I am the sysadmin of Bobcat Open Systems
<http://www.bobcatos.com>.
Our log analysis indicates that a user on your network tried to
crack our server as part of a distributed dictionary attack.
The log exerpts follow. Times are CDT (UTC-0500).
On www.bobcatos.com (208.101.214.202):
From the maillog:
Oct 14 13:21:31 bubba dovecot: imap-login: Disconnected (auth failed, 4 attempts): user=<petty>, method=PLAIN, rip=176.9.80.9, lip=192.168.3.2, TLS: Disconnected
From the secure log:
Oct 14 13:21:00 bubba auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=petty@northeasttexaspower.com rhost=176.9.80.9
Oct 14 13:21:08 bubba auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=petty@northeasttexaspower.com rhost=176.9.80.9
Oct 14 13:21:15 bubba auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=petty rhost=176.9.80.9
Oct 14 13:21:27 bubba auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=petty rhost=176.9.80.9
Let me know if you need any more information.
Cheers,
—
Bob McClure, Jr. Bobcat Open Systems, Inc.
bob@bobcatos.com https://www.bobcatos.com
For the love of money is a root of all kinds of evil. Some people,
eager for money, have wandered from the faith and pierced themselves
with many griefs. 1 Timothy 6:10
