The 3Com SuperStack 3 4400 layer 2 switch in our Hong Kong office has been sending me floods of alert emails,
"From device 3Com SuperStack 3 (IP address of this switch)
Authentication Failure"
We have had a few episodes of automated attacks being logged on our Exchange FE server, but the times don't correlate with these alerts.
Also I am seeing a large number of authentication attempts and accepts on this switch. But again, these continue in periods when we are not receiving the alert emails, and being that accepts almost = attempts, these don't seem related. But this switch does show a lot more authentications than other 4400's we have.
Can anyone shed any light on these "Authentication Failure" messages?
TIA
Bob Peitzke
Colony Advisors, LLC
"From device 3Com SuperStack 3 (IP address of this switch)
Authentication Failure"
We have had a few episodes of automated attacks being logged on our Exchange FE server, but the times don't correlate with these alerts.
Also I am seeing a large number of authentication attempts and accepts on this switch. But again, these continue in periods when we are not receiving the alert emails, and being that accepts almost = attempts, these don't seem related. But this switch does show a lot more authentications than other 4400's we have.
Can anyone shed any light on these "Authentication Failure" messages?
TIA
Bob Peitzke
Colony Advisors, LLC