SMTP Attacks

Mailing List

Home

Forum Home

Linux - General Red Hat Linux discussion list

Installation - Getting started with Red Hat Linux

Enterprise Linux 3 - Discussion of Red Hat Enterprise Linux 3 (Taroon)

Red Hat Linux 9 - Discussion of Red Hat Linux 9 (Shrike)

Red Hat Linux 7.2 - Discussion of Red Hat Linux 7.2 (Enigma)

Red Hat Linux 7.3 - Discussion of Red Hat Linux 7.3 (Valhalla)

Apache Web Server

Oracle database, Microsoft SQL server ...

Subjects

•	application/x mplayer2 plugin
•	RPM error: db4 error(16) from dbenv >remove: Device or resource busy
•	Command stream end of file while reading
•	X Windows problem (xauth)
•	Upgrading openoffice 1 1 rpm
•	FTP: connection refused
•	FTP: connection refused
•	mount: /dev/cdrom: is not a valid block device
•	Dell Precision 650, RedHat 9, no sound
•	how to trace the cause resulting in the crash of bind server
•	Virus on the list
•	UNINSTALL RPM MYSQL
•	usb pen drives: mounting as a user
•	broadcom network interface
•	make mrproper
•	sendmail configuration on redhat
•	Couldn 't open PID file /var/run/named/named pid Permission denied
•	Promise 378 controller
•	kernel 2 6 and /dev/sound/mixer not found
•	Problem using up2date
•	mrtg step by step howto/configuration for a newbie?
•	Compiling and Installing Kernel 2 6
•	Can 't locate module ppp0, can 't locate module ppp compress 21
•	HOW I CAN MAKE BOOTABLE FLOPPY DISKET
•	Lotus Notes under Wine
•	/etc/security/limits conf question
•	Intel E/1000 driver
•	Command stream end of file while reading
•	rpm database corrupt
•	qla2300 modules

SMTP Attacks

SMTP Attacks

2006-10-24 - By Harold Hallikainen

Back

Reply: 1 2 3 4 5 6 7 8 9 10 >>

In the past week, I've seen log entries like this pretty much every day.
This is on a Fedora 4 system. I'm running sshblack to get rid of the
thousands of ssh breaking attempts and have been using the included bl
command to add these ip addresses to the block list (which adds them to
iptables with instructions to drop the packets). Is that worthwile? Should
I do anything else? Again, these have only started showing up this week.

Thanks!

Harold

WARNING!!!! Possible Attack:
Attempt from 235.30.broadband2.iol.cz [83.208.30.235] with:
command=HELO/EHLO, count=3: 1 Time(s)
Attempt from 46.173.broadband6.iol.cz [88.101.173.46] with:
command=HELO/EHLO, count=3: 1 Time(s)
Attempt from [12.166.98.246] with:
command=HELO/EHLO, count=3: 1 Time(s)
Attempt from dslb-082 (See http://slb-082.ora-code.com)-083-067-104.pools.arcor-ip.net [82.83.67.104] with:
command=HELO/EHLO, count=3: 1 Time(s)
Attempt from laly-s.bb.netvision.net.il [212.143.166.250] with:
command=HELO/EHLO, count=3: 1 Time(s)
Attempt from p54BB98E4.dip0.t-ipconnect.de [84.187.152.228] with:
command=HELO/EHLO, count=3: 1 Time(s)
Total: 6 Time(s)

**Unmatched Entries**
87-126-13-210.btc-net.bg [87.126.13.210] (may be forged): possible
SMTP attack:
command=HELO/EHLO, count=3: 1 Time(s)

--
FCC Rules Updated Daily at http://www.hallikainen.com - Advertising
opportunities available!

__ ____ ____ ____ ____ ____ ____ ____ ____ ____
Redhat-install-list mailing list
Redhat-install-list@(protected)
https://www.redhat.com/mailman/listinfo/redhat-install-list
To Unsubscribe Go To ABOVE URL or send a message to:
redhat-install-list-request@(protected)
Subject: unsubscribe