Re: event id 13004

Fri, 30 Nov 2001 11:43:23 -0800

Here's the info on the block of IPs this is in - in case it helps.  Perhaps their IP admin can help track down the IP.
--------------
     Concentric Network Corporation (NETBLK-CONCENTRIC-BLK6)
        1400 Parkmoor Avenue
        San Jose, CA  95126-3429
        US

        Netname: CONCENTRIC-BLK6
        Netblock: 65.104.0.0 - 65.107.255.255
        Maintainer: CRC

        Coordinator:
           DNS and IP ADMIN  (DIA-ORG-ARIN)  [EMAIL PROTECTED]
           (408) 817-2800
     Fax- - - (408) 817-2630

        Domain System inverse mapping provided by:

        NAMESERVER1.CONCENTRIC.NET   207.155.183.73
        NAMESERVER2.CONCENTRIC.NET   207.155.184.72
        NAMESERVER3.CONCENTRIC.NET   206.173.119.72
        NAMESERVER.CONCENTRIC.NET    207.155.183.72

        ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE

        Record last updated on 26-Sep-2001.
        Database last updated on  29-Nov-2001 19:56:47 EDT.

Don Ely wrote:

 Have you checked this article out?

http://support.microsoft.com/directory/article.asp?ID=KB;EN-US;Q220905
 
 

So you know where that IP is coming from?  Remote user? 
  "There is nothing to fear but fear itself." -Franklin D. Roosevelt

-----Original Message-----
From: Allen Crawford [mailto:[EMAIL PROTECTED]]
Sent: Thursday, November 29, 2001 7:01 AM
To: MS-Exchange Admin Issues
Subject: event id 13004
 
A friend of mine has the following error on his Exchange 5.5 Server.  Is this the work of one of the worms out there or a hacker or neither?  Also, is there an easy way to block this IP on the Exchange Server?
 
 

Event ID: 13004

Source: MSExchange POP3

Logon attempt from 65.104.120.212 has failed: AcceptSecurityContext() call failed with error Access denied.
List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm

List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm
List Charter and FAQ at:
http://www.sunbelt-software.com/exchange_list_charter.htm

"WorldSecure Server <safeway.com>" made the following
annotations on 11/30/01 12:42:12
------------------------------------------------------------------------------
Warning:
All e-mail sent to this address will be received by the Safeway corporate e-mail system, and is subject to archival and review by someone other than the recipient. This e-mail may contain information proprietary to Safeway and is intended only for the use of the intended recipient(s). If the reader of this message is not the intended recipient(s), you are notified that you have received this message in error and that any review, dissemination, distribution or copying of this message is strictly prohibited. If you have received this message in error, please notify the sender immediately.


==============================================================================

Reply via email to