中央大學桃園區網中心最近寄來一封關於本校163.25.34.254 SMTP 攻擊事件
經查證結果為宿舍電腦172.16.13.162 所發出之大量廣告信件,目前已將此電腦封鎖
SSG550-> get session src-ip 172.16.13.162
alloc 5572/max 256064, alloc failed 0, mcast alloc 0, di alloc failed 0
total reserved 0, free sessions in shared pool 250492
Total 20 sessions according filtering criteria.
id 244483/s**,vsys 0,flag 08000000/0000/0001,policy 36,time 52, dip 2 module 0
if 0(nspflag 801801):172.16.13.162/1097->163.28.4.24/80,6,0022be6c9400,sess token 4,vlan 0,tun 0,vsd 0,route 8,wsf 0
if 6(nspflag 10801800):163.25.34.254/32802<-163.28.4.24/80,6,00220d32fb42,sess token 6,vlan 0,tun 0,vsd 0,route 7,wsf 0
id 246304/s**,vsys 0,flag 48000000/0000/0001,policy 36,time 2, dip 2 module 0
if 0(nspflag 801801):172.16.13.162/1853->119.160.246.242/80,6,0022be6c9400,sess token 4,vlan 0,tun 0,vsd 0,route 8,wsf 0
if 6(nspflag 10801800):163.25.34.254/31618<-119.160.246.242/80,6,00220d32fb42,sess token 6,vlan 0,tun 0,vsd 0,route 7,wsf 0
id 247409/s**,vsys 0,flag 08000000/0000/0001,policy 36,time 179, dip 2 module 0
if 0(nspflag 801801):172.16.13.162/1840->163.28.4.23/80,6,0022be6c9400,sess token 4,vlan 0,tun 0,vsd 0,route 8,wsf 0
if 6(nspflag 10801800):163.25.34.254/60080<-163.28.4.23/80,6,00220d32fb42,sess token 6,vlan 0,tun 0,vsd 0,route 7,wsf 0
id 247530/s**,vsys 0,flag 08000000/0000/0001,policy 36,time 180, dip 2 module 0
if 0(nspflag 801801):172.16.13.162/1748->192.150.8.118/443,6,0022be6c9400,sess token 4,vlan 0,tun 0,vsd 0,route 8,wsf 0
if 6(nspflag 10801800):163.25.34.254/37263<-192.150.8.118/443,6,00220d32fb42,sess token 6,vlan 0,tun 0,vsd 0,route 7,wsf 0
id 248703/s**,vsys 0,flag 08000000/0000/0001,policy 36,time 179, dip 2 module 0
if 0(nspflag 801801):172.16.13.162/1841->163.28.4.29/80,6,0022be6c9400,sess token 4,vlan 0,tun 0,vsd 0,route 8,wsf 0
if 6(nspflag 10801800):163.25.34.254/30713<-163.28.4.29/80,6,00220d32fb42,sess token 6,vlan 0,tun 0,vsd 0,route 7,wsf 0
id 248800/s**,vsys 0,flag 08000000/0000/0001,policy 36,time 179, dip 2 module 0
if 0(nspflag 801801):172.16.13.162/1821->119.160.254.215/80,6,0022be6c9400,sess token 4,vlan 0,tun 0,vsd 0,route 8,wsf 0
if 6(nspflag 10801800):163.25.34.254/42344<-119.160.254.215/80,6,00220d32fb42,
以下為中央大學桃園區網中心寄來的一封信關於本校163.25.34.254 SMTP 攻擊事件
===============================
The IP machine over your campus with the address of 163.25.34.254 machine may be an Open Mail Relay Or Spam sender.
===============================
Please help owner of the machine
to check and fix its Open Mail Relay Problem or Patch Please refer the detail traffic log on
http://audp.tyc.edu.tw/fdns/spam_hour.php
( user:guest & password: guest )
Many Thanks !
From : susna yang
SRC_IP>#.#.#.#.(Serv_port) Flows pk_size(KB) Pkts Total(MB)
163.25.34.254>62.36.20.20.(25) 18 0.056 128 0.007
163.25.34.254>62.36.20.20.(25) 18 0.056 128 0.007
163.25.34.254>62.36.20.20.(25) 18 0.056 128 0.007
163.25.34.254>62.36.20.20.(25) 18 0.113 141 0.016
163.25.34.254>62.36.20.20.(25) 18 0.113 141 0.016
163.25.34.254>62.36.20.20.(25) 18 0.113 141 0.016
163.25.34.254>62.36.20.20.(25) 18 0.113 141 0.016
163.25.34.254>62.36.20.20.(25) 18 0.113 141 0.016
163.25.34.254>62.36.20.20.(25) 18 0.113 141 0.016
163.25.34.254>62.36.20.20.(25) 25 0.254 244 0.060
163.25.34.254>62.42.230.187.(25) 26 0.267 171 0.045
163.25.34.254>213.4.149.224.(25) 28 0.046 67 0.003
163.25.34.254>62.36.20.20.(25) 34 0.215 303 0.064
163.25.34.254>62.42.230.187.(25) 34 0.247 209 0.050
163.25.34.254>213.4.149.224.(25) 41 0.046 107 0.005
163.25.34.254>62.36.20.20.(25) 19 0.223 146 0.032
163.25.34.254>213.4.149.224.(25) 30 0.046 86 0.004
163.25.34.254>195.76.55.59.(25) 20 0.296 294 0.085
163.25.34.254>62.36.20.20.(25) 37 0.227 283 0.063
163.25.34.254>213.4.149.224.(25) 60 0.046 170 0.008
163.25.34.254>82.223.191.131.(25) 19 0.297 149 0.043
163.25.34.254>89.107.242.1.(25) 19 0.048 43 0.002
163.25.34.254>62.36.20.20.(25) 34 0.215 303 0.064
163.25.34.254>62.42.230.187.(25) 34 0.247 209 0.050
163.25.34.254>213.4.149.224.(25) 41 0.046 107 0.005
163.25.34.254>62.36.20.20.(25) 56 0.206 402 0.081
163.25.34.254>195.76.55.59.(25) 22 0.292 299 0.085
163.25.34.254>213.4.149.224.(25) 92 0.046 259 0.012
163.25.34.254>82.223.191.131.(25) 24 0.281 177 0.049
163.25.34.254>89.107.242.1.(25) 20 0.048 46 0.002
163.25.34.254>62.36.20.20.(25) 34 0.215 303 0.064
163.25.34.254>62.42.230.187.(25) 34 0.247 209 0.050
163.25.34.254>213.4.149.224.(25) 41 0.046 107 0.005
163.25.34.254>62.36.20.20.(25) 34 0.215 303 0.064
163.25.34.254>62.42.230.187.(25) 34 0.247 209 0.050
163.25.34.254>213.4.149.224.(25) 41 0.046 107 0.005
163.25.34.254>62.36.20.20.(25) 56 0.206 402 0.081
163.25.34.254>195.76.55.59.(25) 22 0.292 299 0.085
163.25.34.254>213.4.149.224.(25) 92 0.046 259 0.012
163.25.34.254>82.223.191.131.(25) 24 0.281 177 0.049
163.25.34.254>89.107.242.1.(25) 20 0.048 46 0.002
163.25.34.254>62.36.20.20.(25) 56 0.206 402 0.081
163.25.34.254>195.76.55.59.(25) 22 0.292 299 0.085
163.25.34.254>213.4.149.224.(25) 92 0.046 259 0.012
163.25.34.254>82.223.191.131.(25) 24 0.281 177 0.049
163.25.34.254>89.107.242.1.(25) 20 0.048 46 0.002
163.25.34.254>62.36.20.20.(25) 56 0.206 402 0.081
163.25.34.254>195.76.55.59.(25) 22 0.292 299 0.085
163.25.34.254>213.4.149.224.(25) 92 0.046 259 0.012
163.25.34.254>82.223.191.131.(25) 24 0.281 177 0.049
163.25.34.254>89.107.242.1.(25) 20 0.048 46 0.002
163.25.34.254>62.36.20.20.(25) 66 0.110 451 0.049
163.25.34.254>213.4.149.224.(25) 110 0.046 300 0.014
163.25.34.254>82.223.191.131.(25) 25 0.203 163 0.032
163.25.34.254>62.42.230.187.(25) 28 0.239 159 0.037
163.25.34.254>62.36.20.20.(25) 86 0.120 571 0.067
163.25.34.254>213.4.149.224.(25) 131 0.046 357 0.016
163.25.34.254>82.223.191.131.(25) 34 0.242 237 0.056
163.25.34.254>62.42.230.187.(25) 38 0.215 207 0.043
163.25.34.254>212.59.199.34.(25) 19 0.149 145 0.021
163.25.34.254>62.36.20.20.(25) 89 0.136 607 0.081
163.25.34.254>213.4.149.224.(25) 135 0.046 367 0.017
163.25.34.254>82.223.191.131.(25) 37 0.231 252 0.057
163.25.34.254>62.42.230.187.(25) 41 0.210 214 0.044
163.25.34.254>212.59.199.34.(25) 19 0.149 145 0.021
163.25.34.254>212.170.236.87.(25) 17 0.323 134 0.042
163.25.34.254>62.36.20.20.(25) 105 0.130 710 0.090
163.25.34.254>213.4.149.224.(25) 164 0.046 450 0.020
163.25.34.254>82.223.191.131.(25) 46 0.208 289 0.059
163.25.34.254>62.42.230.187.(25) 44 0.196 235 0.045
163.25.34.254>212.170.236.87.(25) 24 0.325 192 0.061
163.25.34.254>212.59.199.34.(25) 19 0.149 145 0.021
163.25.34.254>212.59.199.31.(25) 20 0.088 130 0.011
163.25.34.254>213.4.149.253.(25) 21 0.046 55 0.002
163.25.34.254>89.107.242.1.(25) 19 0.048 37 0.002
163.25.34.254>62.36.20.20.(25) 105 0.130 710 0.090
163.25.34.254>213.4.149.224.(25) 164 0.046 450 0.020
163.25.34.254>82.223.191.131.(25) 46 0.208 289 0.059
163.25.34.254>62.42.230.187.(25) 44 0.196 235 0.045
163.25.34.254>212.170.236.87.(25) 24 0.325 192 0.061
163.25.34.254>212.59.199.34.(25) 19 0.149 145 0.021
163.25.34.254>212.59.199.31.(25) 20 0.088 130 0.011
163.25.34.254>213.4.149.253.(25) 21 0.046 55 0.002
163.25.34.254>89.107.242.1.(25) 19 0.048 37 0.002
163.25.34.254>62.36.20.20.(25) 105 0.130 710 0.090
163.25.34.254>213.4.149.224.(25) 164 0.046 450 0.020
163.25.34.254>82.223.191.131.(25) 46 0.208 289 0.059
163.25.34.254>62.42.230.187.(25) 44 0.196 235 0.045
163.25.34.254>212.170.236.87.(25) 24 0.325 192 0.061
163.25.34.254>212.59.199.34.(25) 19 0.149 145 0.021
163.25.34.254>212.59.199.31.(25) 20 0.088 130 0.011
163.25.34.254>213.4.149.253.(25) 21 0.046 55 0.002
163.25.34.254>89.107.242.1.(25) 19 0.048 37 0.002
163.25.34.254>62.36.20.20.(25) 56 0.110 378 0.041
163.25.34.254>213.4.149.224.(25) 91 0.046 219 0.010
163.25.34.254>217.12.17.247.(25) 21 0.338 93 0.031
163.25.34.254>62.36.20.20.(25) 71 0.123 487 0.059
163.25.34.254>213.4.149.224.(25) 115 0.046 281 0.013
163.25.34.254>82.223.191.131.(25) 21 0.137 99 0.013
163.25.34.254>217.12.17.247.(25) 21 0.338 93 0.031
163.25.34.254>62.42.230.187.(25) 17 0.214 75 0.016
163.25.34.254>213.4.149.253.(25) 16 0.049 44 0.002
163.25.34.254>213.4.149.229.(25) 17 0.046 40 0.002
163.25.34.254>62.36.20.20.(25) 87 0.130 608 0.077
163.25.34.254>213.4.149.224.(25) 145 0.046 360 0.016
163.25.34.254>82.223.191.131.(25) 28 0.202 165 0.032
163.25.34.254>62.42.230.187.(25) 31 0.152 124 0.018
163.25.34.254>212.170.236.87.(25) 17 0.379 123 0.046
163.25.34.254>217.12.17.247.(25) 22 0.332 95 0.031
163.25.34.254>217.12.18.115.(25) 20 0.201 92 0.018
163.25.34.254>213.4.149.253.(25) 21 0.049 52 0.002
163.25.34.254>213.4.149.229.(25) 17 0.046 40 0.002
163.25.34.254>62.36.20.20.(25) 113 0.139 833 0.113
163.25.34.254>213.4.149.224.(25) 175 0.046 429 0.019
163.25.34.254>82.223.191.131.(25) 34 0.177 199 0.034
163.25.34.254>62.42.230.187.(25) 39 0.174 169 0.029
163.25.34.254>212.170.236.87.(25) 21 0.370 165 0.060
163.25.34.254>194.179.36.18.(25) 28 0.060 134 0.008
163.25.34.254>217.116.0.152.(25) 20 0.089 130 0.011
163.25.34.254>217.12.17.247.(25) 23 0.333 109 0.035
163.25.34.254>217.12.18.115.(25) 26 0.179 109 0.019
163.25.34.254>212.59.199.34.(25) 20 0.171 104 0.017
163.25.34.254>62.201.1.60.(25) 16 0.153 83 0.012
163.25.34.254>213.4.149.253.(25) 26 0.048 64 0.003
163.25.34.254>213.4.149.229.(25) 24 0.046 56 0.003
163.25.34.254>62.36.20.20.(25) 113 0.139 833 0.113
163.25.34.254>213.4.149.224.(25) 175 0.046 429 0.019
163.25.34.254>82.223.191.131.(25) 34 0.177 199 0.034
163.25.34.254>62.42.230.187.(25) 39 0.174 169 0.029
163.25.34.254>212.170.236.87.(25) 21 0.370 165 0.060
163.25.34.254>194.179.36.18.(25) 28 0.060 134 0.008
163.25.34.254>217.116.0.152.(25) 20 0.089 130 0.011
163.25.34.254>217.12.17.247.(25) 23 0.333 109 0.035
163.25.34.254>217.12.18.115.(25) 26 0.179 109 0.019
163.25.34.254>212.59.199.34.(25) 20 0.171 104 0.017
163.25.34.254>62.201.1.60.(25) 16 0.153 83 0.012
163.25.34.254>213.4.149.253.(25) 26 0.048 64 0.003
163.25.34.254>213.4.149.229.(25) 24 0.046 56 0.003
163.25.34.254>62.36.20.20.(25) 113 0.139 833 0.113
163.25.34.254>213.4.149.224.(25) 175 0.046 429 0.019
163.25.34.254>82.223.191.131.(25) 34 0.177 199 0.034
163.25.34.254>62.42.230.187.(25) 39 0.174 169 0.029
163.25.34.254>212.170.236.87.(25) 21 0.370 165 0.060
163.25.34.254>194.179.36.18.(25) 28 0.060 134 0.008
163.25.34.254>217.116.0.152.(25) 20 0.089 130 0.011
163.25.34.254>217.12.17.247.(25) 23 0.333 109 0.035
163.25.34.254>217.12.18.115.(25) 26 0.179 109 0.019
163.25.34.254>212.59.199.34.(25) 20 0.171 104 0.017
163.25.34.254>62.201.1.60.(25) 16 0.153 83 0.012
163.25.34.254>213.4.149.253.(25) 26 0.048 64 0.003
163.25.34.254>213.4.149.229.(25) 24 0.046 56 0.003
163.25.34.254>62.36.20.20.(25) 59 0.165 453 0.073
163.25.34.254>213.4.149.224.(25) 87 0.046 215 0.010
163.25.34.254>212.59.199.125.(25) 21 0.087 139 0.012
163.25.34.254>62.42.230.187.(25) 20 0.246 126 0.030
163.25.34.254>82.223.191.131.(25) 22 0.187 124 0.023
163.25.34.254>62.36.20.20.(25) 81 0.178 636 0.110
163.25.34.254>213.4.149.224.(25) 120 0.069 315 0.021
163.25.34.254>62.42.230.187.(25) 32 0.255 221 0.055
163.25.34.254>212.59.199.125.(25) 23 0.084 154 0.013
163.25.34.254>82.223.191.131.(25) 25 0.192 149 0.028
163.25.34.254>213.4.149.229.(25) 19 0.046 46 0.002
163.25.34.254>62.36.20.20.(25) 100 0.189 797 0.147
163.25.34.254>213.4.149.224.(25) 148 0.065 388 0.024
163.25.34.254>62.42.230.187.(25) 43 0.215 276 0.058
163.25.34.254>82.223.191.131.(25) 34 0.216 226 0.048
163.25.34.254>212.59.199.125.(25) 26 0.081 175 0.014
163.25.34.254>217.12.17.247.(25) 18 0.231 94 0.021
163.25.34.254>213.4.149.229.(25) 22 0.046 55 0.002
163.25.34.254>213.4.149.253.(25) 21 0.046 51 0.002
163.25.34.254>62.36.20.20.(25) 115 0.192 899 0.168
163.25.34.254>213.4.149.224.(25) 178 0.062 464 0.028
163.25.34.254>62.42.230.187.(25) 50 0.220 316 0.068
163.25.34.254>82.223.191.131.(25) 39 0.215 253 0.053
163.25.34.254>212.59.199.125.(25) 30 0.098 199 0.019
163.25.34.254>212.170.236.87.(25) 18 0.406 130 0.052
163.25.34.254>193.127.203.5.(25) 24 0.155 123 0.019
163.25.34.254>217.12.17.247.(25) 24 0.233 116 0.026
163.25.34.254>193.144.127.86.(25) 16 0.112 74 0.008
163.25.34.254>213.4.149.253.(25) 27 0.046 65 0.003
163.25.34.254>213.4.149.229.(25) 26 0.046 63 0.003
163.25.34.254>62.36.20.20.(25) 115 0.192 899 0.168
163.25.34.254>213.4.149.224.(25) 178 0.062 464 0.028
163.25.34.254>62.42.230.187.(25) 50 0.220 316 0.068
163.25.34.254>82.223.191.131.(25) 39 0.215 253 0.053
163.25.34.254>212.59.199.125.(25) 30 0.098 199 0.019
163.25.34.254>212.170.236.87.(25) 18 0.406 130 0.052
163.25.34.254>193.127.203.5.(25) 24 0.155 123 0.019
163.25.34.254>217.12.17.247.(25) 24 0.233 116 0.026
163.25.34.254>193.144.127.86.(25) 16 0.112 74 0.008
163.25.34.254>213.4.149.253.(25) 27 0.046 65 0.003
163.25.34.254>213.4.149.229.(25) 26 0.046 63 0.003
163.25.34.254>62.36.20.20.(25) 115 0.192 899 0.168
163.25.34.254>213.4.149.224.(25) 178 0.062 464 0.028
163.25.34.254>62.42.230.187.(25) 50 0.220 316 0.068
163.25.34.254>82.223.191.131.(25) 39 0.215 253 0.053
163.25.34.254>212.59.199.125.(25) 30 0.098 199 0.019
163.25.34.254>212.170.236.87.(25) 18 0.406 130 0.052
163.25.34.254>193.127.203.5.(25) 24 0.155 123 0.019
163.25.34.254>217.12.17.247.(25) 24 0.233 116 0.026
163.25.34.254>193.144.127.86.(25) 16 0.112 74 0.008
163.25.34.254>213.4.149.253.(25) 27 0.046 65 0.003
163.25.34.254>213.4.149.229.(25) 26 0.046 63 0.003
163.25.34.254>194.25.134.72.(25) 21 0.155 181 0.027
163.25.34.254>213.165.64.100.(25) 19 0.147 178 0.026
163.25.34.254>213.165.64.100.(25) 23 0.146 217 0.031
163.25.34.254>194.25.134.72.(25) 24 0.149 192 0.028
163.25.34.254>217.72.192.149.(25) 18 0.145 184 0.026
163.25.34.254>212.227.15.134.(25) 21 0.133 118 0.015
163.25.34.254>213.165.64.100.(25) 23 0.146 217 0.031
163.25.34.254>194.25.134.72.(25) 24 0.149 192 0.028
163.25.34.254>217.72.192.149.(25) 18 0.145 184 0.026
163.25.34.254>212.227.15.134.(25) 21 0.133 118 0.015
163.25.34.254>213.165.64.100.(25) 23 0.146 217 0.031
163.25.34.254>194.25.134.72.(25) 24 0.149 192 0.028
163.25.34.254>217.72.192.149.(25) 18 0.145 184 0.026
163.25.34.254>212.227.15.134.(25) 21 0.133 118 0.015
163.25.34.254>213.165.64.100.(25) 23 0.146 217 0.031
163.25.34.254>194.25.134.72.(25) 24 0.149 192 0.028
163.25.34.254>217.72.192.149.(25) 18 0.145 184 0.026
163.25.34.254>212.227.15.134.(25) 21 0.133 118 0.015
163.25.34.254>213.165.64.100.(25) 23 0.146 217 0.031
163.25.34.254>194.25.134.72.(25) 24 0.149 192 0.028
163.25.34.254>217.72.192.149.(25) 18 0.145 184 0.026
163.25.34.254>212.227.15.134.(25) 21 0.133 118 0.015
===============================
