DATE:2020-02-02 16:07:41, IP:118.101.210.215, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)

DATE:2020-02-02 16:07:24, IP:113.170.140.20, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)

Sep  3 21:04:19 ms-srv sshd[37431]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.68.57.155
Sep  3 21:04:21 ms-srv sshd[37431]: Failed password for invalid user spoj0 from 193.68.57.155 port 36026 ssh2

2020-02-02T13:08:50.8199521495-001 sshd[49217]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.214.37
2020-02-02T13:08:50.8116481495-001 sshd[49217]: Invalid user testing from 167.71.214.37 port 51954
2020-02-02T13:08:52.6872571495-001 sshd[49217]: Failed password for invalid user testing from 167.71.214.37 port 51954 ssh2
2020-02-02T14:09:21.0805581495-001 sshd[51791]: Invalid user venetta from 167.71.214.37 port 36906
2020-02-02T14:09:21.0884771495-001 sshd[51791]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.71.214.37
2020-02-02T14:09:21.0805581495-001 sshd[51791]: Invalid user venetta from 167.71.214.37 port 36906
2020-02-02T14:09:22.7602271495-001 sshd[51791]: Failed password for invalid user venetta from 167.71.214.37 port 36906 ssh2
2020-02-02T14:12:01.2251211495-001 sshd[51928]: Invalid user rwho from 167.71.214.37 port 60800
2020-02-02T14:12:01.2353711495-001 sshd[51928]: pam_unix(ss
...

(From eric@talkwithcustomer.com)  
Hey,

You have a website nervedoc.org, right?

Of course you do. I am looking at your website now.

It gets traffic every day – that you’re probably spending $2 / $4 / $10 or more a click to get.  Not including all of the work you put into creating social media, videos, blog posts, emails, and so on.

So you’re investing seriously in getting people to that site.

But how’s it working?  Great? Okay?  Not so much?

If that answer could be better, then it’s likely you’re putting a lot of time, effort, and money into an approach that’s not paying off like it should.

Now… imagine doubling your lead conversion in just minutes… In fact, I’ll go even better.
 
You could actually get up to 100X more conversions!

I’m not making this up.  As Chris Smith, best-selling author of The Conversion Code says: Speed is essential - there is a 100x decrease in Leads when a Lead is contacted within 14 minutes vs being contacted within 5 minutes.

He’s backed up by a study a

Telnet 23

DATE:2020-02-02 16:07:36, IP:116.98.67.34, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)

May 23 23:04:47 ms-srv sshd[9764]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.252.173.80
May 23 23:04:48 ms-srv sshd[9764]: Failed password for invalid user oracle from 193.252.173.80 port 39479 ssh2

Mar 12 09:31:24 ms-srv sshd[11637]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.30.123.216  user=root
Mar 12 09:31:27 ms-srv sshd[11637]: Failed password for invalid user root from 193.30.123.216 port 50012 ssh2

20/2/2@11:16:05: FAIL: Alarm-Network address from=191.241.242.84
20/2/2@11:16:05: FAIL: Alarm-Network address from=191.241.242.84
...

Unauthorized connection attempt detected from IP address 118.101.192.81 to port 2220 [J]

Feb  2 16:07:31 icecube postfix/smtpd[88758]: NOQUEUE: reject: RCPT from unknown[95.133.163.98]: 450 4.7.1 <98-163-133-95.ip.ukrtel.net>: Helo command rejected: Host not found; from= to= proto=ESMTP helo=<98-163-133-95.ip.ukrtel.net>

Dec  6 11:40:47 ms-srv sshd[36027]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=193.252.192.149
Dec  6 11:40:48 ms-srv sshd[36027]: Failed password for invalid user admin from 193.252.192.149 port 58452 ssh2

DATE:2020-02-02 16:07:33, IP:114.79.141.18, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)

DATE:2020-02-02 16:07:38, IP:117.213.183.219, PORT:1433 MSSQL brute force auth on honeypot server (honey-neo-dc)