[CentOS] Dovecot under brute force attack - nice attacker
Kai Schaetzl
maillists at conactive.com
Tue Jun 2 15:31:20 UTC 2009
Henry ritzlmayr wrote on Tue, 02 Jun 2009 14:51:23 +0200:
> ->Only the last try gets logged.
can't reproduce this. The following was done in one connection to
localhost.
Jun 2 17:09:10 d01 dovecot-auth: pam_unix(dovecot:auth): check pass; user
unknown
Jun 2 17:09:10 d01 dovecot-auth: pam_unix(dovecot:auth): authentication
failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:127.0.0.1
Jun 2 17:09:10 d01 dovecot-auth: pam_succeed_if(dovecot:auth): error
retrieving information about user bongo
Jun 2 17:09:30 d01 dovecot-auth: pam_unix(dovecot:auth): check pass; user
unknown
Jun 2 17:09:30 d01 dovecot-auth: pam_unix(dovecot:auth): authentication
failure; logname= uid=0 euid=0 tty=dovecot ruser= rhost=::ffff:127.0.0.1
Jun 2 17:09:30 d01 dovecot-auth: pam_succeed_if(dovecot:auth): error
retrieving information about user bongo2
Kai
--
Kai Schätzl, Berlin, Germany
Get your web at Conactive Internet Services: http://www.conactive.com
More information about the CentOS
mailing list