[CentOS] saslauthd attack

Les Bell lesbell at lesbell.com.au
Thu Feb 11 04:01:06 UTC 2010

John Hinton wrote:

Yes... most of them. Just the new PITA. Anyway... I still can't seem to
figure out how to log the IP addresses for this attack.

I'd use iptables to log connections on that port and then time-correlate
with the log entries from saslauthd.


--- Les Bell
Tel: +61 2 9451 1144

More information about the CentOS mailing list