brute force from private IP 192.168.2.33

brute force from private IP 192.168.2.33

I’m getting a ton of brute force failed login attempts, but what’s strange is that the reported IP is from a private 192.168.x.x IP address. What would that signify?

Here’s one entry directly from the log:
192.168.2.33 data 1 exim1 2012-11-10 15:16:35 login authenticator failed for ([192.168.2.33]) [50.121.152.110]: 535 Incorrect authentication data (set_id=data)

Should I just add to the skip list?
Any guidance is appreciated.

Comments are closed.