請注意假IP假封包
目前收到許多空封包都來自於一些假IP,真不知道是該封鎖還是…<br>Mon 2005-08-22 08:38:50: ---------- <br>Mon 2005-08-22 09:15:08: Session 3287; child 1; thread 23992 <br><span style='color:red'>Mon 2005-08-22 09:15:02: Accepting SMTP connection from <br>Mon 2005-08-22 09:15:02: Performing PTR lookup (242.90.79.218.IN-ADDR.ARPA) <br>Mon 2005-08-22 09:15:07: * Error: Name server reports domain name unknown </span><br><span style='color:blue'>根本就查無此IP,這些廣告信業者居然還學會了隨機IP,真是道高一尺魔高一丈。</span><br>Mon 2005-08-22 09:15:07: ---- End PTR results <br>Mon 2005-08-22 09:15:07: --> 220 cfwater.com.tw ESMTP MDaemon 8.1.1; Mon, 22 Aug 2005 09:15:07 +0800 <br>Mon 2005-08-22 09:15:08: <-- EHLO cfwater.com.tw <br>Mon 2005-08-22 09:15:08: Performing IP lookup (cfwater.com.tw) <br>Mon 2005-08-22 09:15:08: * D=cfwater.com.tw TTL=(1440) A= <br>Mon 2005-08-22 09:15:08: ---- End IP lookup results <br>Mon 2005-08-22 09:15:08: --> 250-cfwater.com.tw Hello cfwater.com.tw (may be forged), pleased to meet you <br>Mon 2005-08-22 09:15:08: --> 250-ETRN <br>Mon 2005-08-22 09:15:08: --> 250-AUTH=LOGIN <br>Mon 2005-08-22 09:15:08: --> 250-AUTH LOGIN CRAM-MD5 <br>Mon 2005-08-22 09:15:08: --> 250-8BITMIME <br><span style='color:red'>Mon 2005-08-22 09:15:08: --> 250 SIZE 0 <br>Mon 2005-08-22 09:15:08: <-- MAIL FROM:<[email protected]></span> <br><span style='color:blue'>竟然已經來了,還假冒本地網管名稱放個檔案大小只有 0 的信件,真不知道該哭還是該笑</span><br>Mon 2005-08-22 09:15:08: Performing IP lookup (cfwater.com.tw) <br>Mon 2005-08-22 09:15:08: * D=cfwater.com.tw TTL=(1440) A= <br>Mon 2005-08-22 09:15:08: * P=010 D=cfwater.com.tw TTL=(60) MX= {211.21.191.230} <br>Mon 2005-08-22 09:15:08: ---- End IP lookup results <br>Mon 2005-08-22 09:15:08: --> 550 <[email protected]>, Sender unknown <br><span style='color:red'>Mon 2005-08-22 09:15:08: Error reading from socket! <br>Mon 2005-08-22 09:15:08: Unexpected socket closure </span><br>Mon 2005-08-22 09:15:08: SMTP session terminated (Bytes in/out: 63/280) <br><span style='color:blue'>最後的結果當然是被踢掉,而且還試了好次,真不爽, <!--emo&:無奈加中指:--><img src='http://www.suma.tw/uploads/smiles-050.gif' border='0' style='vertical-align:middle' alt='smiles-050.gif' /><!--endemo--> 浪費我家頻寬。</span><br><br>該ip(發信人上網ip及發信信箱ip),除了沒有對應真實的網域,根本也查不出是那家isp業者,所以確定是用隨機ip程式製造出來的,我覺得他厲害的地方是發信人上網ip及發信信箱ip都不同,所以至少是透過二部電腦傳送,我有點懷疑是廣告信業請人寫程式,先用這些程式try ip,看是否有可用郵件伺服器及可用帳號,然後再利用這些電腦大量發信,當然也有可能做為跳板。 <!--QuoteBegin--></div><table border='0' align='center' width='95%' cellpadding='3' cellspacing='1'><tr><td><b>引言</b> </td></tr><tr><td id='QUOTE'><!--QuoteEBegin-->Mon 2005-08-22 09:15:07: * Error: Name server reports domain name unknown <!--QuoteEnd--></td></tr></table><div class='postcolor'><!--QuoteEEnd--><br><br>上面的意思並非假的 IP,而是沒有通過反查。IP 是真的,只是沒有對應真實的網域。
頁:
[1]