Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations strongm on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

WARNING!!!! Possible Attack

Status
Not open for further replies.
Lidinho

Lidinho

Programmer
Sep 29, 2003
12
PT
Hi All,

Lately I have been getting these warnings on my server logs:

Code: 
...
 WARNING!!!!  Possible Attack:
    Attempt from 12-219-159-11.client.mchsi.com [12.219.159.11] with:
       command=HELO/EHLO, count=3: 1 Time(s)
    Attempt from 62.128.48.118.static.012.net.il [62.128.48.118] with:
       command=HELO/EHLO, count=3: 1 Time(s)
    Attempt from 80.178.18.217.adsl.012.net.il [80.178.18.217] with:
       command=HELO/EHLO, count=3: 1 Time(s)
    Attempt from 87.69.46.205.cable.012.net.il [87.69.46.205] with:
       command=HELO/EHLO, count=3: 1 Time(s)
    Attempt from bzq-88-153-35-53.red.bezeqint.net [88.153.35.53] with:
       command=HELO/EHLO, count=3: 1 Time(s)
    Attempt from cbl217-132-248-104.bb.netvision.net.il [217.132.248.104] with:
       command=HELO/EHLO, count=3: 1 Time(s)
    Attempt from corellia.odessa.tv [194.140.228.10] with:
       command=HELO/EHLO, count=3: 1 Time(s)
    Attempt from ds81-30-195-107.ufanet.ru [81.30.195.107] with:
       command=HELO/EHLO, count=3: 1 Time(s)
    Attempt from host81-157-77-64.range81-157.btcentralplus.com [81.157.77.64] with:
       command=HELO/EHLO, count=3: 1 Time(s)
    Attempt from host81-158-214-22.range81-158.btcentralplus.com [81.158.214.22] with:
       command=HELO/EHLO, count=3: 1 Time(s)
    Attempt from pool-72-93-1-73.bstnma.east.verizon.net [72.93.1.73] with:
       command=HELO/EHLO, count=3: 1 Time(s)
    Attempt from static-ip-217-87-56-61.rev.dyxnet.com [61.56.87.217] with:
       command=HELO/EHLO, count=3: 1 Time(s)
 	Total:  12 Time(s)
...

I would highly appreciate it if someone could assist me in troubleshooting these messages.

I am running Fedora Core 4 on this server.

Thanks,
Lidinho
 
Sort by date Sort by votes
Upvote 0 Downvote
Thanks Ken,

Will have a look

Thanks,
Lidinho
 
Upvote 0 Downvote
Hi All,

I have been monitoring the logs, and have been sending abuse reports to the relevant ISPs.

Can someone point in the right direction with regards to using SELinux efficiently?

Thanks,
Lidinho
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

bazil2
  • Locked
  • Question
Extracing values from a file name using tokening and using values in a text file -is this possible? 1
Replies
1
Views
78
feherke
feherke
bazil2
  • Locked
  • Question
Sendmail - Redirecting an Email that exceeds a specific size - is this possible?
Replies
0
Views
52
bazil2
bazil2
AndyGroom
  • Locked
  • Question
Rewrite - is it possible? 1
Replies
2
Views
33
AndyGroom
AndyGroom
Dmoadab
  • Locked
  • Question
Possible SSL issue with OpenX
Replies
0
Views
33
Dmoadab
Dmoadab
bazil2
  • Locked
  • Question
Using the date function to return a date a few minutes in tne future - is this possible? 2
Replies
1
Views
60
feherke
feherke

Part and Inventory Search

Sponsor

Back
Top