Breed's Blog: Log review

Was reviewing my logs this morning and found several interesting messages in the log files. Plus a lot of e-mail from my router with it's logs. I had a lot of attempts to send mail through my mail server. All comming from the same IP address. All failures to get verified. It looks like it was a plain name attack, probably user name password user name attack.

Did an ARIN who is search on the IP address. Pretty blatant on who the IP address is registered to.

Xspedius needs to secure their servers it looks like or should I say Time Warner according to their web page.

http://www.xspedius.com/

Search results for: 199.227.101.138

Xspedius Communications Co. ESPIRE-11BLK (NET-199-227-0-0-1)
                                 199.227.0.0 - 199.227.255.255
Hacker, Johnson and Smith HACKER-200507121536883 (NET-199-227-101-136-1)
                                 199.227.101.136 - 199.227.101.143

# ARIN WHOIS database, last updated 2007-05-29 19:10
# Enter ? for additional hints on searching ARIN's WHOIS database.

Breed's Blog

Wednesday, May 30, 2007

Log review

0 Comments:

Links to this post:

Previous Posts