Occasionally my POP3 server gets barraged by attempts to find a valid
userid/password combo to allow for authenticated SMTP relay (which is
interesting, because we don't even have a mail server listening on port 25 on
that server). Today's list was interesting. The only real "people" names they
attempted were:

matt
john
peter

They also checked for things like:

admin
administrator
webmaster
info
web
backup

And I think perhaps their user list and password list is one and the same,
because I got these as login attempts

passwd
password
12345
123456
54321
12345678
123

When I notice these, I always just add the IP address of the offender into my
"block" list at the firewall. I just didn't feel that today's list was really
trying that hard!

--
Danita
Novell Knowledge Partner
Moving GroupWise to Linux?
http://www.caledonia.net/gwmove.html