0333 336 5691.
  43.  
  44. We appreciate your cooperation and look forward to continuing to improve the security of your 1&1 IONOS Server.
  45.  
  46. - Details about the malicious processes:
  47. ###########################################
  48. Attack type: DoS_OUT
  49. Attack source IP/s: 74.208.81.35
  50. ###########################################
  51. Time    Source Address  Source Port Destination Address Destination Port    Frames
  52. 22/04/2019 20:56:00 74.208.81.35    UDP:63197   80.57.123.190   UDP:80  18888000
  53. 22/04/2019 20:56:00 74.208.81.35    UDP:63199   80.57.123.190   UDP:80  17352000
  54. 22/04/2019 20:56:00 74.208.81.35    UDP:63198   80.57.123.190   UDP:80  17048000
  55. 22/04/2019 20:56:00 74.208.81.35    UDP:63196   80.57.123.190   UDP:80  16968000
  56. 22/04/2019 20:56:00 74.208.81.35    UDP:62869   80.57.123.190   UDP:80  11864000
  57. 22/04/2019 20:56:00 74.208.81.35    UDP:62888   80.57.123.190   UDP:80  8840000
  58. 22/04/2019 20:56:00 74.208.81.35    UDP:62889   80.57.123.190   UDP:80  8720000
  59. 22/04/2019 20:56:00 74.208.81.35    UDP:62896   80.57.123.190   UDP:80  8632000
  60. 22/04/2019 20:56:00 74.208.81.35    UDP:62895   80.57.123.190   UDP:80  8328000
  61. 22/04/2019
  62. 20:56:00    74.208.81.35    UDP:62894   80.57.123.190   UDP:80  8192000
  63. 22/04/2019 20:56:00 74.208.81.35    UDP:62899   80.57.123.190   UDP:80  7936000
  64. 22/04/2019 20:56:00 74.208.81.35    UDP:62898   80.57.123.190   UDP:80  7856000
  65. 22/04/2019 20:56:00 74.208.81.35    UDP:62892   80.57.123.190   UDP:80  7736000
  66. 22/04/2019 20:56:00 74.208.81.35    UDP:62893   80.57.123.190   UDP:80  7696000
  67. 22/04/2019 20:56:00 74.208.81.35    UDP:62891   80.57.123.190   UDP:80  7640000
  68. 22/04/2019 20:56:00 74.208.81.35    UDP:62872   80.57.123.190   UDP:80  6968000
  69. 22/04/2019 20:56:00 74.208.81.35    UDP:62890   80.57.123.190   UDP:80  6696000
  70. 22/04/2019 20:56:00 74.208.81.35    UDP:62897   80.57.123.190   UDP:80  6440000
  71. 22/04/2019 20:56:00 74.208.81.35    UDP:62880   80.57.123.190   UDP:80  6088000
  72. 22/04/2019 20:56:00 74.208.81.35    UDP:62878   80.57.123.190   UDP:80  5904000
  73. 22/04/2019 20:56:00                 50816000
  74.  
  75. - End of details.
  76.  
  77. Best regards,
  78.  
  79. Hosting Security
  80.  
  81. --
  82. 1&1 Internet Ltd.
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
 
Top