Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Dear Jur Koerts,
- This is an important notice regarding your 1&1 IONOS Server.
- Your server was found to be part of a network of compromised machines leading a Denial-of-Service Attack (DoS-Attack) against other servers. Please find details on the malicious processes at the end of this e-mail.
- In order to prevent further criminal activity from your server, we have suspended access pending your investigation and resolution.
- Please follow the instructions below, according to the category of your server, to re-establish the access to your 1&1 IONOS Server.
- 1. Dedicated Root Server
- 2. Virtual Private Server
- 3. Dynamic Cloud Server
- 1. Dedicated Root Server:
- Log in via your Serial Console and take steps to secure your server.
- Determine the source of the compromise and disable the software
- that is controlling the attack.
- Once you have secured your server, get back to us stating the measures
- you have taken and it will be our pleasure to restore network connectivity.
- You will find instructions on using your Serial Console on the 1&1 IONOS Help Centre:
- - Linux Servers: https://www.ionos.co.uk/help/index.php?id=1895
- - Windows Servers: https://www.ionos.co.uk/help/index.php?id=1874
- 2. Virtual Private Server:
- Please reply back to us when you are ready to take steps to secure your
- server. We will re-establish access at that time.
- Once the server is unlocked, we recommend you reboot into repair mode and
- fix the problem with the server off-line. This will avoid ongoing attacks.
- You can find instructions on using Repair Mode at:
- - https://www.ionos.co.uk/help/index.php?id=1853
- 3. Dynamic Cloud Server:
- Please reply back to us when you are ready to take steps to secure your
- server. We will re-establish access at that time and stop the server. You can
- then restart it from your 1&1 IONOS Control Panel when you are ready to secure it.
- To get back to us, simply reply to this e-mail keeping your reference number [Ticket AB116610417] in your message. You can also call us any time at 0333 336 5691.
- We appreciate your cooperation and look forward to continuing to improve the security of your 1&1 IONOS Server.
- - Details about the malicious processes:
- ###########################################
- Attack type: DoS_OUT
- Attack source IP/s: 74.208.81.35
- ###########################################
- Time Source Address Source Port Destination Address Destination Port Frames
- 22/04/2019 20:56:00 74.208.81.35 UDP:63197 80.57.123.190 UDP:80 18888000
- 22/04/2019 20:56:00 74.208.81.35 UDP:63199 80.57.123.190 UDP:80 17352000
- 22/04/2019 20:56:00 74.208.81.35 UDP:63198 80.57.123.190 UDP:80 17048000
- 22/04/2019 20:56:00 74.208.81.35 UDP:63196 80.57.123.190 UDP:80 16968000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62869 80.57.123.190 UDP:80 11864000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62888 80.57.123.190 UDP:80 8840000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62889 80.57.123.190 UDP:80 8720000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62896 80.57.123.190 UDP:80 8632000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62895 80.57.123.190 UDP:80 8328000
- 22/04/2019
- 20:56:00 74.208.81.35 UDP:62894 80.57.123.190 UDP:80 8192000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62899 80.57.123.190 UDP:80 7936000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62898 80.57.123.190 UDP:80 7856000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62892 80.57.123.190 UDP:80 7736000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62893 80.57.123.190 UDP:80 7696000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62891 80.57.123.190 UDP:80 7640000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62872 80.57.123.190 UDP:80 6968000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62890 80.57.123.190 UDP:80 6696000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62897 80.57.123.190 UDP:80 6440000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62880 80.57.123.190 UDP:80 6088000
- 22/04/2019 20:56:00 74.208.81.35 UDP:62878 80.57.123.190 UDP:80 5904000
- 22/04/2019 20:56:00 50816000
- - End of details.
- Best regards,
- Hosting Security
- --
- 1&1 Internet Ltd.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement