awskier08 Posted January 23, 2014 Share Posted January 23, 2014 Jan 22 21:26:08 Pineapple auth.info sshd[21081]: Failed password for root from 218.2.22.xxx port 3621 ssh2 Coming from china I see, but your not gonna be able to crack my password. lol Quote Link to comment Share on other sites More sharing options...
mreidiv Posted January 23, 2014 Share Posted January 23, 2014 (edited) They could be behind a proxi. Edited January 23, 2014 by mreidiv Quote Link to comment Share on other sites More sharing options...
kenwood Posted February 2, 2014 Share Posted February 2, 2014 I really wonder if it is a proxy IP address. In the last week I have seen brute force SSH attacks on port 22 from 10 different IP addresses in the 18.2.22.XXX block of addresses and 17 different addresses in the 222.186.62.XXX block of addresses. These are both Chinese blocks and it appears that it is someone that can easily change their IP address at will. Seems like an organized attack more than random script kiddies. In the past couple of weeks attacks on my server have increased by a factor of three and the increase seem to be from Chinese activity. I wonder why the sudden upsurge. Perhaps I am just lucky ;-). Quote Link to comment Share on other sites More sharing options...
yabasoya Posted February 2, 2014 Share Posted February 2, 2014 (edited) I used to get port scan alerts all the time. Usually 3 at a time on random ports from China. I use Sophos UTM9 now, it's free for home use. The only problem is that I am big into torrents and most seeds are from over there. Edited February 2, 2014 by yabasoya Quote Link to comment Share on other sites More sharing options...
barry99705 Posted February 2, 2014 Share Posted February 2, 2014 I used to get failed ssh attempts on my server all the time. I'm currently blocking Korea, China, India, Russia, Turkey, Vietnam, Ukraine, Brazil, Venezuela, and Pakistan inbound on my firewall. Failed attempts have pretty much stopped. I get a random couple every month or so, but nothing like I used to get. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.