Am Dienstag, den 02.06.2009, 17:31 +0200 schrieb Kai Schaetzl:
Henry ritzlmayr wrote on Tue, 02 Jun 2009 14:51:23 +0200:
-Only the last try gets logged.
can't reproduce this. The following was done in one connection to
localhost.
Jun 2 17:09:10 d01 dovecot-auth:
Am Dienstag, den 02.06.2009, 14:13 -0700 schrieb Scott Silva:
on 6-2-2009 5:51 AM henry ritzlmayr spake the following:
Hi List,
optimizing the configuration on one of our servers (which was
hit by a brute force attack on dovecot) showed an odd behavior.
The short story:
On one
Henry Ritzlmayr wrote on Thu, 04 Jun 2009 08:21:04 +0200:
the logs you are referring to are only produced if you enable
auth_verbose = yes
right?
That's possible, I didn't check. In that case and if I recall right I
added that directive because I was missing the IP numbers in some log
Am Donnerstag, den 04.06.2009, 10:31 +0200 schrieb Kai Schaetzl:
Henry Ritzlmayr wrote on Thu, 04 Jun 2009 08:21:04 +0200:
the logs you are referring to are only produced if you enable
auth_verbose = yes
right?
That's possible, I didn't check. In that case and if I recall right
Hi List,
optimizing the configuration on one of our servers (which was
hit by a brute force attack on dovecot) showed an odd behavior.
The short story:
On one of our servers an attacker did a brute force
attack on dovecot (pop3).
Since the attacker closed and reopened the connection
after
Henry ritzlmayr wrote on Tue, 02 Jun 2009 14:51:23 +0200:
-Only the last try gets logged.
can't reproduce this. The following was done in one connection to
localhost.
Jun 2 17:09:10 d01 dovecot-auth: pam_unix(dovecot:auth): check pass; user
unknown
Jun 2 17:09:10 d01 dovecot-auth:
on 6-2-2009 5:51 AM henry ritzlmayr spake the following:
Hi List,
optimizing the configuration on one of our servers (which was
hit by a brute force attack on dovecot) showed an odd behavior.
The short story:
On one of our servers an attacker did a brute force
attack on dovecot
7 matches
Mail list logo
