bastards...log file inside

NYSpeed Automotive NYSpeed Off Topic
1

sshd:
Authentication Failures:
unknown (125.102.118.134): 3325 Time(s)
unknown (eiv122.internetdsl.tpnet.pl): 227 Time(s)
root (125.102.118.134): 28 Time(s)
root (eiv122.internetdsl.tpnet.pl): 27 Time(s)
tomcat (125.102.118.134): 20 Time(s)
apache (125.102.118.134): 8 Time(s)
daemon (125.102.118.134): 8 Time(s)
ftp (125.102.118.134): 8 Time(s)
games (125.102.118.134): 8 Time(s)
mail (125.102.118.134): 8 Time(s)
news (125.102.118.134): 8 Time(s)
operator (125.102.118.134): 8 Time(s)
gdm (125.102.118.134): 2 Time(s)
mail (eiv122.internetdsl.tpnet.pl): 2 Time(s)
sync (125.102.118.134): 2 Time(s)
unknown (222.66.106.2): 2 Time(s)
ftp (eiv122.internetdsl.tpnet.pl): 1 Time(s)
lp (125.102.118.134): 1 Time(s)
operator (eiv122.internetdsl.tpnet.pl): 1 Time(s)
Invalid Users:
Unknown Account: 3554 Time(s)

pam_succeed_if(sshd:auth): error retrieving information about user cyrus
reverse mapping checking getaddrinfo for sv134.nasuka.jp failed - POSSIBLE BREAK-IN ATTEMPT!
pam_succeed_if(sshd:auth): error retrieving information about user cyrus
reverse mapping checking getaddrinfo for sv134.nasuka.jp failed - POSSIBLE BREAK-IN ATTEMPT!
pam_succeed_if(sshd:auth): error retrieving information about user cyrus
reverse mapping checking getaddrinfo for sv134.nasuka.jp failed - POSSIBLE BREAK-IN ATTEMPT!
pam_succeed_if(sshd:auth): error retrieving information about user cyrus2
reverse mapping checking getaddrinfo for sv134.nasuka.jp failed - POSSIBLE BREAK-IN ATTEMPT!
pam_succeed_if(sshd:auth): error retrieving information about user test
reverse mapping checking getaddrinfo for sv134.nasuka.jp failed - POSSIBLE BREAK-IN ATTEMPT!
pam_succeed_if(sshd:auth): error retrieving information about user test
reverse mapping checking getaddrinfo for sv134.nasuka.jp failed - POSSIBLE BREAK-IN ATTEMPT!
pam_succeed_if(sshd:auth): error retrieving information about user test
reverse mapping checking getaddrinfo for sv134.nasuka.jp failed - POSSIBLE BREAK-IN ATTEMPT!

Aug 14 17:40:46 db2 sshd[14962]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
rhost=218.
247.185.222
Aug 14 17:40:46 db2 sshd[14962]: pam_succeed_if(sshd:auth): error retrieving information about user test
Aug 14 17:40:48 db2 sshd[14962]: Failed password for invalid user test from 218.247.185.222 port 34032 ssh2
Aug 14 21:40:48 db2 sshd[14963]: Failed password for invalid user test from 218.247.185.222 port 34032 ssh2
Aug 14 21:40:48 db2 sshd[14963]: Received disconnect from 218.247.185.222: 11: Bye Bye
Aug 14 17:40:51 db2 sshd[14964]: Invalid user guest from 218.247.185.222
Aug 14 21:40:51 db2 sshd[14965]: input_userauth_request: invalid user guest
Aug 14 17:40:51 db2 sshd[14964]: pam_unix(sshd:auth): check pass; user unknown
Aug 14 17:40:51 db2 sshd[14964]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
rhost=218.
247.185.222
Aug 14 17:40:51 db2 sshd[14964]: pam_succeed_if(sshd:auth): error retrieving information about user guest
Aug 14 17:40:53 db2 sshd[14964]: Failed password for invalid user guest from 218.247.185.222 port 34152 ssh2
Aug 14 21:40:53 db2 sshd[14965]: Failed password for invalid user guest from 218.247.185.222 port 34152 ssh2
Aug 14 21:40:53 db2 sshd[14965]: Received disconnect from 218.247.185.222: 11: Bye Bye
Aug 14 17:40:56 db2 sshd[14967]: Invalid user admin from 218.247.185.222
Aug 14 21:40:56 db2 sshd[14968]: input_userauth_request: invalid user admin
Aug 14 17:40:56 db2 sshd[14967]: pam_unix(sshd:auth): check pass; user unknown
Aug 14 17:40:56 db2 sshd[14967]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser=
rhost=218.
247.185.222
Aug 14 17:40:56 db2 sshd[14967]: pam_succeed_if(sshd:auth): error retrieving information about user admin
Aug 14 17:40:58 db2 sshd[14967]: Failed password for invalid user admin from 218.247.185.222 port 34273 ssh2
Aug 14 21:40:58 db2 sshd[14968]: Failed password for invalid user admin from 218.247.185.222 port 34273 ssh2

Snip its from mail log and secure log and messages…ughhh fucking people trying to bruteforce.

2

noobs… everyone knows the most commonly used passwords are:

god
sex
love
secret
password
twincamsaturn

3

Sorry about that, I was bored.

4

I only care because I left the log up and my boss happened to walk by and go we “we should automaticly blacklist these IP’s” yay new project