On Tuesday 12 April 2005 01:52 pm, DAve wrote:
> I have recorded a AOL ip attempting to connect to a users pop account,
> this user having experienced missing email for the last two months. The
> attempts showed up when I changed the users simple password to a better
> one.

are you sure it's not just the user? :)  Or perhaps a friend of the user, who 
let your user use his or her computer, and set up the account in OE or 

> No answer from AOL at their [EMAIL PROTECTED] account concerning my
> inquires and log samples. I'm being told by an ex AOL employee that they
> will not provide any details of the user attempting to hack the pop
> account.

of course not, especially for something this petty.

> Any suggestions? How would other admins handle this? FBI? CERT? I do
> know that AOL will delete the records tonight so anything I do must
> happen soon or the information will be lost forever.

I highly doubt anything bad is going on... and even if there is.. I highly 
doubt the FBI would do anything about it.  Change the user's password to one 
that isn't blatantly stupid, and problem is solved.


Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc.
    [EMAIL PROTECTED] ++ inter7.com ++ 866.528.3530 ++ 815.776.9465 int'l
      kitchen @ #qmail #gentoo on EFnet IRC ++ scriptkitchen.com/qmail
         GnuPG Key ID: 481BF7E2 ++ jabber:[EMAIL PROTECTED]

Attachment: pgpWJrFUrQaGo.pgp
Description: PGP signature

Reply via email to