I think someone (or some crawler) cut&Pasted a link to adobe ftp server in his FTP
Programm (e.g. "ftp:[EMAIL PROTECTED]"->in FTP).
Because he got a "host not found" message, he tried a little
more and ended on your IP with the original URL as login...
Asked for a password, he entered any mail adress (which is
very common and if it is a correct adress, very polite..)
I think the 3 seconds where used to type "[EMAIL PROTECTED]" by an avarage
user - after been ask for a password. Looks very manually
If it was a scanner it looks like a very stupid program - unless you
have many of these attempts in your logs.
PM> Back to the question: Does the log show a new scanner at work,
PM> or is it merely a browser with these values set for anonymous logins?
So I'm shire it's the later...
with best regards,
Matt Haack
