HIDS 171002

From Atomicorp Wiki
Revision as of 11:56, 14 December 2017 by Scott (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search
Rule 171002
Status Active
Alert Message Exim authentication failure

Contents

Description

This means that an application on the system has reported to ASL that a user has failed to authenticate to the Exim mail server.

You should investigate this event as it may be part of a broader attack.


Troubleshooting

False Positives

No false positives are known to exist for this. The event is not caused by ASL, but rather the application reports to ASL that it has experienced an authentication failure for a user. If your application is incorrectly reporting this, please report the issue to the application vendor. If ASL is incorrectly reporting an event, that is the application is not authentication failures, please let us know.

Additional Information

Similar Rules

Knowledge Base Articles

None.

Retrieved from "https://wiki.atomicorp.com/wiki/index.php?title=HIDS_171002&oldid=5892"
Personal tools