![]() I verified that there were no messages sent on my behalf.Just in case the same happens to you, here is what I did to deal with the situation: The perception of being intruded upon, whether it’s real or just a scare, is definitely not pleasant. However a lookup has always shown the questionable IP to belong to them.ĭo any of these services intentionally use the server with IP 173.203.211.51? Since I’m not the only one who suspects a violation from this IP, it would be interesting to hear what Slicehost has to say about it? Perhaps they know if it’s a legitimate or illegitimate use of their server. It’s worth mentioning that in the past Etacts had scared the crap out of me with their American IP showing up in the recent activity list. Etacts (a few weeks before the intrusion).Zoho Discussions (24 hours before the suspected intrusion happened).I’m not pointing fingers here, nor accusing anyone, but it is interesting to find such an occurence happening so shortly after granting the aforementioned authorizations. Using 1Password I’m even immune to the so-called “tab napping” attacks.Īssuming that this is not a misunderstanding and some SaaS application I authorized is not in fact using that server to perform a legitimate action, I think it’s likely that someone managed to get in through a vulnerability or backdoor in one such application. I use a Mac and am very cautious about what I install, so I doubt I have a keylogger installed or anything of that nature. I haven’t used my laptop on an unsecured WiFi. ![]() Was my account hacked into? I have a hard time believing that someone actually managed to login by guessing my password which was as secure as a password can be. To make things more interesting, I found two people ( one German, one Japanese) complaining online about the same IP address and IMAP access to their Gmail accounts. It turns out that it’s the IP of a server hosted by Slicehost (RackSpace), but I couldn’t find any website running on that IP address (173.203.211.51). So did someone manage to access my account? Or was it a web application that I authorized? Before panicking, I decided to look into whatever information I could gather about that IP. The following screenshot shows the recent activity on my account (with some information blanked out): ![]() In fact, tonight during a routine check, I discovered an unwelcome surprise: an entry that didn’t belong. If you don’t check yours regularly, you should (my version of Google Apps doesn’t have this feature though). I routinely check mine and the results are usually boring, reminding me I check my email way too often (and I do so mostly via browser, through my Canadian IP). The Gmail team recently introduced a new feature (in the footer) that enables account holders to verify the latest login activities on their account.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |