*SHORT* summary of some of the attacks against us for Jan 2006 Just too many scans and not enough time to keep the list up all the time so... some of the more intresting/annoying scans/attacks, or 1 day samples are here year - time EASTERN source_ip[:port] (dns name, if any) attack/scan/notes 2006/01/04-07:58:01 211.147.253.130 () scan ssh try logging on as root, other accts 2006/01/04-09:38:50 61.19.31.42 () scan ssh logging on as root 2006/01/04-10:19:25 195.251.223.177 () scan ssh logging on as root 2006/01/04-11:24:05 61.218.150.149 (61-218-150-149.HINET-IP.hinet.net.) scan ssh logging on as root 2006/01/04-22:08:02 211.230.148.87 () scan ssh logging on as root 2006/01/06-03:33:07 202.97.194.129 () scan net port 111 2006/01/05-19:14:22 83.245.0.140 () scan ssh try logging on as root, others 2006/01/09-20:00:12 200.105.230.34 (corp-200-105-230-34-uio.punto.net.ec.) scan ssh try logging on as root 2006/01/10-00:59:31 61.19.85.8 () scan ssh try logging on as root 2006/01/10-00:47:54 65.96.6.76 (c-65-96-6-76.hsd1.ma.comcast.net.) scan ssh try logging on as root 2006/01/10-01:41:30 134.117.226.31 (pinheiros.carleton.ca.) can ssh try logging on as root 2006/01/10-05:07:30 84.244.11.39 (serv-3-11-39.lycos-vds.com.) can ssh try logging on as random users 2006/01/10-08:26:31 201.6.44.11 (c9062c0b.virtua.com.br.) scan ssh try logging on as root 2006/01/10-08:29:10 69.56.195.18 (mailfilter.eshcom.com.) scan ssh try logging on as random users 2006/01/10-11:43:40 69.56.195.18 (mailfilter.eshcom.com.) scan ssh try logging on as root 2006/01/11-00:01:44 202.8.85.116 (ppp-202.8.85.116.revip.proen.co.th.) scan ssh try logging on as root, random users 2006/01/14-09:35:03 70.88.84.105 () scan ssh try logging on as random accts 2006/01/14-17:59:16 155.230.60.61 (file.knu.ac.kr.) scan ssh try logging on as random accts 2006/01/16-21:45:58 160.79.44.20 (ip-160-79-44-20.autorev.intellispace.net.) scan ssh try logging on as random accts 2006/01/17-00:36:49 71.66.233.241 (cpe-71-66-233-241.columbus.res.rr.com) scan ssh try logging on as root 2006/01/17-04:11:05 212.90.254.131 (gw.kovoida.cz.) scan ssh try logging on as root 2006/01/17-04:29:19 144.135.247.104 () scan ssh try logging on as root 2006/01/17-04:11:13 212.90.254.131 (gw.kovoida.cz.) scan ssh try logging on as root and random users 2006/01/19-07:09:18 202.120.16.42 () scan ssh try logging on as root 2006/01/19-13:59:31 210.51.8.182 () scan ssh try logging on as random users 2006/01/19-12:41:00 87.226.11.39 () scan ssh try logging on as root 2006/01/19-16:22:59 211.93.0.248 () scan ssh try logging on as root 2006/01/21-10:01:50 211.93.0.248 () scan ssh try logging on as root and random users 2006/01/22-07:18:48 193.227.227.181 () scan ssh try logging on as root and random users 2006/01/22-09:26:56 222.117.59.34 () scan ssh try logging on as root 2006/01/23-12:12:03 210.201.160.52 (NK210-201-160-52.adsl.static.apol.com.tw.) scan net port 111 2006/01/24-00:49:26 12.146.226.12 (host-12-146-226-12.nctv.com.) scan ssh try logging on as root 2006/01/26-04:04:38 212.90.254.131 (gw.kovoida.cz.) scan ssh try logging on as root 2006/01/25-03:57:28 125.244.77.234 () scan ssh try logging on as root and random users 2006/01/29-15:33:35 156.17.128.61 () scan ssh try logging on as root and random users