Unauthorized connection attempt detected from IP address 77.42.84.24 to port 23

May  8 09:14:05 server dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.234.218.249, lip=172.104.140.148, session=
May  8 09:15:53 server dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.234.218.249, lip=172.104.140.148, session=
May  8 09:18:33 server dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.234.218.249, lip=172.104.140.148, session=<6T36zR2lKiS56tr5>
May  8 09:20:21 server dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.234.218.249, lip=172.104.140.148, session=
May  8 09:23:01 server dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.234.218.249, lip=172.104.140.148, session=

Lines containing failures of 51.38.70.119
May  5 09:21:32 vm8 sshd[14126]: Did not receive identification string from 51.38.70.119 port 33216
May  5 09:21:48 vm8 sshd[14127]: Did not receive identification string from 51.38.70.119 port 48094
May  5 09:22:29 vm8 sshd[14183]: Received disconnect from 51.38.70.119 port 56282:11: Normal Shutdown, Thank you for playing [preauth]
May  5 09:22:29 vm8 sshd[14183]: Disconnected from authenticating user r.r 51.38.70.119 port 56282 [preauth]
May  5 09:22:54 vm8 sshd[14210]: Received disconnect from 51.38.70.119 port 36164:11: Normal Shutdown, Thank you for playing [preauth]
May  5 09:22:54 vm8 sshd[14210]: Disconnected from authenticating user r.r 51.38.70.119 port 36164 [preauth]
May  5 09:23:19 vm8 sshd[14217]: Received disconnect from 51.38.70.119 port 44282:11: Normal Shutdown, Thank you for p
.... truncated .... 
ort 56282:11: Normal Shutdown, Thank you for playing [preauth]
May  5 09:22:29 vm8 sshd[14183]: Disconnected from a........
------------------------------

$f2bV_matches

$f2bV_matches

Telnet/23 MH Probe, Scan, BF, Hack -

$f2bV_matches

$f2bV_matches

prod6
...

Brute-force attempt banned

$f2bV_matches

May  7 20:00:51 hanapaa sshd\[24476\]: Invalid user jessica from 183.82.2.22
May  7 20:00:51 hanapaa sshd\[24476\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.2.22
May  7 20:00:54 hanapaa sshd\[24476\]: Failed password for invalid user jessica from 183.82.2.22 port 45920 ssh2
May  7 20:04:58 hanapaa sshd\[24776\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=183.82.2.22  user=root
May  7 20:05:00 hanapaa sshd\[24776\]: Failed password for root from 183.82.2.22 port 55176 ssh2

May  8 05:50:17 [host] sshd[19795]: pam_unix(sshd:
May  8 05:50:20 [host] sshd[19795]: Failed passwor
May  8 05:53:52 [host] sshd[19919]: Invalid user y

Port scan on 3 port(s): 3151 3384 3448

2020-05-08T01:46:43.2792351495-001 sshd[12889]: Failed password for invalid user www-data from 134.122.111.162 port 36962 ssh2
2020-05-08T01:50:17.9570901495-001 sshd[13055]: Invalid user www from 134.122.111.162 port 45962
2020-05-08T01:50:17.9602471495-001 sshd[13055]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=134.122.111.162
2020-05-08T01:50:17.9570901495-001 sshd[13055]: Invalid user www from 134.122.111.162 port 45962
2020-05-08T01:50:19.7497571495-001 sshd[13055]: Failed password for invalid user www from 134.122.111.162 port 45962 ssh2
2020-05-08T01:53:51.4965201495-001 sshd[13217]: Invalid user service from 134.122.111.162 port 54938
...