random usernames in attempts to break in to my machine?
This isn't really debian-specific, but I don't know a better place to
ask... recently, I've been having servers make a large number of
attempts to access my mail host using what appear to be random strings
as usernames -- it looks like this:
Apr 4 03:04:30 snowball saslauthd[1179]: pam_unix(:auth): check pass; user unknown
Apr 4 03:04:30 snowball saslauthd[1179]: pam_unix(:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
Apr 4 03:04:33 snowball saslauthd[1179]: : auth failure: [user=1b391vovbh.fsf@pfeifferfamily.net] [service=] [realm=] [mech=pam] [reason=PAM auth error]
They all have the same form: <something random>.fsf@pfeifferfamily.net
I'm trying to understand the point; it's not like there's any chance any
of those usernames will be valid. This isn't they usual attempts using
usernames like root, admin, test1, scan... those I understand.
So, anybody have any ideas what's up here?
Reply to: