Hacked imap?

Someone was working at getting root access to my server last night. The same IP listed at the logwatch SSH section is also listed in the Service Imap (see log). Looks like they had no luck with SSH but I'm not sure about the imap entry. Any ideas?

--------------------- Connections (secure-log) Begin ------------------------


Connections:
Service imap:
127.0.0.1: 217 Time(s)
167.216.252.51: 1 Time(s)

---------------------- Connections (secure-log) End -------------------------


--------------------- SSHD Begin ------------------------


Failed logins from these:
adm/password from 167.216.252.51: 1 Time(s)
backup/password from 167.216.252.51: 1 Time(s)
bd3rst62/password from 167.216.252.51: 1 Time(s)
bin/password from 167.216.252.51: 1 Time(s)
deamon/password from 167.216.252.51: 1 Time(s)
root/password from 167.216.252.51: 1 Time(s)

**Unmatched Entries**
Illegal user zZyYxXwW from 167.216.252.51
Illegal user backup from 167.216.252.51
Illegal user bd3rst62 from 167.216.252.51
Illegal user deamon from 167.216.252.51

---------------------- SSHD End -------------------------

 

 

 

 

Top