13 Jul
2012
13 Jul
'12
5:21 a.m.
Quoting Russell Coker (russell@coker.com.au):
If they did make lots of connections then I would have noticed. The number of login errors etc didn't increase much.
If you're saying they guessed your SMTP auth credentials without very many connection attempts, maybe you ought to be trying to figure out _how_ they arrived at the right solution so quickly. I'd love to help figure that out, but lack the raw data.
If they had some better way of gaining access then they would have done something more useful than send out spam from the test account.
Oh, I wouldn't be so sure. Many security breakins are not only not very intelligent but in fact are run by completely automated (and necessarily single-minded) processes.