Displaying 20 results from an estimated 9000 matches similar to: "Dovecot attack"
2007 Oct 25
2
FW: Logwatch for XXXXXXX.kd4efm.org (Linux)
Found an error or two from my logwatch report from yesterday,
thought I would share this in hopes this is just first time
run of the problem I noticed in the Kernel report section...
Also not sure why there's an issue with automount either....
but I guess I could ask on that issue as well.
I am not worried about the NAMED error, this is something that
happens due to one of the services that
2011 Apr 29
1
Can somebody explay the here down message lines from server Centos 5.6
**Unmatched Entries**
gdm[5342]: pam_succeed_if(gdm:auth): error retrieving information about user
gdm[5342]: pam_succeed_if(gdm:auth): error retrieving information about user
gdm[5342]: pam_succeed_if(gdm:auth): error retrieving information about user
9 gdm[5342]: pam_succeed_if(gdm:auth): error retrieving information about
user gdm[5342]: pam_succeed_if(gdm:auth): error retrieving
2010 Aug 24
3
PAM_shield locking me out?
Yesterday I installed pam_shield and followed the testing suggested and
thought all was well.
today I find that I cannot get to my email account, I can login via ssh
okay (uses keys) but su and sudo give
segmentation faults. I am guessing due to the pam module causing a problem.
As I cannot do remote login as root and sudo and su use pam I appear to
have locked myself out.
Any words of wisdom
2011 Sep 09
2
Attacking Dovecot
Hello,
I am using Dovecot ver.1.0.7 on an x86 server with RedHat Linux Enterprise 5
and the following configuration:
# 1.0.7: /etc/dovecot.conf
protocols: pop3
login_dir: /var/run/dovecot/login
login_executable: /usr/libexec/dovecot/pop3-login
mail_location: mbox:~/mail:INBOX=/var/mail/%u
mail_executable: /usr/libexec/dovecot/pop3
mail_plugin_dir: /usr/lib/dovecot/pop3
2010 Aug 29
1
Ignorant question on pam_shield
I've seen pam_shield recommended several times
for protecting against malicious login attempts;
but I'm not quite clear if this requires one
to be already running some pam-based software?
Also, I'm running shorewall,
and would prefer a shorewall based protection,
but the advice I read on googling for this
seemed excessively complicated.
--
Timothy Murphy
e-mail: gayleard /at/
2014 Nov 20
2
logwatch reporting
I just launched a new mailserver that is using dovecot. My previous
mailserver used courier-mail. I am expecting better things with this
new server, but I was use to some login information in logwatch that I
am not seeing now. For example I would get:
[IMAPd] Logout stats:
====================
User | Logouts | Downloaded | Mbox Size
2011 Jan 07
3
When are Logwatch errors really errors
Hi All,
I don't know enough about when errors are *really* errors. So I google a lot to read and learn.
I have a few things in my Logwatch that I want to make sure I understand
1. smartd
**Unmatched Entries**
Problem creating device name scan list
Device /dev/sda: using '-d sat' for ATA disk behind SAT layer.
Device /dev/sdb: using '-d sat' for ATA disk behind SAT layer.
2006 Feb 21
1
OT Proftpd Continued
Below is a cut and past from my log files that are sent to me. This is
from the last day that proftpd worked correctly. I'm not sure why
proftpd was restarted as the log states:
################### LogWatch 5.2.2 (06/23/04) ####################
Processing Initiated: Sun Feb 19 09:02:02 2006
Date Range Processed: yesterday
Detail Level of Output: 0
Logfiles
2012 Apr 07
1
rhel/centos alternative to logwatch?
Logwatch file shows last upgrade to the code was 2007.
The unmatched entries are killing me in the reports.
I figure there must be a newer utility centos has in the repo but I
cannot find one.
Is logwatch the only one that is included?
thanks
2011 Feb 28
1
Logwatch reporting spamassassin messages as unmatched entries
I've recently switched to using spamassassin via a sendmail milter,
rather than using procmail to invoke it. This means that I get a number
of messages appearing in my maillog, and then being reported by logwatch
as unmatched entries.
An example of such a messages is:
Feb 27 04:33:09 quail sendmail[24780]: p1R4X46P024780[2]: URIBL blacklist\n\t* [URIs: tablettoxicspillsrx.ru]\n\t* 1.5
2005 Nov 26
2
rdnc error
Hello,
I noticed in my logwatch file I have an error with my rndc key. I could
'play' around with it and may fix it but most likey just hose things up. I
think I see the problem but not 100% sure. I think the key file has 3
different names.
Here's the error:
**Unmatched Entries**
/etc/named.conf:23: couldn't find key 'rndckey' for use with command
channel
2013 Mar 14
3
Dovecot error wuth MySQL
Hello PeopleCan anybody help me?My scenario:- One computer with:a)
postfix-2.6.6-2.2.el6_1.x86_64b) mysql-5.1.66-2.el6_3.x86_64c)
dovecot-2.0.9-2.el6_1.1.x86_64d) dovecot-mysql-2.0.9-2.el6_1.1.x86_64Postfix
and Dovecot auth over MySQLThe Problem:- logwatch show me: Dovecot
disconnects: auth failed, 1 attempts: 1 Time(s) in IDLE: 2 Time(s)
no auth attempts: 6 Time(s) no reason: 6
2013 Jan 18
2
Smartd Warning in logwatch report
I updated the machine that I use for a web/email server last night to 5.9, and I
have this in the logwatch report this morning:
QUOTE:
--------------------- Smartd Begin ------------------------
Warnings:
Device: /dev/sda [SAT], WARNING: There are known problems with these
drives, - 1 Time(s)
**Unmatched Entries**
smartd 5.42 2011-10-20 r3458 [x86_64-linux-2.6.18-348.el5] (local
2009 Feb 19
1
limiting authentication failures
In my log files I occasionally get a huge number of Dovecot authentication
failures (see clip below).
I wanted to know if there's a way to limit the number of times an IP address
can attempt to authenticate, if there's a way to have a timeout between
attempted authentications, or if there is a way to limit authentication
attempts by a specific username within a certain period of time.
2017 May 03
1
dovecot log shows: service=imap ... Error: Temp file creation to /tmp/dovecot.imap. failed: No such directory
I am using dovecot 2.2 with plesk 12 and I have made no modifications to the dovecot config.
Logwatch reports the messages below.
The errors don't seem to appear for every imap connect as can be seen from the number of deliveries and successful logins.
So what makes dovecot fail sometimes to create the /tmp/dovecot.imap?
Dovecot Deliveries: 19
Dovecot IMAP and POP3 Successful Logins: 106
2006 Sep 22
1
ssh login through AD solution
Thanks to Anthony Ciarochi at Centeris for this solution.
I have a Centos (Red Hat-based) server that is now accessible to AD users
AND local users via ssh. I can control which AD groups can login using the
syntax below. Red Hat-based distros use "pam_stack" in pam.d which is quite
different than Debian's "include" based pam.d,
cat /etc/pam.d/sshd
#
2010 Sep 08
4
Interpreting logwatch
Every few days I see in the logwatch on my Centos-5.5 web-server
what seems like a rather feeble break-in attempt.
Eg today I see
---------------------------
403 Forbidden
/phpMyAdmin/scripts/setup.php: 2 Time(s)
/phpmyadmin/scripts/setup.php: 2 Time(s)
404 Not Found
/PMA2005/scripts/setup.php: 1 Time(s)
/TRAD_files/datestamp.js: 1 Time(s)
...
2011 Aug 19
3
Fedora and CentOS no longer on speaking terms
I have just upgraded my server from CentOS 5 to CentOS 6 and am having
connectivity problems. My laptop runs Fedora 14, and I have been in the habit
of mounting data partitions on my server by fstab entries. Since the update
I've not been able to do that. On watching the messages during a reboot I saw
a statement that the connection was denied by the server (where are those
messages
2007 Oct 02
3
Logwatch for postfix
On CentOS5 with the latest updates applied, the logwatch filter for
postfix returns way too many lines from the log. I get an "unmatched
entries" message and all messages that have gone through the system is
listed.
Here is an example:
8F930A8092: to=<morten at foo.bar>, orig_to=<morten at localhost>,
relay=local, delay=0.19, delays=0.06/0.01/0/0.12, dsn=2.0.0,
2015 May 11
2
ldap host attribute is ignored
one more thing: firewalld service and selinux are deactivated.
On 05/11/2015 07:06 PM, Ulrich Hiller wrote:
> Hmmm...., i have made now a complete new install but the problem
> persists: ldap authentication works, but the host attribute is ignored.
>
> I have installed CentOS7 64bit with KDE.
> I did not do any 'yum update' or install of extra packages so far.
>
>