BFW Firewall & Router

A powerful network security tool, easy, safe and totally free.
https://www.brazilfw.com.br/forum/

Trantan de Hackear ..??

https://www.brazilfw.com.br/forum/viewtopic.php?f=78&t=93721

Página 1 de 1

Trantan de Hackear ..??

MensagemEnviado: Ter Jun 27, 2017 9:16 am
por coralero
Si Alguien me puede explicar, hoy me encotre con esta sorpresa. en el Registro de Eventos(Aplicaciones)
Código: Selecionar todos
Jun 27 08:44:25 brazilfw auth.info sshd[26796]: Failed password for invalid user user from 123.31.38.67 port 56952 ssh2
Jun 27 08:44:27 brazilfw auth.crit sshd[26796]: fatal: Read from socket failed: Connection reset by peer [preauth]
Jun 27 08:44:30 brazilfw auth.info sshd[26863]: reverse mapping checking getaddrinfo for localhost [123.31.38.67] failed - POSSIBLE BREAK-IN ATTEMPT!
Jun 27 08:44:30 brazilfw auth.info sshd[26863]: Invalid user ubnt from 123.31.38.67
Jun 27 08:44:30 brazilfw auth.info sshd[26863]: input_userauth_request: invalid user ubnt [preauth]
Jun 27 08:44:30 brazilfw auth.err sshd[26863]: error: Could not get shadow information for NOUSER
Jun 27 08:44:30 brazilfw auth.info sshd[26863]: Failed password for invalid user ubnt from 123.31.38.67 port 61036 ssh2
Jun 27 08:44:31 brazilfw auth.crit sshd[26863]: fatal: Read from socket failed: Connection reset by peer [preauth]
Jun 27 08:44:33 brazilfw auth.info sshd[26790]: Invalid user ftpuser from 91.211.1.100
Jun 27 08:44:33 brazilfw auth.info sshd[26790]: input_userauth_request: invalid user ftpuser [preauth]
Jun 27 08:44:33 brazilfw auth.err sshd[26790]: error: Could not get shadow information for NOUSER
Jun 27 08:44:33 brazilfw auth.info sshd[26790]: Failed password for invalid user ftpuser from 91.211.1.100 port 58116 ssh2
Jun 27 08:44:33 brazilfw auth.info sshd[26790]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:44:34 brazilfw auth.info sshd[26891]: reverse mapping checking getaddrinfo for localhost [123.31.38.67] failed - POSSIBLE BREAK-IN ATTEMPT!
Jun 27 08:44:34 brazilfw auth.info sshd[26891]: Invalid user admin from 123.31.38.67
Jun 27 08:44:34 brazilfw auth.info sshd[26891]: input_userauth_request: invalid user admin [preauth]
Jun 27 08:44:34 brazilfw auth.err sshd[26891]: error: Could not get shadow information for NOUSER
Jun 27 08:44:34 brazilfw auth.info sshd[26891]: Failed password for invalid user admin from 123.31.38.67 port 65119 ssh2
Jun 27 08:44:35 brazilfw auth.crit sshd[26891]: fatal: Read from socket failed: Connection reset by peer [preauth]
Jun 27 08:44:39 brazilfw auth.info sshd[26946]: reverse mapping checking getaddrinfo for localhost [123.31.38.67] failed - POSSIBLE BREAK-IN ATTEMPT!
Jun 27 08:44:39 brazilfw auth.info sshd[26946]: Invalid user admin from 123.31.38.67
Jun 27 08:44:39 brazilfw auth.info sshd[26946]: input_userauth_request: invalid user admin [preauth]
Jun 27 08:44:39 brazilfw auth.err sshd[26946]: error: Could not get shadow information for NOUSER
Jun 27 08:44:39 brazilfw auth.info sshd[26946]: Failed password for invalid user admin from 123.31.38.67 port 4752 ssh2
Jun 27 08:44:40 brazilfw auth.crit sshd[26946]: fatal: Read from socket failed: Connection reset by peer [preauth]
Jun 27 08:44:43 brazilfw auth.info sshd[27054]: reverse mapping checking getaddrinfo for localhost [123.31.38.67] failed - POSSIBLE BREAK-IN ATTEMPT!
Jun 27 08:44:43 brazilfw auth.info sshd[27054]: Invalid user test from 123.31.38.67
Jun 27 08:44:43 brazilfw auth.info sshd[27054]: input_userauth_request: invalid user test [preauth]
Jun 27 08:44:43 brazilfw auth.err sshd[27054]: error: Could not get shadow information for NOUSER
Jun 27 08:44:43 brazilfw auth.info sshd[27054]: Failed password for invalid user test from 123.31.38.67 port 8665 ssh2
Jun 27 08:44:44 brazilfw auth.crit sshd[27054]: fatal: Read from socket failed: Connection reset by peer [preauth]
Jun 27 08:44:45 brazilfw auth.info sshd[26897]: Invalid user git from 91.211.1.100
Jun 27 08:44:45 brazilfw auth.info sshd[26897]: input_userauth_request: invalid user git [preauth]
Jun 27 08:44:45 brazilfw auth.err sshd[26897]: error: Could not get shadow information for NOUSER
Jun 27 08:44:45 brazilfw auth.info sshd[26897]: Failed password for invalid user git from 91.211.1.100 port 41624 ssh2
Jun 27 08:44:46 brazilfw auth.info sshd[26897]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:44:48 brazilfw auth.info sshd[27108]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:45:00 brazilfw cron.info crond[4958]: USER root pid 27230 cmd /usr/bin/mysar --config /etc/brazilfw/mysar/mysar.conf --groupdomains --quiet
Jun 27 08:45:00 brazilfw cron.info crond[4958]: USER root pid 27231 cmd /etc/init.d/009-haarp monitor >/dev/null 2>&1
Jun 27 08:45:00 brazilfw auth.info sshd[27124]: Invalid user gpadmin from 91.211.1.100
Jun 27 08:45:00 brazilfw auth.info sshd[27124]: input_userauth_request: invalid user gpadmin [preauth]
Jun 27 08:45:00 brazilfw auth.err sshd[27124]: error: Could not get shadow information for NOUSER
Jun 27 08:45:00 brazilfw auth.info sshd[27124]: Failed password for invalid user gpadmin from 91.211.1.100 port 51450 ssh2
Jun 27 08:45:00 brazilfw auth.info sshd[27124]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:45:13 brazilfw auth.info sshd[27266]: Invalid user guest from 91.211.1.100
Jun 27 08:45:13 brazilfw auth.info sshd[27266]: input_userauth_request: invalid user guest [preauth]
Jun 27 08:45:13 brazilfw auth.err sshd[27266]: error: Could not get shadow information for NOUSER
Jun 27 08:45:13 brazilfw auth.info sshd[27266]: Failed password for invalid user guest from 91.211.1.100 port 60493 ssh2
Jun 27 08:45:13 brazilfw auth.info sshd[27266]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:45:25 brazilfw auth.info sshd[27448]: Invalid user monitor from 91.211.1.100
Jun 27 08:45:25 brazilfw auth.info sshd[27448]: input_userauth_request: invalid user monitor [preauth]
Jun 27 08:45:25 brazilfw auth.info sshd[27448]: Failed none for invalid user monitor from 91.211.1.100 port 41661 ssh2
Jun 27 08:45:26 brazilfw auth.err sshd[27448]: error: Could not get shadow information for NOUSER
Jun 27 08:45:26 brazilfw auth.info sshd[27448]: Failed password for invalid user monitor from 91.211.1.100 port 41661 ssh2
Jun 27 08:45:26 brazilfw auth.info sshd[27448]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:45:38 brazilfw auth.info sshd[27611]: Invalid user mysql from 91.211.1.100
Jun 27 08:45:38 brazilfw auth.info sshd[27611]: input_userauth_request: invalid user mysql [preauth]
Jun 27 08:45:38 brazilfw auth.err sshd[27611]: error: Could not get shadow information for NOUSER
Jun 27 08:45:38 brazilfw auth.info sshd[27611]: Failed password for invalid user mysql from 91.211.1.100 port 34988 ssh2
Jun 27 08:45:39 brazilfw auth.info sshd[27611]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:45:51 brazilfw auth.info sshd[27707]: Invalid user mysql from 91.211.1.100
Jun 27 08:45:51 brazilfw auth.info sshd[27707]: input_userauth_request: invalid user mysql [preauth]
Jun 27 08:45:51 brazilfw auth.err sshd[27707]: error: Could not get shadow information for NOUSER
Jun 27 08:45:51 brazilfw auth.info sshd[27707]: Failed password for invalid user mysql from 91.211.1.100 port 41608 ssh2
Jun 27 08:45:51 brazilfw auth.info sshd[27707]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:46:03 brazilfw auth.info sshd[27949]: Failed password for operator from 91.211.1.100 port 46682 ssh2
Jun 27 08:46:04 brazilfw auth.info sshd[27949]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:46:16 brazilfw auth.info sshd[28078]: Invalid user osmc from 91.211.1.100
Jun 27 08:46:16 brazilfw auth.info sshd[28078]: input_userauth_request: invalid user osmc [preauth]
Jun 27 08:46:16 brazilfw auth.err sshd[28078]: error: Could not get shadow information for NOUSER
Jun 27 08:46:16 brazilfw auth.info sshd[28078]: Failed password for invalid user osmc from 91.211.1.100 port 58254 ssh2
Jun 27 08:46:16 brazilfw auth.info sshd[28078]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:46:28 brazilfw auth.info sshd[28266]: Invalid user pi from 91.211.1.100
Jun 27 08:46:28 brazilfw auth.info sshd[28266]: input_userauth_request: invalid user pi [preauth]
Jun 27 08:46:28 brazilfw auth.err sshd[28266]: error: Could not get shadow information for NOUSER
Jun 27 08:46:28 brazilfw auth.info sshd[28266]: Failed password for invalid user pi from 91.211.1.100 port 42140 ssh2
Jun 27 08:46:29 brazilfw auth.info sshd[28266]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:46:41 brazilfw auth.info sshd[28384]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:46:53 brazilfw auth.info sshd[28475]: Failed password for root from 91.211.1.100 port 59905 ssh2
Jun 27 08:46:54 brazilfw auth.info sshd[28475]: Failed password for root from 91.211.1.100 port 59905 ssh2
Jun 27 08:46:54 brazilfw auth.info sshd[28475]: Failed password for root from 91.211.1.100 port 59905 ssh2
Jun 27 08:46:54 brazilfw auth.info sshd[28475]: Failed password for root from 91.211.1.100 port 59905 ssh2
Jun 27 08:46:55 brazilfw auth.info sshd[28475]: Failed password for root from 91.211.1.100 port 59905 ssh2
Jun 27 08:46:55 brazilfw auth.info sshd[28475]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:47:07 brazilfw auth.info sshd[28687]: Failed password for root from 91.211.1.100 port 44716 ssh2
Jun 27 08:47:07 brazilfw auth.info sshd[28687]: Failed password for root from 91.211.1.100 port 44716 ssh2
Jun 27 08:47:08 brazilfw auth.info sshd[28687]: Failed password for root from 91.211.1.100 port 44716 ssh2
Jun 27 08:47:08 brazilfw auth.info sshd[28687]: Failed password for root from 91.211.1.100 port 44716 ssh2
Jun 27 08:47:08 brazilfw auth.info sshd[28687]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:47:21 brazilfw auth.info sshd[28794]: Invalid user service from 91.211.1.100
Jun 27 08:47:21 brazilfw auth.info sshd[28794]: input_userauth_request: invalid user service [preauth]
Jun 27 08:47:21 brazilfw auth.err sshd[28794]: error: Could not get shadow information for NOUSER
Jun 27 08:47:21 brazilfw auth.info sshd[28794]: Failed password for invalid user service from 91.211.1.100 port 50597 ssh2
Jun 27 08:47:21 brazilfw auth.info sshd[28794]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:47:23 brazilfw auth.info sshd[28975]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:47:35 brazilfw auth.info sshd[28981]: Invalid user support from 91.211.1.100
Jun 27 08:47:35 brazilfw auth.info sshd[28981]: input_userauth_request: invalid user support [preauth]
Jun 27 08:47:35 brazilfw auth.err sshd[28981]: error: Could not get shadow information for NOUSER
Jun 27 08:47:35 brazilfw auth.info sshd[28981]: Failed password for invalid user support from 91.211.1.100 port 48044 ssh2
Jun 27 08:47:36 brazilfw auth.info sshd[28981]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:47:48 brazilfw auth.info sshd[29131]: Invalid user sysadmin from 91.211.1.100
Jun 27 08:47:48 brazilfw auth.info sshd[29131]: input_userauth_request: invalid user sysadmin [preauth]
Jun 27 08:47:48 brazilfw auth.err sshd[29131]: error: Could not get shadow information for NOUSER
Jun 27 08:47:48 brazilfw auth.info sshd[29131]: Failed password for invalid user sysadmin from 91.211.1.100 port 34606 ssh2
Jun 27 08:47:48 brazilfw auth.info sshd[29131]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:48:01 brazilfw auth.info sshd[29284]: Invalid user telecomadmin from 91.211.1.100
Jun 27 08:48:01 brazilfw auth.info sshd[29284]: input_userauth_request: invalid user telecomadmin [preauth]
Jun 27 08:48:01 brazilfw auth.err sshd[29284]: error: Could not get shadow information for NOUSER
Jun 27 08:48:01 brazilfw auth.info sshd[29284]: Failed password for invalid user telecomadmin from 91.211.1.100 port 45593 ssh2
Jun 27 08:48:01 brazilfw auth.info sshd[29284]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:48:13 brazilfw auth.info sshd[29386]: Invalid user telnet from 91.211.1.100
Jun 27 08:48:13 brazilfw auth.info sshd[29386]: input_userauth_request: invalid user telnet [preauth]
Jun 27 08:48:13 brazilfw auth.err sshd[29386]: error: Could not get shadow information for NOUSER
Jun 27 08:48:13 brazilfw auth.info sshd[29386]: Failed password for invalid user telnet from 91.211.1.100 port 57953 ssh2
Jun 27 08:48:14 brazilfw auth.info sshd[29386]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:48:26 brazilfw auth.info sshd[29521]: Invalid user test from 91.211.1.100
Jun 27 08:48:26 brazilfw auth.info sshd[29521]: input_userauth_request: invalid user test [preauth]
Jun 27 08:48:26 brazilfw auth.err sshd[29521]: error: Could not get shadow information for NOUSER
Jun 27 08:48:26 brazilfw auth.info sshd[29521]: Failed password for invalid user test from 91.211.1.100 port 48600 ssh2
Jun 27 08:48:26 brazilfw auth.info sshd[29521]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:48:28 brazilfw auth.info sshd[29719]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:48:41 brazilfw auth.info sshd[29747]: Invalid user ubnt from 91.211.1.100
Jun 27 08:48:41 brazilfw auth.info sshd[29747]: input_userauth_request: invalid user ubnt [preauth]
Jun 27 08:48:41 brazilfw auth.err sshd[29747]: error: Could not get shadow information for NOUSER
Jun 27 08:48:41 brazilfw auth.info sshd[29747]: Failed password for invalid user ubnt from 91.211.1.100 port 42875 ssh2
Jun 27 08:48:41 brazilfw auth.info sshd[29747]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:48:53 brazilfw auth.info sshd[29838]: Invalid user user from 91.211.1.100
Jun 27 08:48:53 brazilfw auth.info sshd[29838]: input_userauth_request: invalid user user [preauth]
Jun 27 08:48:53 brazilfw auth.err sshd[29838]: error: Could not get shadow information for NOUSER
Jun 27 08:48:53 brazilfw auth.info sshd[29838]: Failed password for invalid user user from 91.211.1.100 port 55785 ssh2
Jun 27 08:48:54 brazilfw auth.info sshd[29838]: Failed password for invalid user user from 91.211.1.100 port 55785 ssh2
Jun 27 08:48:54 brazilfw auth.info sshd[29838]: Failed password for invalid user user from 91.211.1.100 port 55785 ssh2
Jun 27 08:48:54 brazilfw auth.info sshd[29838]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:49:07 brazilfw auth.info sshd[30014]: Invalid user user1 from 91.211.1.100
Jun 27 08:49:07 brazilfw auth.info sshd[30014]: input_userauth_request: invalid user user1 [preauth]
Jun 27 08:49:07 brazilfw auth.err sshd[30014]: error: Could not get shadow information for NOUSER
Jun 27 08:49:07 brazilfw auth.info sshd[30014]: Failed password for invalid user user1 from 91.211.1.100 port 53069 ssh2
Jun 27 08:49:07 brazilfw auth.info sshd[30014]: Connection closed by 91.211.1.100 [preauth]
Jun 27 08:49:09 brazilfw auth.info sshd[30178]: Connection closed by 91.211.1.100 [preauth]


:shock: :shock:

Re: Trantan de Hackear ..??

MensagemEnviado: Ter Jun 27, 2017 10:12 am
por Eduardo
Caro autor, edite seu post inicial colocando o texto na tag code.
Depois descreva sua problema com detalhes.
Caso não faça isso seu post pode ser apagado.
Recomendamos também, antes de iniciar suas postagens, a leitura do Ajude-nos a ajuda-lo (Como Postar dúvidas/testes).

Re: Trantan de Hackear ..??

MensagemEnviado: Ter Jun 27, 2017 5:59 pm
por Lenobare
Por favor, si quiere ayuda siga las reglas del Foro. Deshabilite sus puertos SSH que disminuir los ataques y si esto continúa, pruebe esta configuración:

https://www.brazilfw.com.br/forum/viewtopic.php?f=77&t=93544

Usted tiene 81 mensajes y aún no puede usar las reglas básicas del Foro.
Todos os horários são GMT - 3 horas
Página 1 de 1
Powered by phpBB® Forum Software © phpBB Group
https://www.phpbb.com/