hello all,
looking in the poa-logs, I find the following strange behavior:
normally a user activity is logged as follows:
0922poa.051:14:53:53 576 C/S Login WebAccess ::GW Id=user ::
999.888.777.666 [11.22.33.44]
where 999.888.777.666 is the ip address of the user,
11.22.33.43[11.22.33.44] are the ips of our gw-mailserver

but what's that:
0923poa.001:01:33:02 136 C/S Login Linux ::GW Id=user ::
11.22.33.43[11.22.33.44]
:::::::
0923poa.001:01:33:05 136 C/S Login Linux ::GW Id=user ::
11.22.33.43[11.22.33.44]
..................lots of such entries...
is it an hacking attack???
thanks for answering
--
Hermann