Re: [SOGo] SOGoWebAuthenticator, wrong passwords
On 03/21/2018 02:09 PM, Christian Mack (christian.m...@uni-konstanz.de) wrote: Someone is trying to authenticate with an invalid user password pair. We have those too. It is always a base64 encoded string. I read somewhere, that the big chinese firewall is using such strings to test services with encrypted communication. Not sure if that is true, but we get those all the time. Nothing to worry about. Good, thanks! MJ -- users@sogo.nu https://inverse.ca/sogo/lists
Re: [SOGo] SOGoWebAuthenticator, wrong passwords
Am 20.03.2018 um 10:33 schrieb lists (li...@merit.unu.edu): > Hi, > > We are getting log lines like this: > >> <158>1 2018-03-20T10:17:49.544178+01:00 sogoserver sogo - - Mar 20 >> 10:17:45 sogod [28582]: <0x0x7fbcb177c880[SOGoWebAuthenticator]> tried >> wrong password for user >> 'ZawE0cMY4hOVWGhBgt/ycpig2IavEcsEme1EYTs/cd/HOQOWgHmO/00WKsUyK0nfiR/gYKnhjMDavlYVTZjgKvYkwHj0bisq5F9JbiPmN1Y04wFbgUC/TBTZJLphMeSVqL7WXKipUSxb71mlYYDVe8F5Tpr3/77PLlsEM9bg=='! >> > > The above is just a sample, there are more lines like that, but with > different strings. > > Could anyone explain what that means? > > As you can perhaps guess, this is not a username on our systems. > > (this is sogo 2.3.23 on wheezy) > Someone is trying to authenticate with an invalid user password pair. We have those too. It is always a base64 encoded string. I read somewhere, that the big chinese firewall is using such strings to test services with encrypted communication. Not sure if that is true, but we get those all the time. Nothing to worry about. Kind regards, Christian Mack -- Christian Mack Universität Konstanz Kommunikations-, Informations-, Medienzentrum (KIM) Abteilung Basisdienste 78457 Konstanz +49 7531 88-4416 smime.p7s Description: S/MIME Cryptographic Signature
[SOGo] SOGoWebAuthenticator, wrong passwords
Hi, We are getting log lines like this: <158>1 2018-03-20T10:17:49.544178+01:00 sogoserver sogo - - Mar 20 10:17:45 sogod [28582]: <0x0x7fbcb177c880[SOGoWebAuthenticator]> tried wrong password for user 'ZawE0cMY4hOVWGhBgt/ycpig2IavEcsEme1EYTs/cd/HOQOWgHmO/00WKsUyK0nfiR/gYKnhjMDavlYVTZjgKvYkwHj0bisq5F9JbiPmN1Y04wFbgUC/TBTZJLphMeSVqL7WXKipUSxb71mlYYDVe8F5Tpr3/77PLlsEM9bg=='! The above is just a sample, there are more lines like that, but with different strings. Could anyone explain what that means? As you can perhaps guess, this is not a username on our systems. (this is sogo 2.3.23 on wheezy) MJ -- users@sogo.nu https://inverse.ca/sogo/lists
