EPIC FAIL:
To: drunkentech@gmail.com
From: Mail Administrator <Postmaster@rrsecurity-abuse.com>
Reply-To: <Postmaster@rrsecurity-abuse.com>
Subject: Mail System Error - Returned Mail
Date: Fri, 21 Nov 2008 15:33:28 -0500
This Message was undeliverable due to the following reason:
The user(s) account is temporarily over quota.
<abuse-desk@rrsecurity-abuse.com>
Please reply to <Postmaster@rrsecurity-abuse.com> if you feel this message to be in error.
–===========================_ _= 8772888(331)1227299608
Content-Type: message/delivery-status
Reporting-MTA: dns; rrcs-fep-03.hrndva.rr.com
Arrival-Date: Fri, 21 Nov 2008 15:33:28 -0500
Received-From-MTA: dns; rrcs-mgw-02b.hrndva.rr.com (172.28.193.155)
Final-Recipient: RFC822; <abuse-desk@rrsecurity-abuse.com>
Action: failed
Status: 4.2.2
From: Ian <drunkentech@drunkentech.com>
To: abuse-desk@rrsecurity-abuse.com
Subject: Contact Us
Date: Fri, 21 Nov 2008 12:33:22 -0800
I’ve had an intrusion attempt from a customer on your network.
Nov 21 12:26:15 fatmac com.apple.SecurityServer[26]: getpwnam() failed for user laura, creating invalid credential
Nov 21 12:26:15: — last message repeated 1 time —
Nov 21 12:26:15 fatmac com.apple.SecurityServer[26]: Failed to authorize right system.login.tty by client /usr/sbin/sshd for authorization created by /usr/sbin/sshd.
Nov 21 12:26:15 fatmac sshd[131]: error: PAM: Authentication failure for illegal user laura from rrcs-97-76-164-202.se.biz.rr.com
Nov 21 12:26:15 fatmac sshd[131]: Failed keyboard-interactive/pam for invalid user laura from 97.76.164.202 port 43476 ssh2
Thanks for addressing this problem with your affected customer.
——————————————
Ian, The DrunkenTech
drunkentech@drunkentech.com