Brute-force general attack.

$f2bV_matches

May  5 03:12:50 server postfix/smtpd[10379]: NOQUEUE: reject: RCPT from unknown[45.227.87.164]: 554 5.7.1 Service unavailable; Client host [45.227.87.164] blocked using zen.spamhaus.org; https://www.spamhaus.org/query/ip/45.227.87.164; from= to=<7927378anav@anavveneto.it> proto=ESMTP helo=<45-227-87-164.host.netmais.net.br>

Triggered by Fail2Ban at Ares web server

May  5 03:12:39 mellenthin sshd[14840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=109.232.2.118  user=steam
May  5 03:12:42 mellenthin sshd[14840]: Failed password for invalid user steam from 109.232.2.118 port 65288 ssh2

05/05/2020-03:32:32.568103 151.101.14.214 Protocol: 6 SURICATA TLS invalid record/traffic

Port probing on unauthorized port 445

Honeypot attack, port: 445, PTR: 201-208-24-208.genericrev.cantv.net.

Honeypot attack, port: 81, PTR: dsl-187-208-108-168-dyn.prod-infinitum.com.mx.

May  5 03:04:50 server sshd[19777]: Failed password for invalid user majed from 111.229.188.72 port 40364 ssh2
May  5 03:24:37 server sshd[21228]: Failed password for invalid user testuser from 111.229.188.72 port 41470 ssh2
May  5 03:30:04 server sshd[21400]: Failed password for root from 111.229.188.72 port 43838 ssh2

$f2bV_matches

May  5 03:12:41 raspberrypi sshd\[3942\]: Invalid user ubnt from 203.82.35.115
...

Icarus honeypot on github

Honeypot attack, port: 81, PTR: static-213-101-148-245.cust.tele2.lt.

Brute Force - Postfix

Total attacks: 14