Log report is reporting a lot of these lately.. following is just a
short snippet from the beginning on one server.
WARNING!!!!
Possible Attack:
Attempt from 104.29.broadband2.iol.cz [83.208.29.104] with:
command=HELO/EHLO, count=3 : 1 Time(s)
Attempt from 106.7.broadband7.iol.cz [88.102.7.106] with:
command=HELO/EHLO, count=3 : 1 Time(s)
Attempt from 106.74.broadband5.iol.cz [88.100.74.106] with:
command=HELO/EHLO, count=3 : 1 Time(s)
Attempt from 126.239.broadband7.iol.cz [88.102.239.126] with:
command=HELO/EHLO, count=3 : 1 Time(s)
Attempt from 144.Red-80-34-151.staticIP.rima-tde.net [80.34.151.144]
with:
command=HELO/EHLO, count=3 : 1 Time(s)
Could anyone expand on what these folks are actually doing? And if I
should be concerned?
This is happening on both my CentOS 3 and 4 systems, all running Sendmail.
Thanks,
John Hinton
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos