Aug 24 04:52:43 tempest portsentry[815]: attackalert: Possible stealth scan from unknown host to TCP port: 143 (accept failed)
Aug 24 04:52:43 tempest portsentry[815]: attackalert: Possible stealth scan from unknown host to TCP port: 143 (accept failed)
Aug 24 04:52:43 tempest portsentry[815]: attackalert: Possible stealth scan from unknown host to TCP port: 143 (accept failed)
Aug 24 04:57:09 tempest portsentry[815]: attackalert: Possible stealth scan from unknown host to TCP port: 143 (accept failed)

Aug 24 04:58:28 tempest stunnel[1977]: 127.0.0.1.2082 connected from 212.181.114.38:10402
Aug 24 04:58:28 tempest portsentry[815]: attackalert: Possible stealth scan from unknown host to TCP port: 143 (accept failed)
Aug 24 04:58:28 tempest last message repeated 11 times

Why do I keep getting these? What can I do to stop them? Last night my brand new Dell Server froze, is this the cause? and if so what can i do? please help

Most of the time portsentry sends out false reports.

Originally posted by Palm
Most of the time portsentry sends out false reports.

I don't know anything about portsentry, but I'm thinking that's not the best way to look at it. Presumption of problems might be beneficial here :D

True, but don't get heart attacks when ever you see heack attempts in your logs.

Check your portsentry settings and make sure that it does not freak out on port 143 (thats SSL / https traffic).

I don't think somebody would stealth-scan the same port over and over from the same IP address :)

most likely someone or soemthing tried to connect to your server using SSL and nothing replied to it... and portsentry logged it?