Support Home Communities Home   Search Today's Posts Mark Forums Read

 
 
LinkBack Thread Tools Display Modes
Prev Previous Post   Next Post Next
  #1  
Old 30-Aug-2007, 09:41 AM
Barry Akin
NNTP User
  
Posts: n/a
Default Weird info in POA logs
GW 7.0.2 HP2 Rev 1
NetWare 6.5.6
GroupWise set to High security


I was checking my POA log and noticed three of my accounts showing a Login
via GWIA/Pop with an ip address from China multiple times an hour or day.
The log is as follows (I have removed the Id):

19:06:32 300 C/S Login GWIA/Pop ::GW Id=XXXXXX :: 123.112.128.52
[192.168.100.21]
19:07:22 300 C/S Login GWIA/Pop ::GW Id=XXXXX :: 123.112.128.52
[192.168.100.21]
19:09:57 300 C/S Login GWIA/Pop ::GW Id=XXXXXXXX :: 123.112.128.52
[192.168.100.21]

I'm also seeing the same activity from another China based ipaddress of
58.240.104.3

The 192.168.100.21 is the internal address of my GroupWise box. I had all of
the accounts change their passwords and yet I'm still seeing this in the
logs. Is there someway that someone could be getting into the accounts
without knowing the password?

B.
Reply With Quote
 

« Previous Thread | Next Thread »
Thread Tools
Display Modes
Threaded Mode Threaded Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are Off
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


All times are GMT -6. The time now is 04:05 AM.
Contact Us - NOVELL FORUMS - Archive - Privacy Statement - Top

© 2007 Novell, Inc. All Rights Reserved.

Search Engine Friendly URLs by vBSEO 3.3.0 RC2