BFW Firewall & Router

A powerful network security tool, easy, safe and totally free.

Pular para o conteúdo

Trantan de Hackear ..??

Foro en español para discutir sobre cuestiones generales de BrazilFW 3.x.
Regras do fórum
Responder

Trantan de Hackear ..??

Mensagempor coralero » Ter Jun 27, 2017 9:16 am

Si Alguien me puede explicar, hoy me encotre con esta sorpresa. en el Registro de Eventos(Aplicaciones)
Código: Selecionar todos
Jun 27 08:44:25 brazilfw auth.info sshd[26796]: Failed password for invalid user user from 123.31.38.67 port 56952 ssh2
Jun 27 08:44:27 brazilfw auth.crit sshd[26796]: fatal: Read from socket failed: Connection reset by peer [preauth]
Jun 27 08:44:30 brazilfw auth.info sshd[26863]: reverse mapping checking getaddrinfo for localhost [123.31.38.67] failed - POSSIBLE BREAK-IN ATTEMPT!
Jun 27 08:44:30 brazilfw auth.info sshd[26863]: Invalid user ubnt from 123.31.38.67
Jun 27 08:44:30 brazilfw auth.info sshd[26863]: input_userauth_request: invalid user ubnt [preauth]
Jun 27 08:44:30 brazilfw auth.err sshd[26863]: error: Could not get shadow information for NOUSER
Jun 27 08:44:30 brazilfw auth.info sshd[26863]: Failed password for invalid user ubnt from 123.31.38.67 port 61036 ssh2
Jun 27 08:44:31 brazilfw auth.crit sshd[26863]: fatal: Read from socket failed: Connection reset by peer [preauth]
Jun 27 08:44:33 brazilfw auth.info sshd[26790]: Invalid user ftpuser from 91.211.1.100
Jun 27 08:44:33 brazilfw auth.info sshd[26790]: input_userauth_request: invalid user ftpuser [preauth]
Jun 27 08:44:33 brazilfw auth.err sshd[26790]: error: Could not get shadow information for NOUSER
Jun 27 08:44:33 brazilfw auth.info sshd[26790]: Failed password for invalid user ftpuser from 91.211.1.100 port 58116 ssh2
Jun 27 08:44:33 brazilfw auth.info sshd[26790]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:44:34 brazilfw auth.info sshd[26891]: reverse mapping checking getaddrinfo for localhost [123.31.38.67] failed - POSSIBLE BREAK-IN ATTEMPT!
Jun 27 08:44:34 brazilfw auth.info sshd[26891]: Invalid user admin from 123.31.38.67
Jun 27 08:44:34 brazilfw auth.info sshd[26891]: input_userauth_request: invalid user admin [preauth]
Jun 27 08:44:34 brazilfw auth.err sshd[26891]: error: Could not get shadow information for NOUSER
Jun 27 08:44:34 brazilfw auth.info sshd[26891]: Failed password for invalid user admin from 123.31.38.67 port 65119 ssh2
Jun 27 08:44:35 brazilfw auth.crit sshd[26891]: fatal: Read from socket failed: Connection reset by peer [preauth]
Jun 27 08:44:39 brazilfw auth.info sshd[26946]: reverse mapping checking getaddrinfo for localhost [123.31.38.67] failed - POSSIBLE BREAK-IN ATTEMPT!
Jun 27 08:44:39 brazilfw auth.info sshd[26946]: Invalid user admin from 123.31.38.67
Jun 27 08:44:39 brazilfw auth.info sshd[26946]: input_userauth_request: invalid user admin [preauth]
Jun 27 08:44:39 brazilfw auth.err sshd[26946]: error: Could not get shadow information for NOUSER
Jun 27 08:44:39 brazilfw auth.info sshd[26946]: Failed password for invalid user admin from 123.31.38.67 port 4752 ssh2
Jun 27 08:44:40 brazilfw auth.crit sshd[26946]: fatal: Read from socket failed: Connection reset by peer [preauth]
Jun 27 08:44:43 brazilfw auth.info sshd[27054]: reverse mapping checking getaddrinfo for localhost [123.31.38.67] failed - POSSIBLE BREAK-IN ATTEMPT!
Jun 27 08:44:43 brazilfw auth.info sshd[27054]: Invalid user test from 123.31.38.67
Jun 27 08:44:43 brazilfw auth.info sshd[27054]: input_userauth_request: invalid user test [preauth]
Jun 27 08:44:43 brazilfw auth.err sshd[27054]: error: Could not get shadow information for NOUSER
Jun 27 08:44:43 brazilfw auth.info sshd[27054]: Failed password for invalid user test from 123.31.38.67 port 8665 ssh2
Jun 27 08:44:44 brazilfw auth.crit sshd[27054]: fatal: Read from socket failed: Connection reset by peer [preauth]
Jun 27 08:44:45 brazilfw auth.info sshd[26897]: Invalid user git from 91.211.1.100
Jun 27 08:44:45 brazilfw auth.info sshd[26897]: input_userauth_request: invalid user git [preauth]
Jun 27 08:44:45 brazilfw auth.err sshd[26897]: error: Could not get shadow information for NOUSER
Jun 27 08:44:45 brazilfw auth.info sshd[26897]: Failed password for invalid user git from 91.211.1.100 port 41624 ssh2
Jun 27 08:44:46 brazilfw auth.info sshd[26897]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:44:48 brazilfw auth.info sshd[27108]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:45:00 brazilfw cron.info crond[4958]: USER root pid 27230 cmd /usr/bin/mysar --config /etc/brazilfw/mysar/mysar.conf --groupdomains --quiet
Jun 27 08:45:00 brazilfw cron.info crond[4958]: USER root pid 27231 cmd /etc/init.d/009-haarp monitor >/dev/null 2>&1
Jun 27 08:45:00 brazilfw auth.info sshd[27124]: Invalid user gpadmin from 91.211.1.100
Jun 27 08:45:00 brazilfw auth.info sshd[27124]: input_userauth_request: invalid user gpadmin [preauth]
Jun 27 08:45:00 brazilfw auth.err sshd[27124]: error: Could not get shadow information for NOUSER
Jun 27 08:45:00 brazilfw auth.info sshd[27124]: Failed password for invalid user gpadmin from 91.211.1.100 port 51450 ssh2
Jun 27 08:45:00 brazilfw auth.info sshd[27124]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:45:13 brazilfw auth.info sshd[27266]: Invalid user guest from 91.211.1.100
Jun 27 08:45:13 brazilfw auth.info sshd[27266]: input_userauth_request: invalid user guest [preauth]
Jun 27 08:45:13 brazilfw auth.err sshd[27266]: error: Could not get shadow information for NOUSER
Jun 27 08:45:13 brazilfw auth.info sshd[27266]: Failed password for invalid user guest from 91.211.1.100 port 60493 ssh2
Jun 27 08:45:13 brazilfw auth.info sshd[27266]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:45:25 brazilfw auth.info sshd[27448]: Invalid user monitor from 91.211.1.100
Jun 27 08:45:25 brazilfw auth.info sshd[27448]: input_userauth_request: invalid user monitor [preauth]
Jun 27 08:45:25 brazilfw auth.info sshd[27448]: Failed none for invalid user monitor from 91.211.1.100 port 41661 ssh2
Jun 27 08:45:26 brazilfw auth.err sshd[27448]: error: Could not get shadow information for NOUSER
Jun 27 08:45:26 brazilfw auth.info sshd[27448]: Failed password for invalid user monitor from 91.211.1.100 port 41661 ssh2
Jun 27 08:45:26 brazilfw auth.info sshd[27448]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:45:38 brazilfw auth.info sshd[27611]: Invalid user mysql from 91.211.1.100
Jun 27 08:45:38 brazilfw auth.info sshd[27611]: input_userauth_request: invalid user mysql [preauth]
Jun 27 08:45:38 brazilfw auth.err sshd[27611]: error: Could not get shadow information for NOUSER
Jun 27 08:45:38 brazilfw auth.info sshd[27611]: Failed password for invalid user mysql from 91.211.1.100 port 34988 ssh2
Jun 27 08:45:39 brazilfw auth.info sshd[27611]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:45:51 brazilfw auth.info sshd[27707]: Invalid user mysql from 91.211.1.100
Jun 27 08:45:51 brazilfw auth.info sshd[27707]: input_userauth_request: invalid user mysql [preauth]
Jun 27 08:45:51 brazilfw auth.err sshd[27707]: error: Could not get shadow information for NOUSER
Jun 27 08:45:51 brazilfw auth.info sshd[27707]: Failed password for invalid user mysql from 91.211.1.100 port 41608 ssh2
Jun 27 08:45:51 brazilfw auth.info sshd[27707]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:46:03 brazilfw auth.info sshd[27949]: Failed password for operator from 91.211.1.100 port 46682 ssh2
Jun 27 08:46:04 brazilfw auth.info sshd[27949]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:46:16 brazilfw auth.info sshd[28078]: Invalid user osmc from 91.211.1.100
Jun 27 08:46:16 brazilfw auth.info sshd[28078]: input_userauth_request: invalid user osmc [preauth]
Jun 27 08:46:16 brazilfw auth.err sshd[28078]: error: Could not get shadow information for NOUSER
Jun 27 08:46:16 brazilfw auth.info sshd[28078]: Failed password for invalid user osmc from 91.211.1.100 port 58254 ssh2
Jun 27 08:46:16 brazilfw auth.info sshd[28078]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:46:28 brazilfw auth.info sshd[28266]: Invalid user pi from 91.211.1.100
Jun 27 08:46:28 brazilfw auth.info sshd[28266]: input_userauth_request: invalid user pi [preauth]
Jun 27 08:46:28 brazilfw auth.err sshd[28266]: error: Could not get shadow information for NOUSER
Jun 27 08:46:28 brazilfw auth.info sshd[28266]: Failed password for invalid user pi from 91.211.1.100 port 42140 ssh2
Jun 27 08:46:29 brazilfw auth.info sshd[28266]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:46:41 brazilfw auth.info sshd[28384]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:46:53 brazilfw auth.info sshd[28475]: Failed password for root from 91.211.1.100 port 59905 ssh2
Jun 27 08:46:54 brazilfw auth.info sshd[28475]: Failed password for root from 91.211.1.100 port 59905 ssh2
Jun 27 08:46:54 brazilfw auth.info sshd[28475]: Failed password for root from 91.211.1.100 port 59905 ssh2
Jun 27 08:46:54 brazilfw auth.info sshd[28475]: Failed password for root from 91.211.1.100 port 59905 ssh2
Jun 27 08:46:55 brazilfw auth.info sshd[28475]: Failed password for root from 91.211.1.100 port 59905 ssh2
Jun 27 08:46:55 brazilfw auth.info sshd[28475]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:47:07 brazilfw auth.info sshd[28687]: Failed password for root from 91.211.1.100 port 44716 ssh2
Jun 27 08:47:07 brazilfw auth.info sshd[28687]: Failed password for root from 91.211.1.100 port 44716 ssh2
Jun 27 08:47:08 brazilfw auth.info sshd[28687]: Failed password for root from 91.211.1.100 port 44716 ssh2
Jun 27 08:47:08 brazilfw auth.info sshd[28687]: Failed password for root from 91.211.1.100 port 44716 ssh2
Jun 27 08:47:08 brazilfw auth.info sshd[28687]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:47:21 brazilfw auth.info sshd[28794]: Invalid user service from 91.211.1.100
Jun 27 08:47:21 brazilfw auth.info sshd[28794]: input_userauth_request: invalid user service [preauth]
Jun 27 08:47:21 brazilfw auth.err sshd[28794]: error: Could not get shadow information for NOUSER
Jun 27 08:47:21 brazilfw auth.info sshd[28794]: Failed password for invalid user service from 91.211.1.100 port 50597 ssh2
Jun 27 08:47:21 brazilfw auth.info sshd[28794]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:47:23 brazilfw auth.info sshd[28975]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:47:35 brazilfw auth.info sshd[28981]: Invalid user support from 91.211.1.100
Jun 27 08:47:35 brazilfw auth.info sshd[28981]: input_userauth_request: invalid user support [preauth]
Jun 27 08:47:35 brazilfw auth.err sshd[28981]: error: Could not get shadow information for NOUSER
Jun 27 08:47:35 brazilfw auth.info sshd[28981]: Failed password for invalid user support from 91.211.1.100 port 48044 ssh2
Jun 27 08:47:36 brazilfw auth.info sshd[28981]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:47:48 brazilfw auth.info sshd[29131]: Invalid user sysadmin from 91.211.1.100
Jun 27 08:47:48 brazilfw auth.info sshd[29131]: input_userauth_request: invalid user sysadmin [preauth]
Jun 27 08:47:48 brazilfw auth.err sshd[29131]: error: Could not get shadow information for NOUSER
Jun 27 08:47:48 brazilfw auth.info sshd[29131]: Failed password for invalid user sysadmin from 91.211.1.100 port 34606 ssh2
Jun 27 08:47:48 brazilfw auth.info sshd[29131]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:48:01 brazilfw auth.info sshd[29284]: Invalid user telecomadmin from 91.211.1.100
Jun 27 08:48:01 brazilfw auth.info sshd[29284]: input_userauth_request: invalid user telecomadmin [preauth]
Jun 27 08:48:01 brazilfw auth.err sshd[29284]: error: Could not get shadow information for NOUSER
Jun 27 08:48:01 brazilfw auth.info sshd[29284]: Failed password for invalid user telecomadmin from 91.211.1.100 port 45593 ssh2
Jun 27 08:48:01 brazilfw auth.info sshd[29284]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:48:13 brazilfw auth.info sshd[29386]: Invalid user telnet from 91.211.1.100
Jun 27 08:48:13 brazilfw auth.info sshd[29386]: input_userauth_request: invalid user telnet [preauth]
Jun 27 08:48:13 brazilfw auth.err sshd[29386]: error: Could not get shadow information for NOUSER
Jun 27 08:48:13 brazilfw auth.info sshd[29386]: Failed password for invalid user telnet from 91.211.1.100 port 57953 ssh2
Jun 27 08:48:14 brazilfw auth.info sshd[29386]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:48:26 brazilfw auth.info sshd[29521]: Invalid user test from 91.211.1.100
Jun 27 08:48:26 brazilfw auth.info sshd[29521]: input_userauth_request: invalid user test [preauth]
Jun 27 08:48:26 brazilfw auth.err sshd[29521]: error: Could not get shadow information for NOUSER
Jun 27 08:48:26 brazilfw auth.info sshd[29521]: Failed password for invalid user test from 91.211.1.100 port 48600 ssh2
Jun 27 08:48:26 brazilfw auth.info sshd[29521]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:48:28 brazilfw auth.info sshd[29719]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:48:41 brazilfw auth.info sshd[29747]: Invalid user ubnt from 91.211.1.100
Jun 27 08:48:41 brazilfw auth.info sshd[29747]: input_userauth_request: invalid user ubnt [preauth]
Jun 27 08:48:41 brazilfw auth.err sshd[29747]: error: Could not get shadow information for NOUSER
Jun 27 08:48:41 brazilfw auth.info sshd[29747]: Failed password for invalid user ubnt from 91.211.1.100 port 42875 ssh2
Jun 27 08:48:41 brazilfw auth.info sshd[29747]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:48:53 brazilfw auth.info sshd[29838]: Invalid user user from 91.211.1.100
Jun 27 08:48:53 brazilfw auth.info sshd[29838]: input_userauth_request: invalid user user [preauth]
Jun 27 08:48:53 brazilfw auth.err sshd[29838]: error: Could not get shadow information for NOUSER
Jun 27 08:48:53 brazilfw auth.info sshd[29838]: Failed password for invalid user user from 91.211.1.100 port 55785 ssh2
Jun 27 08:48:54 brazilfw auth.info sshd[29838]: Failed password for invalid user user from 91.211.1.100 port 55785 ssh2
Jun 27 08:48:54 brazilfw auth.info sshd[29838]: Failed password for invalid user user from 91.211.1.100 port 55785 ssh2
Jun 27 08:48:54 brazilfw auth.info sshd[29838]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:49:07 brazilfw auth.info sshd[30014]: Invalid user user1 from 91.211.1.100
Jun 27 08:49:07 brazilfw auth.info sshd[30014]: input_userauth_request: invalid user user1 [preauth]
Jun 27 08:49:07 brazilfw auth.err sshd[30014]: error: Could not get shadow information for NOUSER
Jun 27 08:49:07 brazilfw auth.info sshd[30014]: Failed password for invalid user user1 from 91.211.1.100 port 53069 ssh2
Jun 27 08:49:07 brazilfw auth.info sshd[30014]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:49:09 brazilfw auth.info sshd[30178]: Connection closed by 91.211.1.100 [preauth]


:shock: :shock:
Avatar do usuário
coralero
BFW Novice
BFW 3.x Update
 
Mensagens: 87
Registrado em: Qui Out 20, 2005 8:04 am
BrazilFW Box: Maquina Física
AMD Phenom Q4 8GbRam HD 1Tb.
BFW 3,0262 64Bits
Squid 3.4.14 e HaarpCache 20b
Voltar ao topo

Re: Trantan de Hackear ..??

Mensagempor Eduardo » Ter Jun 27, 2017 10:12 am

Caro autor, edite seu post inicial colocando o texto na tag code.
Depois descreva sua problema com detalhes.
Caso não faça isso seu post pode ser apagado.
Recomendamos também, antes de iniciar suas postagens, a leitura do Ajude-nos a ajuda-lo (Como Postar dúvidas/testes).
Links úteis:
Regras do Fórum
Ajude-nos a ajuda-lo (Como Postar dúvidas/testes)
Tutorial "Aprendendo a Postar"
Como encerrar corretamente seu tópico
-----------------------------------------------------------------------------------------------------------------
* Voce ganha dinheiro com o Projeto BrazilFW? Então contribua com o Projeto BFW, faça uma doação clicando aqui
Avatar do usuário
Eduardo
BFW Moderator
BFW Beneméritos
BFW Manager
 
Mensagens: 3688
Registrado em: Dom Jul 12, 2009 1:27 pm
Localização: São Paulo (Zona Sul) - SP - Brasil
BrazilFW Box: Não usando o BFW no momento.
Voltar ao topo

Re: Trantan de Hackear ..??

Mensagempor Lenobare » Ter Jun 27, 2017 5:59 pm

Por favor, si quiere ayuda siga las reglas del Foro. Deshabilite sus puertos SSH que disminuir los ataques y si esto continúa, pruebe esta configuración:

https://www.brazilfw.com.br/forum/viewtopic.php?f=77&t=93544

Usted tiene 81 mensajes y aún no puede usar las reglas básicas del Foro.
Estude, estude e... continue estudando.
Avatar do usuário
Lenobare
BFW Full Associate
BFW Beneméritos
BFW Manager
BFW Moderator
BFW HaarpCache
BFW Squid 3.5.x
 
Mensagens: 1682
Registrado em: Qua Ago 28, 2013 8:45 pm
Localização: Brasília
BrazilFW Box: Maquina: Fisica
CPU:Xeon HP ML30
Memória 8GB - 2Links
BFW 3.0.262 64 Bits
HD 300GB 15k,
Serviços Ativos: Control Mac, VPN, Squid (Cache),
Addons: Haro, Whatchdog. Squid 3.5.27, Lognet e Samba.
Voltar ao topo
Responder

Voltar para BrazilFW 3.x

Quem está online

Usuários navegando neste fórum: Nenhum usuário registrado e 14 visitantes

Desenvolvido por phpBB® Forum Software © phpBB Group
Prosilver_SE Style modificado por Reginaldo Melo em Agosto de 2018
Traduzido por: Suporte phpBB
cron