View Single Post
  #3  
Old 23rd August 2006, 01:31
d3m0nic d3m0nic is offline
Member
 
Join Date: Feb 2006
Posts: 37
Thanks: 0
Thanked 0 Times in 0 Posts
Default

I have found the problem... as shown in the error message, every 3 minutes I get a new line in my log.

Code:
Aug 23 01:06:56 host1 dovecot(pam_unix)[1022]: check pass; user unknown
Aug 23 01:06:56 host1 dovecot(pam_unix)[1022]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
Aug 23 01:09:56 host1 dovecot(pam_unix)[1060]: check pass; user unknown
Aug 23 01:09:56 host1 dovecot(pam_unix)[1060]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
Aug 23 01:12:56 host1 dovecot(pam_unix)[1099]: check pass; user unknown
Aug 23 01:12:56 host1 dovecot(pam_unix)[1099]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
Aug 23 01:15:56 host1 dovecot(pam_unix)[1138]: check pass; user unknown
Aug 23 01:15:56 host1 dovecot(pam_unix)[1138]: authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
...so, then i took a look at my maillog.
Code:
Aug 23 01:06:59 host1 pop3-login: Disconnected [::ffff:62.58.60.226]
Aug 23 01:09:59 host1 pop3-login: Disconnected [::ffff:62.58.60.226]
Aug 23 01:12:59 host1 pop3-login: Disconnected [::ffff:62.58.60.226]
Aug 23 01:15:59 host1 pop3-login: Disconnected [::ffff:62.58.60.226]
Some bozo doesn't have his stuff together and needs to take his head out of his ass. Did a Whois and found it to be KIA MOTORS in the NETHERLANDS... cheap cars, cheap administrator?

Any advise on how to go about this... emailing this clown or iptables rule?

Thanks,
Reply With Quote