V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
通过以下 Referral 链接购买 DigitalOcean 主机,你将可以帮助 V2EX 持续发展
DigitalOcean - SSD Cloud Servers
bbbb
V2EX  ›  VPS

vultr suspended 的问题, V 友帮忙看看大概啥问题。

  •  
  •   bbbb · 2016-06-30 23:39:02 +08:00 · 1312 次点击
    这是一个创建于 3068 天前的主题,其中的信息可能已经有所发展或是发生改变。
    看 V 友比较推荐 Vultr ,就参加了之前的新用户送了 50$活动,用了段时间,觉得还不错,现在已经充钱了,遇到今天的问题后,怕以后用的时间长了, VPS 上的数据多了出现这样的问题就麻烦了。
    目前就搭建了 SS 用着,其实没弄啥。出问题后,发现之前已经发邮件了,但一直没注意邮件。现在买的两个 VPS 中,其中一个在之前给我暂停了。工单在下面,知道的 V 友指点下。

    工单:
    We have suspended your VPS due to information we have received indicating that your account is in violation of our Terms of Service/Acceptable Use Policies, the full text of which is available online at the following URLs for your convenience:

    TOS - https://www.vultr.com/legal/tos.php
    AUP - https://www.vultr.com/legal/use_policy.php
    SPAM - https://www.vultr.com/legal/antispam_policy.php

    Please respond as soon as possible with as much detail as you can provide regarding the activity in question and what you intend to do to ensure it does not occur in the future. If the VPS in question is compromised, you may launch a new one at any time.

    Instance destruction may occur if we have not heard from you within the next 18 hours.

    Thank you for your cooperation.


    -- Complaint Response Team --

    Abuse System 2016-06-29 22:02:04 We have yet to receive a response from you regarding this abuse complaint. This is the third notice regarding this abuse report.

    If we do not receive a response within the next 40 hours, the affected server will be suspended.

    We have not received a response from you regarding this abuse complaint. This is the second notice regarding this abuse report.

    Please resolve this matter and reply as soon as possible in order to prevent service disruption; failure to reply or resolve complaints in a timely fashion may result in service suspension.

    We have powered down your cloud server due to outbound traffic patterns fitting the profile of a DoS-style attack. You may restore power any time via https://my.vultr.com to troubleshoot, repair, replace or destroy as necessary.

    If you believe your instance has been compromised, we recommend a fresh instance reinstall. If you restore power and fail to address the activity in question in a timely manner and/or if the situation in question resumes/worsens, we will have no choice but to escalate our response, including but not limited to suspension or powering down of the instance, suspending the entire account or account closure for repeat ToS violations.

    Thank you for your cooperation!


    -- Complaint Response Team --
    14 条回复    2016-09-09 18:02:57 +08:00
    yeyeye
        1
    yeyeye  
       2016-07-01 00:29:31 +08:00
    联系客服吧 光凭你提供的这么一点信息没什么帮助 你收到的邮件也没提到细节
    bbbb
        2
    bbbb  
    OP
       2016-07-01 08:55:13 +08:00
    @yeyeye 好的,我联系试试,我看给的信息也确实没说啥具体原因。
    liyvhg
        3
    liyvhg  
       2016-07-01 09:02:40 +08:00 via Android
    是不是装了锐速之类的发包软件被查出来了
    bbbb
        4
    bbbb  
    OP
       2016-07-01 09:12:16 +08:00
    @liyvhg 没有安装嘞,目前就安装了 SS , SS 而且还是我自己使用的,还是北京时间晚上 11 点过发的邮件。我那时啥都没干,所以感觉很奇怪。
    bbbb
        5
    bbbb  
    OP
       2016-07-01 09:16:01 +08:00
    @yeyeye
    @liyvhg
    从新开机了,看了下,使用了 145.69 GB 流量,能在 VPS 里查到原因吗?
    liyvhg
        6
    liyvhg  
       2016-07-01 09:23:37 +08:00 via Android
    @bbbb 不一定是那个时刻,之前的一段时间都有可能。 得知道你装了些什么在上面。
    我之前一个 WordPress 的插件出问题了, 1 周访问了腾讯的某 API 接口花掉 1T 流量🙊, VPS 提供商和腾讯都默默的承受了🙈
    dreamcountry
        7
    dreamcountry  
       2016-07-01 09:27:37 +08:00
    可能受到攻击了
    bbbb
        8
    bbbb  
    OP
       2016-07-01 09:43:43 +08:00
    @liyvhg python-pip 、 shadowsocks 、 htop ,除了没啥了,不知道是不是别人知道了我的 SS 。
    bbbb
        9
    bbbb  
    OP
       2016-07-01 09:44:19 +08:00
    @dreamcountry 我觉得也是,有什么方法能查吗? VPS 新手,正在网上查资料。
    hxtheone
        10
    hxtheone  
       2016-07-01 09:57:36 +08:00
    我上次是开了 SS 用默认端口立刻就被攻击了, 然后被 VPS 被关, 后来换了个端口禁止密码登录, 然后就相安无事到现在
    alect
        11
    alect  
       2016-07-01 10:07:48 +08:00
    We have powered down your cloud server due to outbound traffic patterns fitting the profile of a DoS-style attack.

    文中这一句很关键,向外发包风格类似 DoS
    bbbb
        12
    bbbb  
    OP
       2016-07-01 10:43:27 +08:00
    @hxtheone 我刚刚开机,用了会又给停了。。。我还是删除了从新建一个算了。
    bbbb
        13
    bbbb  
    OP
       2016-07-01 10:44:58 +08:00
    @alect 我估计是中招了,刚刚开机没一会又给我停了,确实是向外发了,因为都用了 145G 流量了,我顶多用 5G.
    partyspy
        14
    partyspy  
       2016-09-09 18:02:57 +08:00
    应该是中了 DDos 木马。
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   2655 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 24ms · UTC 05:11 · PVG 13:11 · LAX 21:11 · JFK 00:11
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.