Software602 Home . products . download . support . register . how to buy . . view cart . . . contact us . . . .
Software602 Home . . . . . .
. .
.
.
Software602 Login
E-mail:
Password:
forgot?
.
Support Home .
.
User Forum .
.
Knowledge Base .
.
Submit Ticket .
.
View My Tickets .
.
. .
.
602LAN SUITE 2004 User Forumforum home | rss | search | terms of use
BackBack to 602LAN SUITE 2004 Forum
Add New TopicAdd New Topic
Post ReplyPost Reply
Mail Hacking
  Posted by  Scott Franson  on Monday, August 28, 2006 at 8:34:41 AM (EST)
The last couple of days I've seen an increase with someone trying to get into an Admin mail account, which there is none. Here's part of the log:
2:36:52 AM FTP: 1476 140.115.23.1 Connection has arrived.
2:36:52 AM FTP: Bad Mail602 password for user Administrator
2:36:52 AM FTP: 1476 Connection closed.
2:36:53 AM FTP: 1564 140.115.23.1 Connection has arrived.
2:36:53 AM FTP: Bad Mail602 password for user Administrator
2:36:53 AM FTP: 1564 Connection closed.
2:36:53 AM FTP: 1496 140.115.23.1 Connection has arrived.
2:36:54 AM FTP: Bad Mail602 password for user Administrator
2:36:54 AM FTP: 1496 Connection closed.
2:36:54 AM FTP: 1544 140.115.23.1 Connection has arrived.
2:36:55 AM FTP: Bad Mail602 password for user Administrator
2:36:55 AM FTP: 1544 Connection closed.
2:36:55 AM FTP: 1572 140.115.23.1 Connection has arrived.
2:36:56 AM FTP: Bad Mail602 password for user Administrator
2:36:56 AM FTP: 1572 Connection closed.

They have tried with user names of Administrator, Admin, Guest, User and so on.

Is there a way to block that IP address when I see this happening? If so, could someone explain how to do this. I've tried to do it at the Firewall in LanSuite on ports 21, 80, & 25, but it does not work or I've forgotten to do something.

I've also got problems with web mail. When a message is checked and then you try to delete it, we get the error:
Unhandled Exception: Cannot create file E:\Software602\602LAN SUITE\WWWCLNT\3071129B.tmp\NewMsg\NewMsg.ini
This happens in all accounts.

Thanks for any help.
  Posted by Robert Smith  on Monday, August 28, 2006 at 10:09:45 AM (EST)
You could add 140.115.23.1 to the firewall. Try this tip:

https://secure.software602.com/kb/view.aspx?articleID=937

All you'd need to do is follow the second part except modify the SMTP rule rather than the WWW rule.


  Posted by Scott Franson  on Monday, August 28, 2006 at 2:21:28 PM (EST)
I've tried that for FTP, SMTP, and WWW, with no luck.
BackBack to 602LAN SUITE 2004 Forum
Add New TopicAdd New Topic
Post ReplyPost Reply
.
. . .
.
  © 2009 Software602, Inc. All rights reserved.