logwatch
[Prev] Thread [Next] | [Prev] Date [Next]
[Logwatch] Weird vpopmail experiences Steve Douville Tue Nov 11 08:00:50 2008
While scanning through the logwatch email sent via cronjob, I noticed that there were quite a lot of entries reported by vpopmail as being no such user. It smacked of a dictionary attack in that there were hundreds of names tried 30+ times each. My conf is set to report on "yesterday", so I looked at my maillog from yesterday and the entries are NOT in there! So I figure there's a hack and a problem. However, I can rerun logwatch and the report gets regenerated, emailed to me, and guess what... the "dictionary attack" of user names is still on the report! So, how can this be?? How can I not be able to grep the maillog for the entries but logwatch can see them and report them? Thanks in advance. Steve _______________________________________________ Logwatch mailing list [EMAIL PROTECTED] http://www2.list.logwatch.org:81/mailman/listinfo/logwatch
- [Logwatch] Weird vpopmail experiences Steve Douville <=
- Re: [Logwatch] Weird vpopmail experiences Mike Tremaine
- Re: [Logwatch] Weird vpopmail experiences Bob McClure Jr
- Re: [Logwatch] Weird vpopmail experiences Steve Douville
- Re: [Logwatch] Weird vpopmail experiences Bjorn L.
- Re: [Logwatch] Weird vpopmail experiences Steve Douville
- Re: [Logwatch] Weird vpopmail experiences Markus Lude