My new dedicated server IP is listed on the CBL blacklist 4 days ago, whereas I purchased the server 6 days ago. Does CBL normally have false positives like this? It's an almost blank server with ZNC and lighttpd/php5-fpm. Rootkit hunter scans bring nothing up!
IP Address 78.46.xx.xx is listed in the CBL. It appears to be infected with a spam sending trojan, proxy or some other form of botnet.
It was last detected at 2014-07-02 04:00 GMT (+/- 30 minutes), approximately 4 days, 19 hours, 30 minutes ago.
This IP is infected (or NATting for a computer that is infected) with a spam-sending infection. In other words, it's participating in a botnet. If you simply remove the listing without ensuring that the infection is removed (or the NAT secured), it will probably relist again.
http://ift.tt/1dvHQ0Z
0 comments:
Post a Comment