Port scan

Unauthorized connection attempt from IP address 14.161.30.0 on Port 445(SMB)

''

2020-08-21T18:59:15.651814vps773228.ovh.net sshd[29910]: Failed password for root from 112.85.42.174 port 7804 ssh2
2020-08-21T18:59:18.716443vps773228.ovh.net sshd[29910]: Failed password for root from 112.85.42.174 port 7804 ssh2
2020-08-21T18:59:22.832068vps773228.ovh.net sshd[29910]: Failed password for root from 112.85.42.174 port 7804 ssh2
2020-08-21T18:59:25.853181vps773228.ovh.net sshd[29910]: Failed password for root from 112.85.42.174 port 7804 ssh2
2020-08-21T18:59:29.281924vps773228.ovh.net sshd[29910]: Failed password for root from 112.85.42.174 port 7804 ssh2
...

62.210.91.62 - [21/Aug/2020:15:02:53 +0300] "POST /xmlrpc.php HTTP/1.1" 404 73790 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" "-"
62.210.91.62 - [21/Aug/2020:15:02:53 +0300] "POST /xmlrpc.php HTTP/1.1" 404 73790 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36" "-"
...

Unauthorized connection attempt from IP address 182.155.175.99 on Port 445(SMB)

Automatic report - Port Scan Attack

Unauthorized connection attempt from IP address 106.51.48.67 on Port 445(SMB)

srvr1: (mod_security) mod_security (id:942100) triggered by 81.12.169.126 (RO/-/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/08/21 12:03:11 [error] 482759#0: *840316 [client 81.12.169.126] ModSecurity: Access denied with code 406 (phase 2).  [file "/etc/modsecurity.d/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "45"] [id "942100"] [rev ""] [msg ""] [redacted] [severity "0"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-sqli"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/152/248/66"] [tag "PCI/6.5.2"] [redacted] [uri "/forum/viewthread.php"] [unique_id "15980113918.300741"] [ref ""], client: 81.12.169.126, [redacted] request: "GET /forum/viewthread.php?thread_id=1122+AND+++%279864%27+%3D+%270%27 HTTP/1.1" [redacted]

2020-08-21 06:53:42.056469-0500  localhost smtpd[92968]: NOQUEUE: reject: RCPT from cst2-168-101.cust.vodafone.cz[31.30.168.101]: 554 5.7.1 Service unavailable; Client host [31.30.168.101] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/31.30.168.101; from= to= proto=ESMTP helo=

2020-08-21 15:46:28 dovecot_login authenticator failed for \(q7jfQUq\) \[173.254.208.250\]: 535 Incorrect authentication data \(set_id=info\)
2020-08-21 15:46:40 dovecot_login authenticator failed for \(UvfdDPd2pp\) \[173.254.208.250\]: 535 Incorrect authentication data \(set_id=info\)
2020-08-21 15:46:56 dovecot_login authenticator failed for \(12zucbHt\) \[173.254.208.250\]: 535 Incorrect authentication data \(set_id=info\)
2020-08-21 15:47:19 dovecot_login authenticator failed for \(9aIK1ol\) \[173.254.208.250\]: 535 Incorrect authentication data \(set_id=info\)
2020-08-21 15:47:42 dovecot_login authenticator failed for \(pKBTdgvM\) \[173.254.208.250\]: 535 Incorrect authentication data \(set_id=info\)
...

Unauthorized connection attempt from IP address 213.6.65.118 on Port 445(SMB)

Unauthorized connection attempt from IP address 220.176.162.118 on Port 445(SMB)

2020-08-21 06:54:22.872002-0500  localhost smtpd[93110]: NOQUEUE: reject: RCPT from unknown[112.199.95.43]: 554 5.7.1 Service unavailable; Client host [112.199.95.43] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/112.199.95.43; from= to= proto=ESMTP helo=<43.95.199.112.clbrz.static.inet.eastern-tele.com>

2020-08-21 06:52:58.223892-0500  localhost smtpd[92968]: NOQUEUE: reject: RCPT from unknown[190.43.102.200]: 554 5.7.1 Service unavailable; Client host [190.43.102.200] blocked using zen.spamhaus.org; https://www.spamhaus.org/sbl/query/SBLCSS / https://www.spamhaus.org/query/ip/190.43.102.200; from= to= proto=ESMTP helo=<[190.43.102.200]>

Port Scan
...