Layeredtech pop3 hacker caught

Our intrusion detection software picked up the start of a dictionary attack targeting our pop3 or email server coming from the Layeredtech server provider.

Time: Sat Aug 9 19:22:43 2008 -0400 IP: 72.232.183.242 (US/United States/242.183.232.72.static.reverse.ltdomains.com) Failures: 5 (pop3d) Interval: 240 seconds Blocked: Yes Log entries: Aug 9 19:21:16 pop3d: LOGIN FAILED, user=test, ip=[::ffff:72.232.183.242] Aug 9 19:21:52 pop3d: LOGIN FAILED, user=test, ip=[::ffff:72.232.183.242] Aug 9 19:21:57 pop3d: LOGIN FAILED, user=web, ip=[::ffff:72.232.183.242] Aug 9 19:22:36 pop3d: LOGIN FAILED, user=test, ip=[::ffff:72.232.183.242] Aug 9 19:22:41 pop3d: LOGIN FAILED, user=test, ip=[::ffff:72.232.183.242]

Whois 72.232.183.242 you might ask?

Why it is the crappy dedicated server provider Layeredtech.

OrgName: Layered Technologies, Inc. OrgID: LAYER-3 Address: 5085 W Park Blvd Address: Suite 700 City: Plano StateProv: TX PostalCode: 75093 Country: US

Written by admin on August 10th, 2008 with comments disabled.
Read more articles on Hacker and ModSecurity.

Layeredtech pop3 hacker caught

Article search

Required Reading

Server Tools

Layeredtech pop3 hacker caught

Article search

Required Reading

Server Tools

Tags