Bruce Bodger wrote:
On Aug 15, 2008, at 5:39 PM, Charles Marcus wrote:
You're kidding, right?
Dictionary attacks are a fact of life these days.
Just install some kind of blocking on your firewall (fail2ban is a good
one), and let it take care of the worst of it...
just make sure to get
I'm seeing strings of failed POP3 login attempts with obvious bogus
usernames coming from different IP addresses. Today's originated from
216.31.146.19 (which resolves to neovisionlabs.com). This looks like a
botnet attack. I got a similar probe a couple days ago. Is anyone else
seeing these?
On 8/15/2008, Kenneth Porter ([EMAIL PROTECTED]) wrote:
I'm seeing strings of failed POP3 login attempts with obvious bogus
usernames coming from different IP addresses. Today's originated from
216.31.146.19 (which resolves to neovisionlabs.com). This looks like
a botnet attack. I got a
Charles Marcus wrote:
Dictionary attacks are a fact of life these days.
Just install some kind of blocking on your firewall (fail2ban is a good
one), and let it take care of the worst of it..
I wonder what they want by cracking a POP3 server. Read the user's
mails? It's true POP3 passwords
On Aug 15, 2008, at 5:39 PM, Charles Marcus wrote:
You're kidding, right?
Dictionary attacks are a fact of life these days.
Just install some kind of blocking on your firewall (fail2ban is a
good
one), and let it take care of the worst of it...
fail2ban will not work for this as the
On Friday, August 15, 2008 5:39 PM -0400 Charles Marcus
[EMAIL PROTECTED] wrote:
Just install some kind of blocking on your firewall (fail2ban is a good
one), and let it take care of the worst of it...
Thanks, researching it now
Looks like an RPM might be available for CentOS 5. There's
Eduardo M KALINOWSKI wrote:
Charles Marcus wrote:
Dictionary attacks are a fact of life these days.
Just install some kind of blocking on your firewall (fail2ban is a good
one), and let it take care of the worst of it..
I wonder what they want by cracking a POP3 server. Read the user's
--On Friday, August 15, 2008 5:51 PM -0400 Bruce Bodger
[EMAIL PROTECTED] wrote:
fail2ban will not work for this as the incoming ip addresses are
spoofed. fail2ban would end up blocking legitimate servers.
How do you spoof a source address on a TCP connection? I was unaware that
was
On Fri, Aug 15, 2008 at 06:43:30PM -0300, Eduardo M KALINOWSKI wrote:
Charles Marcus wrote:
Dictionary attacks are a fact of life these days.
Just install some kind of blocking on your firewall (fail2ban is a good
one), and let it take care of the worst of it..
I wonder what they want
Kenneth Porter wrote:
--On Friday, August 15, 2008 5:51 PM -0400 Bruce Bodger
bruce.bodger at demval.com wrote:
fail2ban will not work for this as the incoming ip addresses are
spoofed. fail2ban would end up blocking legitimate servers.
How do you spoof a source address on a TCP connection?
10 matches
Mail list logo