mizban97
October 21st, 2016, 18:37
سلام خسته نباشید خدمت دوستان و اساتید
چند روزی هست روی یکی از سرور های هتزنر آلمان با مشکل زیر مواجه هستیم که اول سابنت ما بسته شد
بعد هم آیپی main سرور رو بستن! سرور توسط وی ام ور مجازی سازی شده است و سرور مجازی ویندوز و لینوکس و ابونتو در حال حاظر داریم.
Dear Sir or Madam
Your server with the above-mentioned IP address has carried out an attack on another server on the Internet.
This has placed a considerable strain on network resources and, as a result, a segment of our network has been adversely affected.
Your server has therefore been deactivated as a precautionary measure.
A corresponding log history is attached at the end of this email.
For guidelines on how to proceed next please see:
http://wiki.hetzner.de/index.php/Leitfaden_bei_Serversperrung/en If you have any questions or requests, please send us a support request via your Robot administration interface (https://robot.your-server.de).
Please log in to the Robot using your master login and click on "Requests" in the menu on the left. Under "Unblock requests" please select the corresponding Blocking ID and return the completed form to us.
We shall reply to your support request as soon as we can.
Best regards
Your Hetzner Online Team
Oct 21 1008 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 21251 8500 (1 packets)
Oct 21 1008 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.166 27.151.29.41 54621 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.171 27.151.29.41 15050 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 25458 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.167 27.151.29.41 22115 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.161 27.151.29.41 57472 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.170 27.151.29.41 26891 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.162 27.151.29.41 8450 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.174 27.151.29.41 60861 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 45860 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.171 27.151.29.41 31432 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.168 27.151.29.41 10146 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.166 27.151.29.41 13809 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.167 27.151.29.41 5695 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.167 27.151.29.41 34369 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.169 27.151.29.41 59408 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.171 27.151.29.41 15072 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.162 27.151.29.41 57651 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 62349 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.172 27.151.29.41 56223 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.172 27.151.29.41 39706 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.173 27.151.29.41 64607 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.171 27.151.29.41 43768 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.168 27.151.29.41 42767 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 33765 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.173 27.151.29.41 48378 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.161 27.151.29.41 49213 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.168 27.151.29.41 38834 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.167 27.151.29.41 54921 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.172 27.151.29.41 27418 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.171 27.151.29.41 55849 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.175 27.151.29.41 56845 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.169 27.151.29.41 30921 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.174 27.151.29.41 60854 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.176 27.151.29.41 24559 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.173 27.151.29.41 23785 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.167 27.151.29.41 54968 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.174 27.151.29.41 15680 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.163 27.151.29.41 37583 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.163 27.151.29.41 33288 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.173 27.151.29.41 27758 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.162 27.151.29.41 41356 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.174 27.151.29.41 48407 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.161 27.151.29.41 8353 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.170 27.151.29.41 23016 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.176 27.151.29.41 49149 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.176 27.151.29.41 16295 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.165 27.151.29.41 1121 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 50156 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.174 27.151.29.41 48508 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.171 27.151.29.41 19137 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.176 27.151.29.41 12099 8500 (1 packets)
Oct 21 1014 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 41942 8500 (1 packets)
Oct 21 1014 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.175 27.151.29.41 24114 8500 (1 packets)
Oct 21 1014 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 41785 8500 (1 packets)
بعد از اینکه آیپی اصلی بسته شد متن زیر ارسال کردند و تعدادی مک ادرس ارسال شد.
Dear Sir or Madam
We have noticed that you have been using other MACs in addition to the main
MAC mentioned in the above subject line.
As this is not permitted, we regret to inform you that your server has been
deactivated.
Guidelines regarding further course of action may be found in our wiki:
http://wiki.hetzner.de/index.php/Leitfaden_bei_Serversperrung/en.
Yours faithfully
Your Hetzner Support Team
00:0c:29:a4:d7:88 D - ge-0/0/14.0
00:50:56:00:84:26 D - ge-0/0/14.0
00:50:56:bd:12:f0 D - ge-0/0/14.0
00:50:56:bd:5b:a6 D - ge-0/0/14.0
00:50:56:bd:69:0d D - ge-0/0/14.0
90:1b:0e:a3:c2:59 D - ge-0/0/14.0
بنده دقیقا نمیدونم کدوم کاربر داره روی سرور مشکل ایجاد میکنه
دوستانی که با این نوع ابیوز اشنایی دارن و راه حل میدونن لطفا کمک کنند.
با تشکر
چند روزی هست روی یکی از سرور های هتزنر آلمان با مشکل زیر مواجه هستیم که اول سابنت ما بسته شد
بعد هم آیپی main سرور رو بستن! سرور توسط وی ام ور مجازی سازی شده است و سرور مجازی ویندوز و لینوکس و ابونتو در حال حاظر داریم.
Dear Sir or Madam
Your server with the above-mentioned IP address has carried out an attack on another server on the Internet.
This has placed a considerable strain on network resources and, as a result, a segment of our network has been adversely affected.
Your server has therefore been deactivated as a precautionary measure.
A corresponding log history is attached at the end of this email.
For guidelines on how to proceed next please see:
http://wiki.hetzner.de/index.php/Leitfaden_bei_Serversperrung/en If you have any questions or requests, please send us a support request via your Robot administration interface (https://robot.your-server.de).
Please log in to the Robot using your master login and click on "Requests" in the menu on the left. Under "Unblock requests" please select the corresponding Blocking ID and return the completed form to us.
We shall reply to your support request as soon as we can.
Best regards
Your Hetzner Online Team
Oct 21 1008 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 21251 8500 (1 packets)
Oct 21 1008 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.166 27.151.29.41 54621 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.171 27.151.29.41 15050 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 25458 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.167 27.151.29.41 22115 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.161 27.151.29.41 57472 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.170 27.151.29.41 26891 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.162 27.151.29.41 8450 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.174 27.151.29.41 60861 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 45860 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.171 27.151.29.41 31432 8500 (1 packets)
Oct 21 1009 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.168 27.151.29.41 10146 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.166 27.151.29.41 13809 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.167 27.151.29.41 5695 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.167 27.151.29.41 34369 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.169 27.151.29.41 59408 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.171 27.151.29.41 15072 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.162 27.151.29.41 57651 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 62349 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.172 27.151.29.41 56223 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.172 27.151.29.41 39706 8500 (1 packets)
Oct 21 1010 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.173 27.151.29.41 64607 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.171 27.151.29.41 43768 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.168 27.151.29.41 42767 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 33765 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.173 27.151.29.41 48378 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.161 27.151.29.41 49213 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.168 27.151.29.41 38834 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.167 27.151.29.41 54921 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.172 27.151.29.41 27418 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.171 27.151.29.41 55849 8500 (1 packets)
Oct 21 1011 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.175 27.151.29.41 56845 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.169 27.151.29.41 30921 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.174 27.151.29.41 60854 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.176 27.151.29.41 24559 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.173 27.151.29.41 23785 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.167 27.151.29.41 54968 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.174 27.151.29.41 15680 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.163 27.151.29.41 37583 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.163 27.151.29.41 33288 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.173 27.151.29.41 27758 8500 (1 packets)
Oct 21 1012 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.162 27.151.29.41 41356 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.174 27.151.29.41 48407 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.161 27.151.29.41 8353 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.170 27.151.29.41 23016 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.176 27.151.29.41 49149 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.176 27.151.29.41 16295 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.165 27.151.29.41 1121 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 50156 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.174 27.151.29.41 48508 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.171 27.151.29.41 19137 8500 (1 packets)
Oct 21 1013 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.176 27.151.29.41 12099 8500 (1 packets)
Oct 21 1014 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 41942 8500 (1 packets)
Oct 21 1014 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.175 27.151.29.41 24114 8500 (1 packets)
Oct 21 1014 2a01:4f8::a:17:3:1076 fpc0 PFE_FW_SYSLOG_IP: %-FW:
ge-0/0/14.0 A tcp 138.201.227.164 27.151.29.41 41785 8500 (1 packets)
بعد از اینکه آیپی اصلی بسته شد متن زیر ارسال کردند و تعدادی مک ادرس ارسال شد.
Dear Sir or Madam
We have noticed that you have been using other MACs in addition to the main
MAC mentioned in the above subject line.
As this is not permitted, we regret to inform you that your server has been
deactivated.
Guidelines regarding further course of action may be found in our wiki:
http://wiki.hetzner.de/index.php/Leitfaden_bei_Serversperrung/en.
Yours faithfully
Your Hetzner Support Team
00:0c:29:a4:d7:88 D - ge-0/0/14.0
00:50:56:00:84:26 D - ge-0/0/14.0
00:50:56:bd:12:f0 D - ge-0/0/14.0
00:50:56:bd:5b:a6 D - ge-0/0/14.0
00:50:56:bd:69:0d D - ge-0/0/14.0
90:1b:0e:a3:c2:59 D - ge-0/0/14.0
بنده دقیقا نمیدونم کدوم کاربر داره روی سرور مشکل ایجاد میکنه
دوستانی که با این نوع ابیوز اشنایی دارن و راه حل میدونن لطفا کمک کنند.
با تشکر