[nsp-sec] ACK AS3320 AW: coordinated slow ssh crack attempts II
Quick, P
P.Quick at telekom.de
Thu Sep 11 10:46:41 EDT 2008
ACK for AS3320
Forwarded to our abuse team ..
Greetings, peter
-----Ursprüngliche Nachricht-----
Von: nsp-security-bounces at puck.nether.net [mailto:nsp-security-bounces at puck.nether.net] Im Auftrag von Mike Tancsa
Gesendet: Donnerstag, 11. September 2008 16:04
An: nsp-security at puck.nether.net
Betreff: Re: [nsp-sec] coordinated slow ssh crack attempts II
----------- nsp-security Confidential --------
At 10:27 AM 9/10/2008, Mike Tancsa wrote:
>It seems the IP addresses below are part of some
>coordinated bruteforce ssh attack. The IPs
>below each try a user once or twice (example
>below IP list). It started at 0400 GMT today and is still continuing now.
Here is part 2 along with local times. Some are
repeated as they seem to use the same IP against
different hosts in our network. Sometimes at the
same time, sometimes delayed. There seems to be
about 20 different hosts involved per account and
they then change the group of 20 after that. I
guess they have quite a few hosts at their command. (examples below)
Bulk mode; whois.cymru.com [2008-09-11 13:17:11 +0000]
209 | 168.103.188.222 | 10-09-2008 08:12:33 EDT | ASN-QWEST - Qwest
1221 | 58.172.65.98 | 10-09-2008 06:20:19
EDT | ASN-TELSTRA Telstra Pty Ltd
1267 | 151.13.64.98 | 10-09-2008 05:04:59
EDT | ASN-INFOSTRADA Infostrada S.p.A.
1267 | 151.13.64.98 | 10-09-2008 06:03:52
EDT | ASN-INFOSTRADA Infostrada S.p.A.
1267 | 151.13.64.98 | 10-09-2008 06:30:10
EDT | ASN-INFOSTRADA Infostrada S.p.A.
1267 | 151.13.64.98 | 10-09-2008 08:29:57
EDT | ASN-INFOSTRADA Infostrada S.p.A.
1916 | 200.129.244.41 | 10-09-2008 05:37:24
EDT | Rede Nacional de Ensino e Pesquisa
2828 | 67.152.2.17 | 10-09-2008 06:03:49
EDT | XO-AS15 - XO Communications
2828 | 67.152.2.17 | 10-09-2008 08:53:48
EDT | XO-AS15 - XO Communications
2856 | 217.34.156.94 | 10-09-2008 06:32:35
EDT | BT-UK-AS BTnet UK Regional network
2856 | 217.34.156.94 | 10-09-2008 06:45:33
EDT | BT-UK-AS BTnet UK Regional network
3132 | 161.132.144.75 | 10-09-2008 05:14:51 EDT | Red Cientifica Peruana
3209 | 145.253.179.228 | 10-09-2008 08:56:24 EDT | Arcor IP-Network
3215 | 193.252.220.64 | 10-09-2008 08:08:29
EDT | AS3215 France Telecom - Orange
3215 | 193.252.220.64 | 10-09-2008 08:09:19
EDT | AS3215 France Telecom - Orange
3215 | 217.128.230.76 | 10-09-2008 03:26:42
EDT | AS3215 France Telecom - Orange
3215 | 80.13.67.104 | 10-09-2008 03:51:05
EDT | AS3215 France Telecom - Orange
3269 | 79.14.30.59 | 10-09-2008 03:23:38
EDT | ASN-IBSNAZ TELECOM ITALIA
3269 | 81.73.179.29 | 10-09-2008 07:10:54
EDT | ASN-IBSNAZ TELECOM ITALIA
3269 | 85.39.252.226 | 10-09-2008 04:26:27
EDT | ASN-IBSNAZ TELECOM ITALIA
3269 | 85.42.91.146 | 10-09-2008 05:55:09
EDT | ASN-IBSNAZ TELECOM ITALIA
3269 | 85.42.91.146 | 10-09-2008 06:27:14
EDT | ASN-IBSNAZ TELECOM ITALIA
3269 | 88.63.75.242 | 10-09-2008 04:13:03
EDT | ASN-IBSNAZ TELECOM ITALIA
3320 | 217.7.200.182 | 10-09-2008 05:16:54 EDT | DTAG Deutsche Telekom AG
3320 | 217.7.200.182 | 10-09-2008 08:35:55 EDT | DTAG Deutsche Telekom AG
3320 | 80.152.229.51 | 10-09-2008 04:14:20 EDT | DTAG Deutsche Telekom AG
3320 | 80.152.229.51 | 10-09-2008 05:41:33 EDT | DTAG Deutsche Telekom AG
3320 | 80.152.230.40 | 10-09-2008 05:00:42 EDT | DTAG Deutsche Telekom AG
3352 | 80.26.141.201 | 10-09-2008 00:55:15
EDT | TELEFONICA-DATA-ESPANA Internet Access Network of TDE
3352 | 80.35.196.154 | 10-09-2008 02:04:34
EDT | TELEFONICA-DATA-ESPANA Internet Access Network of TDE
3352 | 80.37.93.94 | 10-09-2008 08:27:51
EDT | TELEFONICA-DATA-ESPANA Internet Access Network of TDE
3352 | 80.37.93.94 | 10-09-2008 08:58:38
EDT | TELEFONICA-DATA-ESPANA Internet Access Network of TDE
3602 | 149.99.41.218 | 10-09-2008 03:20:59
EDT | AS3602-RTI - Rogers Telecom Inc.
4134 | 125.73.142.7 | 10-09-2008 05:33:50
EDT | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 125.73.142.7 | 10-09-2008 06:37:52
EDT | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 219.137.213.220 | 10-09-2008 05:19:35
EDT | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 219.137.213.220 | 10-09-2008 07:21:25
EDT | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 61.183.16.96 | 10-09-2008 07:36:24
EDT | CHINANET-BACKBONE No.31,Jin-rong Street
4134 | 61.183.16.96 | 10-09-2008 08:55:08
EDT | CHINANET-BACKBONE No.31,Jin-rong Street
4230 | 189.16.248.251 | 10-09-2008 03:34:35 EDT | Embratel
4230 | 189.16.248.251 | 10-09-2008 04:03:39 EDT | Embratel
4230 | 189.16.248.251 | 10-09-2008 06:33:30 EDT | Embratel
4230 | 200.183.40.66 | 10-09-2008 03:12:49 EDT | Embratel
4230 | 200.209.6.130 | 10-09-2008 03:17:14 EDT | Embratel
4230 | 200.209.6.130 | 10-09-2008 08:38:03 EDT | Embratel
4230 | 200.243.88.78 | 10-09-2008 03:26:54 EDT | Embratel
4230 | 200.248.82.130 | 10-09-2008 04:51:33 EDT | Embratel
4230 | 200.248.82.130 | 10-09-2008 05:28:25 EDT | Embratel
4230 | 200.248.82.130 | 10-09-2008 08:42:00 EDT | Embratel
4230 | 201.73.53.133 | 10-09-2008 06:13:09 EDT | Embratel
4323 | 207.250.220.196 | 10-09-2008 03:17:53
EDT | TWTC - tw telecom holdings, inc.
4323 | 207.250.220.196 | 10-09-2008 03:20:09
EDT | TWTC - tw telecom holdings, inc.
4323 | 207.250.220.196 | 10-09-2008 03:22:26
EDT | TWTC - tw telecom holdings, inc.
4323 | 207.250.220.196 | 10-09-2008 03:51:05
EDT | TWTC - tw telecom holdings, inc.
4323 | 207.250.220.196 | 10-09-2008 05:24:48
EDT | TWTC - tw telecom holdings, inc.
4323 | 207.250.220.196 | 10-09-2008 06:55:57
EDT | TWTC - tw telecom holdings, inc.
4323 | 207.250.220.196 | 10-09-2008 08:10:53
EDT | TWTC - tw telecom holdings, inc.
4323 | 207.250.220.196 | 10-09-2008 08:13:17
EDT | TWTC - tw telecom holdings, inc.
4538 | 58.196.4.98 | 10-09-2008 07:38:43
EDT | ERX-CERNET-BKB China Education and Research Network Center
4645 | 202.71.216.126 | 10-09-2008 05:56:35
EDT | ASN-HKNET-AP HKNet Co. Ltd
4766 | 220.118.229.164 | 10-09-2008 05:28:28 EDT | KIXS-AS-KR Korea Telecom
4766 | 220.118.229.164 | 10-09-2008 07:51:33 EDT | KIXS-AS-KR Korea Telecom
4766 | 220.118.229.164 | 10-09-2008 07:58:12 EDT | KIXS-AS-KR Korea Telecom
4780 | 203.70.179.113 | 10-09-2008 06:56:02
EDT | SEEDNET Digital United Inc.
4780 | 203.70.179.113 | 10-09-2008 07:02:13
EDT | SEEDNET Digital United Inc.
4780 | 203.70.179.113 | 10-09-2008 09:03:10
EDT | SEEDNET Digital United Inc.
4788 | 60.48.124.85 | 10-09-2008 06:23:02
EDT | TMNET-AS-AP TM Net, Internet Service Provider
4788 | 60.49.250.58 | 10-09-2008 03:33:01
EDT | TMNET-AS-AP TM Net, Internet Service Provider
4788 | 60.49.250.58 | 10-09-2008 03:43:03
EDT | TMNET-AS-AP TM Net, Internet Service Provider
4788 | 60.52.68.100 | 10-09-2008 05:50:05
EDT | TMNET-AS-AP TM Net, Internet Service Provider
4812 | 218.80.215.197 | 10-09-2008 05:24:55
EDT | CHINANET-SH-AP China Telecom (Group)
4812 | 218.80.215.197 | 10-09-2008 08:19:28
EDT | CHINANET-SH-AP China Telecom (Group)
4837 | 221.6.71.42 | 10-09-2008 09:04:59
EDT | CHINA169-BACKBONE CNCGROUP China169 Backbone
5390 | 212.129.216.166 | 10-09-2008 07:17:52
EDT | EURONET Orange Nederland B.V. Global AS
5390 | 85.144.133.30 | 10-09-2008 05:27:03
EDT | EURONET Orange Nederland B.V. Global AS
5432 | 194.78.221.189 | 10-09-2008 03:28:14
EDT | BELGACOM-SKYNET-AS Belgacom regional ASN
5432 | 194.78.221.189 | 10-09-2008 05:38:17
EDT | BELGACOM-SKYNET-AS Belgacom regional ASN
5432 | 81.241.231.149 | 10-09-2008 06:08:59
EDT | BELGACOM-SKYNET-AS Belgacom regional ASN
5515 | 88.195.12.108 | 10-09-2008 05:06:11
EDT | TS-FINLAND-DATANET-OLD TS Finland DataNet
5578 | 212.81.23.56 | 10-09-2008 05:36:13
EDT | GTS-SK-AS GTS Nextra a.s.
5578 | 212.81.23.56 | 10-09-2008 07:37:18
EDT | GTS-SK-AS GTS Nextra a.s.
5617 | 83.15.142.18 | 10-09-2008 07:22:09
EDT | TPNET Polish Telecom_s commercial IP network
5617 | 83.16.54.146 | 10-09-2008 04:33:31
EDT | TPNET Polish Telecom_s commercial IP network
5617 | 83.17.95.10 | 10-09-2008 04:09:13
EDT | TPNET Polish Telecom_s commercial IP network
6140 | 201.234.172.197 | 10-09-2008 07:25:06
EDT | IMPSAT-USA - ImpSat USA, Inc.
6140 | 201.234.172.197 | 10-09-2008 07:58:19
EDT | IMPSAT-USA - ImpSat USA, Inc.
6147 | 201.230.33.38 | 10-09-2008 05:25:20
EDT | Telefonica del Peru S.A.A.
6147 | 201.230.33.38 | 10-09-2008 08:38:06
EDT | Telefonica del Peru S.A.A.
6389 | 216.77.98.254 | 10-09-2008 03:20:58
EDT | BELLSOUTH-NET-BLK - BellSouth.net Inc.
6503 | 148.243.156.138 | 10-09-2008 03:29:51 EDT | Avantel, S.A.
6503 | 148.243.156.138 | 10-09-2008 04:40:56 EDT | Avantel, S.A.
6503 | 148.243.156.138 | 10-09-2008 06:04:47 EDT | Avantel, S.A.
6503 | 148.243.156.138 | 10-09-2008 09:04:31 EDT | Avantel, S.A.
6849 | 82.207.104.34 | 10-09-2008 04:00:42
EDT | UKRTELNET JSC UKRTELECOM,
6849 | 82.207.104.34 | 10-09-2008 04:09:35
EDT | UKRTELNET JSC UKRTELECOM,
6849 | 82.207.104.34 | 10-09-2008 06:10:49
EDT | UKRTELNET JSC UKRTELECOM,
6849 | 82.207.104.34 | 10-09-2008 07:19:35
EDT | UKRTELNET JSC UKRTELECOM,
6849 | 82.207.104.34 | 10-09-2008 08:39:47
EDT | UKRTELNET JSC UKRTELECOM,
6849 | 82.207.104.34 | 10-09-2008 08:45:29
EDT | UKRTELNET JSC UKRTELECOM,
7015 | 24.61.83.215 | 10-09-2008 06:32:30
EDT | CCCH-AS2 - Comcast Cable Communications Holdings, Inc
7132 | 208.191.112.212 | 10-09-2008 03:26:22
EDT | SBIS-AS - AT&T Internet Services
7132 | 208.191.112.212 | 10-09-2008 03:55:14
EDT | SBIS-AS - AT&T Internet Services
7132 | 208.191.112.212 | 10-09-2008 05:15:38
EDT | SBIS-AS - AT&T Internet Services
7132 | 208.191.112.212 | 10-09-2008 07:30:09
EDT | SBIS-AS - AT&T Internet Services
7132 | 75.14.225.218 | 10-09-2008 04:30:25
EDT | SBIS-AS - AT&T Internet Services
7132 | 75.24.138.85 | 10-09-2008 03:15:43
EDT | SBIS-AS - AT&T Internet Services
7132 | 75.49.251.71 | 10-09-2008 04:38:16
EDT | SBIS-AS - AT&T Internet Services
7132 | 75.49.251.71 | 10-09-2008 08:06:12
EDT | SBIS-AS - AT&T Internet Services
7132 | 76.230.26.10 | 10-09-2008 05:36:54
EDT | SBIS-AS - AT&T Internet Services
7303 | 200.43.219.134 | 10-09-2008 05:33:15 EDT | Telecom Argentina S.A.
7303 | 200.43.219.134 | 10-09-2008 08:02:01 EDT | Telecom Argentina S.A.
7540 | 202.181.164.220 | 10-09-2008 03:31:31
EDT | HKCIX-AS-AP HongKong Commercial Internet Exchange
7540 | 202.181.164.220 | 10-09-2008 03:36:12
EDT | HKCIX-AS-AP HongKong Commercial Internet Exchange
7540 | 202.181.164.220 | 10-09-2008 05:01:11
EDT | HKCIX-AS-AP HongKong Commercial Internet Exchange
7540 | 202.181.164.220 | 10-09-2008 05:26:43
EDT | HKCIX-AS-AP HongKong Commercial Internet Exchange
7545 | 123.243.96.118 | 10-09-2008 05:11:02
EDT | TPG-INTERNET-AP TPG Internet Pty Ltd
8048 | 190.75.205.171 | 10-09-2008 05:57:06
EDT | CANTV Servicios, Venezuela
8048 | 200.11.197.122 | 10-09-2008 04:42:41
EDT | CANTV Servicios, Venezuela
8048 | 200.11.197.122 | 10-09-2008 08:41:04
EDT | CANTV Servicios, Venezuela
8065 | 201.232.83.62 | 10-09-2008 05:20:54
EDT | EPM Telecomunicaciones S.A. E.S.P.
8065 | 201.232.83.62 | 10-09-2008 06:21:08
EDT | EPM Telecomunicaciones S.A. E.S.P.
8065 | 201.232.83.62 | 10-09-2008 07:52:35
EDT | EPM Telecomunicaciones S.A. E.S.P.
8151 | 200.79.25.39 | 10-09-2008 06:15:28 EDT | Uninet S.A. de C.V.
8151 | 200.79.25.39 | 10-09-2008 08:11:45 EDT | Uninet S.A. de C.V.
8167 | 200.102.77.29 | 10-09-2008 07:37:15
EDT | TELESC - Telecomunicacoes de Santa Catarina SA
8167 | 200.102.77.29 | 10-09-2008 08:39:01
EDT | TELESC - Telecomunicacoes de Santa Catarina SA
8167 | 201.41.215.154 | 10-09-2008 04:12:37
EDT | TELESC - Telecomunicacoes de Santa Catarina SA
8220 | 62.72.101.154 | 10-09-2008 04:02:27
EDT | COLT COLT Telecommunications
8220 | 62.72.101.154 | 10-09-2008 04:28:12
EDT | COLT COLT Telecommunications
8220 | 62.72.101.154 | 10-09-2008 05:42:19
EDT | COLT COLT Telecommunications
8220 | 62.72.101.154 | 10-09-2008 05:57:28
EDT | COLT COLT Telecommunications
8220 | 62.72.101.154 | 10-09-2008 08:05:00
EDT | COLT COLT Telecommunications
8514 | 212.41.242.226 | 10-09-2008 08:28:14 EDT | INODE UPC Austria GmbH
8708 | 82.79.20.218 | 10-09-2008 05:07:30 EDT | RDSNET RCS & RDS S.A.
8764 | 81.7.76.88 | 10-09-2008 08:45:54
EDT | TEOLTAB TEO LT AB Autonomous System
8813 | 212.15.155.63 | 10-09-2008 07:26:56
EDT | DCS-EUROCOM-AS DCS-EuroCom ISP AS
8968 | 217.220.122.58 | 10-09-2008 03:49:57
EDT | BT Italia (formerly Albacom) AS
8968 | 217.220.122.58 | 10-09-2008 04:49:02
EDT | BT Italia (formerly Albacom) AS
8968 | 217.220.122.58 | 10-09-2008 06:18:18
EDT | BT Italia (formerly Albacom) AS
8968 | 217.220.122.58 | 10-09-2008 09:14:27
EDT | BT Italia (formerly Albacom) AS
9121 | 85.105.124.205 | 10-09-2008 04:46:39
EDT | TTNET TTnet Autonomous System
9800 | 211.94.209.17 | 10-09-2008 00:44:38 EDT | UNICOM CHINA UNICOM
9800 | 211.94.209.17 | 10-09-2008 03:35:51 EDT | UNICOM CHINA UNICOM
9800 | 211.94.209.17 | 10-09-2008 03:39:25 EDT | UNICOM CHINA UNICOM
9800 | 211.94.209.17 | 10-09-2008 03:51:37 EDT | UNICOM CHINA UNICOM
9800 | 211.94.209.17 | 10-09-2008 04:12:10 EDT | UNICOM CHINA UNICOM
9800 | 211.94.209.17 | 10-09-2008 04:56:56 EDT | UNICOM CHINA UNICOM
9800 | 211.94.209.19 | 10-09-2008 00:56:02 EDT | UNICOM CHINA UNICOM
9800 | 211.94.209.19 | 10-09-2008 01:21:24 EDT | UNICOM CHINA UNICOM
9800 | 211.94.209.19 | 10-09-2008 03:10:39 EDT | UNICOM CHINA UNICOM
9800 | 211.94.209.19 | 10-09-2008 08:10:30 EDT | UNICOM CHINA UNICOM
9800 | 220.202.78.234 | 10-09-2008 03:54:24 EDT | UNICOM CHINA UNICOM
9800 | 220.202.78.234 | 10-09-2008 05:04:15 EDT | UNICOM CHINA UNICOM
9800 | 220.202.78.234 | 10-09-2008 06:52:55 EDT | UNICOM CHINA UNICOM
9800 | 220.202.78.234 | 10-09-2008 07:25:40 EDT | UNICOM CHINA UNICOM
9808 | 218.201.201.6 | 10-09-2008 05:18:21
EDT | CMNET-GD Guangdong Mobile Communication Co.Ltd.
9808 | 218.201.201.6 | 10-09-2008 06:21:13
EDT | CMNET-GD Guangdong Mobile Communication Co.Ltd.
9808 | 218.201.201.6 | 10-09-2008 07:13:16
EDT | CMNET-GD Guangdong Mobile Communication Co.Ltd.
9808 | 218.201.201.6 | 10-09-2008 09:09:29
EDT | CMNET-GD Guangdong Mobile Communication Co.Ltd.
10318 | 200.126.208.207 | 10-09-2008 04:22:07 EDT | CABLEVISION S.A.
10429 | 189.56.92.42 | 10-09-2008 04:22:56 EDT | Telefonica Empresas SA
10429 | 200.148.241.202 | 10-09-2008 01:36:10 EDT | Telefonica Empresas SA
10429 | 200.148.241.202 | 10-09-2008 06:27:48 EDT | Telefonica Empresas SA
10796 | 70.62.168.95 | 10-09-2008 07:12:45
EDT | SCRR-10796 - Road Runner HoldCo LLC
10834 | 200.51.40.154 | 10-09-2008 03:50:24
EDT | Telefonica Data Argentina S.A.
10834 | 200.51.40.154 | 10-09-2008 05:34:43
EDT | Telefonica Data Argentina S.A.
10834 | 200.51.40.154 | 10-09-2008 05:48:44
EDT | Telefonica Data Argentina S.A.
10834 | 200.51.40.154 | 10-09-2008 07:48:26
EDT | Telefonica Data Argentina S.A.
10834 | 200.51.42.234 | 10-09-2008 06:12:18
EDT | Telefonica Data Argentina S.A.
11556 | 190.34.164.139 | 10-09-2008 08:42:50 EDT | Cable & Wireless Panama
12127 | 216.184.100.141 | 10-09-2008 07:20:16
EDT | Telefonica Moviles El Salvador S.A. de C.V.
12322 | 81.56.199.24 | 10-09-2008 00:09:56
EDT | PROXAD AS for Proxad/Free ISP
12322 | 82.238.71.8 | 10-09-2008 08:11:22
EDT | PROXAD AS for Proxad/Free ISP
12322 | 82.238.71.8 | 10-09-2008 08:14:14
EDT | PROXAD AS for Proxad/Free ISP
12767 | 212.67.71.105 | 10-09-2008 05:03:15
EDT | PRAGONET-AS PRAGONET, a.s.
12767 | 212.67.71.105 | 10-09-2008 05:04:54
EDT | PRAGONET-AS PRAGONET, a.s.
12874 | 81.208.92.170 | 10-09-2008 05:38:44
EDT | FASTWEB Fastweb Autonomous System
12874 | 81.208.92.170 | 10-09-2008 05:59:16
EDT | FASTWEB Fastweb Autonomous System
12874 | 83.103.70.170 | 10-09-2008 05:29:44
EDT | FASTWEB Fastweb Autonomous System
12874 | 83.103.70.170 | 10-09-2008 05:51:26
EDT | FASTWEB Fastweb Autonomous System
12874 | 83.103.70.170 | 10-09-2008 09:07:38
EDT | FASTWEB Fastweb Autonomous System
12876 | 195.154.70.138 | 10-09-2008 04:29:25
EDT | AS12876 Telecom Italia France
12876 | 195.154.70.138 | 10-09-2008 04:29:29
EDT | AS12876 Telecom Italia France
12876 | 195.154.70.138 | 10-09-2008 04:29:31
EDT | AS12876 Telecom Italia France
12876 | 195.154.70.138 | 10-09-2008 04:29:34
EDT | AS12876 Telecom Italia France
15525 | 83.240.225.95 | 10-09-2008 05:17:49
EDT | PTPRIMENET PT Prime Autonomous System
15557 | 86.64.14.155 | 10-09-2008 03:18:18
EDT | LDCOMNET NEUF CEGETEL (formerly LDCOM NETWORKS)
15557 | 86.64.14.155 | 10-09-2008 04:34:19
EDT | LDCOMNET NEUF CEGETEL (formerly LDCOM NETWORKS)
15557 | 86.64.14.155 | 10-09-2008 05:34:12
EDT | LDCOMNET NEUF CEGETEL (formerly LDCOM NETWORKS)
15557 | 86.64.14.155 | 10-09-2008 05:43:44
EDT | LDCOMNET NEUF CEGETEL (formerly LDCOM NETWORKS)
16814 | 200.68.66.225 | 10-09-2008 03:25:33 EDT | NSS S.A.
16814 | 200.69.219.189 | 10-09-2008 06:34:54 EDT | NSS S.A.
17184 | 69.15.172.21 | 10-09-2008 06:55:33
EDT | ATL-CBEYOND - CBEYOND COMMUNICATIONS, LLC
17429 | 218.246.107.90 | 10-09-2008 08:07:48
EDT | BGCTVNET BEIJING GEHUA CATV NETWORK CO.LTD
17927 | 81.52.241.45 | 10-09-2008 01:31:35
EDT | WEBSATMEDIA-AS WEBSATMEDIA PTE LTD, Satellite Over IP, Singapore
17927 | 81.52.241.45 | 10-09-2008 01:31:37
EDT | WEBSATMEDIA-AS WEBSATMEDIA PTE LTD, Satellite Over IP, Singapore
17927 | 81.52.241.45 | 10-09-2008 01:31:39
EDT | WEBSATMEDIA-AS WEBSATMEDIA PTE LTD, Satellite Over IP, Singapore
17927 | 81.52.241.45 | 10-09-2008 01:31:42
EDT | WEBSATMEDIA-AS WEBSATMEDIA PTE LTD, Satellite Over IP, Singapore
17927 | 81.52.241.45 | 10-09-2008 01:31:44
EDT | WEBSATMEDIA-AS WEBSATMEDIA PTE LTD, Satellite Over IP, Singapore
17927 | 81.52.241.45 | 10-09-2008 01:31:46
EDT | WEBSATMEDIA-AS WEBSATMEDIA PTE LTD, Satellite Over IP, Singapore
17971 | 202.71.106.120 | 10-09-2008 04:54:24
EDT | EASTGATE-AP Datacenter Management
17971 | 202.71.106.120 | 10-09-2008 07:14:23
EDT | EASTGATE-AP Datacenter Management
17971 | 202.71.106.120 | 10-09-2008 07:27:35
EDT | EASTGATE-AP Datacenter Management
17971 | 202.71.106.120 | 10-09-2008 08:31:19
EDT | EASTGATE-AP Datacenter Management
17971 | 202.71.106.120 | 10-09-2008 08:38:31
EDT | EASTGATE-AP Datacenter Management
17971 | 202.71.106.120 | 10-09-2008 09:00:54
EDT | EASTGATE-AP Datacenter Management
19090 | 189.54.102.228 | 10-09-2008 06:48:34 EDT | Canbras Net Ltda.
19262 | 70.107.248.126 | 10-09-2008 05:52:52
EDT | VZGNI-TRANSIT - Verizon Internet Services Inc.
19262 | 70.107.248.126 | 10-09-2008 08:17:02
EDT | VZGNI-TRANSIT - Verizon Internet Services Inc.
19262 | 72.66.191.175 | 10-09-2008 08:12:55
EDT | VZGNI-TRANSIT - Verizon Internet Services Inc.
19429 | 201.245.162.56 | 10-09-2008 04:36:05 EDT | ETB - Colombia
19429 | 201.245.162.56 | 10-09-2008 05:59:13 EDT | ETB - Colombia
19429 | 201.245.162.56 | 10-09-2008 06:06:11 EDT | ETB - Colombia
19429 | 201.245.162.56 | 10-09-2008 06:09:51 EDT | ETB - Colombia
19429 | 201.245.162.56 | 10-09-2008 07:15:31 EDT | ETB - Colombia
19429 | 201.245.162.56 | 10-09-2008 08:58:10 EDT | ETB - Colombia
21479 | 83.221.196.202 | 10-09-2008 03:24:49
EDT | ROSTOV-TELEGRAF-AS Autonomous system of
21479 | 83.221.196.202 | 10-09-2008 04:16:57
EDT | ROSTOV-TELEGRAF-AS Autonomous system of
22773 | 70.166.90.75 | 10-09-2008 03:16:27
EDT | CCINET-2 - Cox Communications Inc.
23841 | 218.246.107.90 | 10-09-2008 08:07:48
EDT | TJBTN-AS23841 TIANJIN BROADCAST &TV NETWORK CO.LTD
24560 | 125.22.240.180 | 10-09-2008 08:53:23
EDT | AIRTELBROADBAND-AS-AP Bharti Airtel Ltd., Telemedia Services
24679 | 83.246.95.144 | 10-09-2008 03:47:08
EDT | SSERV-AS Hostway Deutschland GmbH (Server-Service)
25405 | 82.208.90.2 | 10-09-2008 08:48:02
EDT | NMTS-AS OJSC VolgaTelecom, Nizhny Novgorod
27699 | 200.204.153.149 | 10-09-2008 08:58:15
EDT | TELECOMUNICACOES DE SAO PAULO S/A - TELESP
28649 | 201.77.114.8 | 10-09-2008 08:06:09
EDT | Desktop Online Informática Ltda
29113 | 77.48.11.253 | 10-09-2008 05:35:31
EDT | SLOANE-AS Sloane Park Property Trust, a.s. Autonomous System
29113 | 77.48.11.253 | 10-09-2008 05:45:31
EDT | SLOANE-AS Sloane Park Property Trust, a.s. Autonomous System
29113 | 77.48.11.253 | 10-09-2008 08:32:28
EDT | SLOANE-AS Sloane Park Property Trust, a.s. Autonomous System
29571 | 213.136.105.130 | 10-09-2008 05:02:01 EDT | CITelecom-AS
29571 | 213.136.105.130 | 10-09-2008 05:39:40 EDT | CITelecom-AS
29571 | 213.136.105.130 | 10-09-2008 08:56:58 EDT | CITelecom-AS
30764 | 82.209.52.162 | 10-09-2008 06:16:25 EDT | PODA-AS PODA s.r.o.
30764 | 82.209.52.162 | 10-09-2008 06:54:24 EDT | PODA-AS PODA s.r.o.
30764 | 82.209.52.162 | 10-09-2008 08:51:07 EDT | PODA-AS PODA s.r.o.
30764 | 82.209.52.162 | 10-09-2008 09:13:02 EDT | PODA-AS PODA s.r.o.
31042 | 89.216.242.73 | 10-09-2008 04:08:42
EDT | SERBIA-BROADBAND-AS Serbia Broadband Autonomous system
31042 | 89.216.242.73 | 10-09-2008 08:43:43
EDT | SERBIA-BROADBAND-AS Serbia Broadband Autonomous system
33491 | 68.60.238.129 | 10-09-2008 03:44:12
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 68.60.238.129 | 10-09-2008 04:52:22
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 68.60.238.129 | 10-09-2008 05:17:48
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 68.60.238.129 | 10-09-2008 05:51:54
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 68.60.238.129 | 10-09-2008 06:47:02
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 68.60.238.129 | 10-09-2008 06:55:29
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 68.60.238.129 | 10-09-2008 07:22:35
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 68.60.238.129 | 10-09-2008 07:27:29
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 68.60.238.129 | 10-09-2008 07:28:49
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33491 | 68.60.238.129 | 10-09-2008 08:31:36
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33652 | 74.93.235.237 | 10-09-2008 04:15:09
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33652 | 74.93.235.237 | 10-09-2008 04:41:47
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33652 | 74.93.235.237 | 10-09-2008 05:34:37
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33652 | 74.93.235.237 | 10-09-2008 05:41:51
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33652 | 74.93.235.237 | 10-09-2008 05:54:36
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33652 | 74.93.235.237 | 10-09-2008 08:29:03
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33662 | 76.30.203.187 | 10-09-2008 04:10:49
EDT | DNEO-OSP7 - Comcast Cable Communications, Inc.
33681 | 204.13.232.82 | 10-09-2008 03:30:12
EDT | NNFIBER - NN-FIBERNET LLC
Sep 11 08:05:01 vinyl4 sshd[54867]: Failed
keyboard-interactive/pam for invalid user test1
from 62.72.101.154 port 47599 ssh2
Sep 11 08:06:09 vinyl4 sshd[54890]: Failed
keyboard-interactive/pam for invalid user test1
from 201.77.114.8 port 53557 ssh2
Sep 11 08:06:12 vinyl4 sshd[54893]: Failed
keyboard-interactive/pam for invalid user test1
from 75.49.251.71 port 45116 ssh2
Sep 11 08:07:52 vinyl4 sshd[54912]: Failed
keyboard-interactive/pam for invalid user test1
from 218.246.107.90 port 43581 ssh2
Sep 11 08:08:29 vinyl4 sshd[54916]: Failed
keyboard-interactive/pam for invalid user test1
from 193.252.220.64 port 45142 ssh2
Sep 11 08:09:19 vinyl4 sshd[54922]: Failed
keyboard-interactive/pam for invalid user test1
from 193.252.220.64 port 47935 ssh2
Sep 11 08:10:30 vinyl4 sshd[54937]: Failed
keyboard-interactive/pam for invalid user test1
from 211.94.209.19 port 58170 ssh2
Sep 11 08:10:53 vinyl4 sshd[54942]: Failed
keyboard-interactive/pam for invalid user test1
from 207.250.220.196 port 44456 ssh2
Sep 11 08:11:22 vinyl4 sshd[54960]: Failed
keyboard-interactive/pam for invalid user test1
from 82.238.71.8 port 52093 ssh2
Sep 11 08:11:45 vinyl4 sshd[54973]: Failed
keyboard-interactive/pam for invalid user test1
from 200.79.25.39 port 1630 ssh2
Sep 11 08:12:33 vinyl4 sshd[54978]: Failed
keyboard-interactive/pam for invalid user test1
from 168.103.188.222 port 58429 ssh2
Sep 11 08:12:55 vinyl4 sshd[54981]: Failed
keyboard-interactive/pam for invalid user test1
from 72.66.191.175 port 43861 ssh2
Sep 11 08:13:17 vinyl4 sshd[54985]: Failed
keyboard-interactive/pam for invalid user test1
from 207.250.220.196 port 54143 ssh2
Sep 11 08:14:15 vinyl4 sshd[54988]: Failed
keyboard-interactive/pam for invalid user test1
from 82.238.71.8 port 57805 ssh2
Sep 11 08:17:02 vinyl4 sshd[55041]: Failed
keyboard-interactive/pam for invalid user test1
from 70.107.248.126 port 50006 ssh2
Sep 11 08:19:29 vinyl4 sshd[55064]: Failed
keyboard-interactive/pam for invalid user test1
from 218.80.215.197 port 36457 ssh2
Sep 11 08:27:51 vinyl4 sshd[55158]: Failed
keyboard-interactive/pam for invalid user test2
from 80.37.93.94 port 15240 ssh2
Sep 11 08:28:14 vinyl4 sshd[55164]: Failed
keyboard-interactive/pam for invalid user test2
from 212.41.242.226 port 57824 ssh2
Sep 11 08:29:03 vinyl4 sshd[55170]: Failed
keyboard-interactive/pam for invalid user test2
from 74.93.235.237 port 36764 ssh2
Sep 11 08:29:57 vinyl4 sshd[55180]: Failed
keyboard-interactive/pam for invalid user test2
from 151.13.64.98 port 43154 ssh2
Sep 11 08:31:20 vinyl4 sshd[55193]: Failed
keyboard-interactive/pam for invalid user test2
from 202.71.106.120 port 20001 ssh2
Sep 11 08:31:36 vinyl4 sshd[55197]: Failed
keyboard-interactive/pam for invalid user test2
from 68.60.238.129 port 4255 ssh2
Sep 11 08:32:28 vinyl4 sshd[55211]: Failed
keyboard-interactive/pam for invalid user test2
from 77.48.11.253 port 35322 ssh2
Sep 11 08:35:55 vinyl4 sshd[55262]: Failed
keyboard-interactive/pam for invalid user test2
from 217.7.200.182 port 62123 ssh2
Sep 11 08:38:04 vinyl4 sshd[55286]: Failed
keyboard-interactive/pam for invalid user test2
from 200.209.6.130 port 14403 ssh2
Sep 11 08:38:06 vinyl4 sshd[55284]: Failed
keyboard-interactive/pam for invalid user test2
from 201.230.33.38 port 16335 ssh2
Sep 11 08:38:32 vinyl4 sshd[55292]: Failed
keyboard-interactive/pam for invalid user test2
from 202.71.106.120 port 22414 ssh2
Sep 11 08:39:03 vinyl4 sshd[55301]: Failed
keyboard-interactive/pam for invalid user test2
from 200.102.77.29 port 58664 ssh2
Sep 11 08:39:47 vinyl4 sshd[55348]: Failed
keyboard-interactive/pam for invalid user test2
from 82.207.104.34 port 3055 ssh2
Sep 11 08:41:04 vinyl4 sshd[55375]: Failed
keyboard-interactive/pam for invalid user test2
from 200.11.197.122 port 45821 ssh2
Sep 11 08:42:00 vinyl4 sshd[55396]: Failed
keyboard-interactive/pam for invalid user test2
from 200.248.82.130 port 40777 ssh2
Sep 11 08:42:50 vinyl4 sshd[55419]: Failed
keyboard-interactive/pam for invalid user test2
from 190.34.164.139 port 7467 ssh2
Sep 11 08:43:44 vinyl4 sshd[55431]: Failed
keyboard-interactive/pam for invalid user test2
from 89.216.242.73 port 23198 ssh2
Sep 11 08:45:30 vinyl4 sshd[55467]: Failed
keyboard-interactive/pam for invalid user test2
from 82.207.104.34 port 25675 ssh2
Sep 11 08:45:54 vinyl4 sshd[55489]: Failed
keyboard-interactive/pam for invalid user test2 from 81.7.76.88 port 60717 ssh2
Sep 11 08:48:02 vinyl4 sshd[55511]: Failed
keyboard-interactive/pam for invalid user test2
from 82.208.90.2 port 60737 ssh2
Sep 11 08:51:07 vinyl4 sshd[55534]: Failed
keyboard-interactive/pam for invalid user test2
from 82.209.52.162 port 15890 ssh2
_______________________________________________
nsp-security mailing list
nsp-security at puck.nether.net
https://puck.nether.net/mailman/listinfo/nsp-security
Please do not Forward, CC, or BCC this E-mail outside of the nsp-security
community. Confidentiality is essential for effective Internet security counter-measures.
_______________________________________________
More information about the nsp-security
mailing list