Am I being hacked?


Pmarszal

Recommended Posts

Hello,

 

Newb here needing answers! I recently changed my router and same day noticed the following:

 

What is going on? Attempt at a hack? What are the proper steps to secure my network? I turned off SSH and TELNET.

 

HELP!

 

Dec 19 22:14:52 unraid sshd[28336]: Connection from 192.168.1.1 port 53921 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid vsftpd[28335]: connect from 192.168.1.1 (192.168.1.1)
Dec 19 22:14:52 unraid in.telnetd[28334]: connect from 192.168.1.1 (192.168.1.1)
Dec 19 22:14:52 unraid sshd[28336]: error: kex_exchange_identification: Connection closed by remote host
Dec 19 22:14:52 unraid sshd[28336]: Connection closed by 192.168.1.1 port 53921
Dec 19 22:14:52 unraid sshd[28361]: Connection from 192.168.1.1 port 53989 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28367]: Connection from 192.168.1.1 port 53999 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28371]: Connection from 192.168.1.1 port 54001 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28357]: Connection from 192.168.1.1 port 53983 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28363]: Connection from 192.168.1.1 port 53975 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28366]: Connection from 192.168.1.1 port 53991 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28368]: Connection from 192.168.1.1 port 53985 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28362]: Connection from 192.168.1.1 port 53993 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28370]: Connection from 192.168.1.1 port 53995 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28360]: Connection from 192.168.1.1 port 53973 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28359]: Connection from 192.168.1.1 port 53977 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28352]: Connection from 192.168.1.1 port 53971 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28358]: Connection from 192.168.1.1 port 53981 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28365]: Connection from 192.168.1.1 port 53987 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28364]: Connection from 192.168.1.1 port 53979 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:52 unraid sshd[28369]: Connection from 192.168.1.1 port 53997 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:56 unraid sshd[28361]: Invalid user admin from 192.168.1.1 port 53989
Dec 19 22:14:56 unraid sshd[28361]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:56 unraid sshd[28361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:56 unraid sshd[28371]: Invalid user admin from 192.168.1.1 port 54001
Dec 19 22:14:56 unraid sshd[28371]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:56 unraid sshd[28371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28363]: Invalid user  from 192.168.1.1 port 53975
Dec 19 22:14:57 unraid sshd[28363]: Failed none for invalid user  from 192.168.1.1 port 53975 ssh2
Dec 19 22:14:57 unraid sshd[28368]: Invalid user admin from 192.168.1.1 port 53985
Dec 19 22:14:57 unraid sshd[28358]: Invalid user admin from 192.168.1.1 port 53981
Dec 19 22:14:57 unraid sshd[28363]: Bad packet length 3764872703. [preauth]
Dec 19 22:14:57 unraid sshd[28363]: ssh_dispatch_run_fatal: Connection from invalid user  192.168.1.1 port 53975: message authentication code incorrect [preauth]
Dec 19 22:14:57 unraid sshd[28360]: Invalid user pi from 192.168.1.1 port 53973
Dec 19 22:14:57 unraid sshd[28369]: Invalid user admin from 192.168.1.1 port 53997
Dec 19 22:14:57 unraid sshd[28367]: Invalid user admin from 192.168.1.1 port 53999
Dec 19 22:14:57 unraid sshd[28357]: Invalid user admin from 192.168.1.1 port 53983
Dec 19 22:14:57 unraid sshd[28370]: Invalid user admin from 192.168.1.1 port 53995
Dec 19 22:14:57 unraid sshd[28366]: Invalid user admin from 192.168.1.1 port 53991
Dec 19 22:14:57 unraid sshd[28365]: Invalid user admin from 192.168.1.1 port 53987
Dec 19 22:14:57 unraid sshd[28359]: Invalid user admin from 192.168.1.1 port 53977
Dec 19 22:14:57 unraid sshd[28352]: Invalid user pi from 192.168.1.1 port 53971
Dec 19 22:14:57 unraid sshd[28368]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28733]: Connection from 192.168.1.1 port 54007 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:57 unraid sshd[28358]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28364]: Invalid user admin from 192.168.1.1 port 53979
Dec 19 22:14:57 unraid sshd[28360]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28369]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28367]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28357]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28370]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28366]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28365]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28359]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28352]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28364]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28362]: Invalid user admin from 192.168.1.1 port 53993
Dec 19 22:14:57 unraid sshd[28362]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28733]: Invalid user admin from 192.168.1.1 port 54007
Dec 19 22:14:57 unraid sshd[28733]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:57 unraid sshd[28733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:57 unraid sshd[28361]: Failed password for invalid user admin from 192.168.1.1 port 53989 ssh2
Dec 19 22:14:58 unraid sshd[28371]: Failed password for invalid user admin from 192.168.1.1 port 54001 ssh2
Dec 19 22:14:58 unraid sshd[28361]: Bad packet length 604003085. [preauth]
Dec 19 22:14:58 unraid sshd[28361]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53989: message authentication code incorrect [preauth]
Dec 19 22:14:58 unraid sshd[28772]: Connection from 192.168.1.1 port 54041 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:58 unraid sshd[28772]: Invalid user admin from 192.168.1.1 port 54041
Dec 19 22:14:58 unraid sshd[28772]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:58 unraid sshd[28772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:58 unraid sshd[28371]: Bad packet length 3850756272. [preauth]
Dec 19 22:14:58 unraid sshd[28371]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 54001: message authentication code incorrect [preauth]
Dec 19 22:14:58 unraid sshd[28776]: Connection from 192.168.1.1 port 54043 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:14:58 unraid sshd[28776]: Invalid user admin from 192.168.1.1 port 54043
Dec 19 22:14:58 unraid sshd[28776]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:14:58 unraid sshd[28776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:14:59 unraid sshd[28368]: Failed password for invalid user admin from 192.168.1.1 port 53985 ssh2
Dec 19 22:14:59 unraid sshd[28360]: Failed password for invalid user pi from 192.168.1.1 port 53973 ssh2
Dec 19 22:14:59 unraid sshd[28358]: Failed password for invalid user admin from 192.168.1.1 port 53981 ssh2
Dec 19 22:14:59 unraid sshd[28369]: Failed password for invalid user admin from 192.168.1.1 port 53997 ssh2
Dec 19 22:14:59 unraid sshd[28367]: Failed password for invalid user admin from 192.168.1.1 port 53999 ssh2
Dec 19 22:14:59 unraid sshd[28357]: Failed password for invalid user admin from 192.168.1.1 port 53983 ssh2
Dec 19 22:14:59 unraid sshd[28370]: Failed password for invalid user admin from 192.168.1.1 port 53995 ssh2
Dec 19 22:14:59 unraid sshd[28359]: Failed password for invalid user admin from 192.168.1.1 port 53977 ssh2
Dec 19 22:14:59 unraid sshd[28366]: Failed password for invalid user admin from 192.168.1.1 port 53991 ssh2
Dec 19 22:14:59 unraid sshd[28365]: Failed password for invalid user admin from 192.168.1.1 port 53987 ssh2
Dec 19 22:14:59 unraid sshd[28364]: Failed password for invalid user admin from 192.168.1.1 port 53979 ssh2
Dec 19 22:14:59 unraid sshd[28352]: Failed password for invalid user pi from 192.168.1.1 port 53971 ssh2
Dec 19 22:14:59 unraid sshd[28362]: Failed password for invalid user admin from 192.168.1.1 port 53993 ssh2
Dec 19 22:14:59 unraid sshd[28733]: Failed password for invalid user admin from 192.168.1.1 port 54007 ssh2
Dec 19 22:15:00 unraid sshd[28772]: Failed password for invalid user admin from 192.168.1.1 port 54041 ssh2
Dec 19 22:15:00 unraid sshd[28772]: Bad packet length 4075915883. [preauth]
Dec 19 22:15:00 unraid sshd[28772]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 54041: message authentication code incorrect [preauth]
Dec 19 22:15:00 unraid sshd[3287]: error: beginning MaxStartups throttling
Dec 19 22:15:00 unraid sshd[3287]: drop connection #15 from [192.168.1.1]:54047 on [192.168.1.12]:22 past MaxStartups
Dec 19 22:15:00 unraid sshd[28776]: Failed password for invalid user admin from 192.168.1.1 port 54043 ssh2
Dec 19 22:15:00 unraid sshd[28776]: Bad packet length 921309574. [preauth]
Dec 19 22:15:00 unraid sshd[28776]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 54043: message authentication code incorrect [preauth]
Dec 19 22:15:00 unraid sshd[28815]: Connection from 192.168.1.1 port 54049 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:00 unraid sshd[28352]: Bad packet length 1359432112. [preauth]
Dec 19 22:15:00 unraid sshd[28360]: Bad packet length 1589818681. [preauth]
Dec 19 22:15:00 unraid sshd[28360]: ssh_dispatch_run_fatal: Connection from invalid user pi 192.168.1.1 port 53973: message authentication code incorrect [preauth]
Dec 19 22:15:00 unraid sshd[28352]: ssh_dispatch_run_fatal: Connection from invalid user pi 192.168.1.1 port 53971: message authentication code incorrect [preauth]
Dec 19 22:15:00 unraid sshd[3287]: drop connection #13 from [192.168.1.1]:54053 on [192.168.1.12]:22 past MaxStartups
Dec 19 22:15:00 unraid sshd[28817]: Connection from 192.168.1.1 port 54055 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:01 unraid sshd[28815]: Invalid user admin from 192.168.1.1 port 54049
Dec 19 22:15:01 unraid sshd[28815]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:15:01 unraid sshd[28815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:15:01 unraid sshd[28359]: Bad packet length 1920080390. [preauth]
Dec 19 22:15:01 unraid sshd[28368]: Bad packet length 4184988466. [preauth]
Dec 19 22:15:01 unraid sshd[28368]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53985: message authentication code incorrect [preauth]
Dec 19 22:15:01 unraid sshd[28359]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53977: message authentication code incorrect [preauth]
Dec 19 22:15:01 unraid sshd[28357]: Bad packet length 1795377332. [preauth]
Dec 19 22:15:01 unraid sshd[28357]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53983: message authentication code incorrect [preauth]
Dec 19 22:15:01 unraid sshd[28367]: Bad packet length 1107808729. [preauth]
Dec 19 22:15:01 unraid sshd[28367]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53999: message authentication code incorrect [preauth]
Dec 19 22:15:01 unraid sshd[28365]: Bad packet length 789643454. [preauth]
Dec 19 22:15:01 unraid sshd[28365]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53987: message authentication code incorrect [preauth]
Dec 19 22:15:01 unraid sshd[28366]: Bad packet length 2221404649. [preauth]
Dec 19 22:15:01 unraid sshd[28366]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53991: message authentication code incorrect [preauth]
Dec 19 22:15:01 unraid sshd[28358]: Bad packet length 1974245784. [preauth]
Dec 19 22:15:01 unraid sshd[28358]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53981: message authentication code incorrect [preauth]
Dec 19 22:15:01 unraid sshd[28370]: Bad packet length 1081036157. [preauth]
Dec 19 22:15:01 unraid sshd[28370]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53995: message authentication code incorrect [preauth]
Dec 19 22:15:01 unraid sshd[28369]: Bad packet length 1012252943. [preauth]
Dec 19 22:15:01 unraid sshd[28369]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53997: message authentication code incorrect [preauth]
Dec 19 22:15:01 unraid sshd[3287]: exited MaxStartups throttling after 00:00:01, 2 connections dropped
Dec 19 22:15:01 unraid sshd[28364]: Bad packet length 602478263. [preauth]
Dec 19 22:15:01 unraid sshd[28364]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53979: message authentication code incorrect [preauth]
Dec 19 22:15:01 unraid sshd[28863]: Connection from 192.168.1.1 port 54065 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:01 unraid sshd[28867]: Connection from 192.168.1.1 port 54079 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:01 unraid sshd[28868]: Connection from 192.168.1.1 port 54069 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:01 unraid sshd[28869]: Connection from 192.168.1.1 port 54071 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:01 unraid sshd[28865]: Connection from 192.168.1.1 port 54061 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:01 unraid sshd[28866]: Connection from 192.168.1.1 port 54067 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:01 unraid sshd[28864]: Connection from 192.168.1.1 port 54063 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:01 unraid sshd[28872]: Connection from 192.168.1.1 port 54075 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:01 unraid sshd[28870]: Connection from 192.168.1.1 port 54077 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:01 unraid sshd[28871]: Connection from 192.168.1.1 port 54073 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:01 unraid sshd[28362]: Bad packet length 2295812421. [preauth]
Dec 19 22:15:01 unraid sshd[28362]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53993: message authentication code incorrect [preauth]
Dec 19 22:15:01 unraid sshd[28817]: Invalid user admin from 192.168.1.1 port 54055
Dec 19 22:15:01 unraid sshd[28817]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:15:01 unraid sshd[28817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:15:01 unraid sshd[28885]: Connection from 192.168.1.1 port 54083 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:02 unraid sshd[28733]: Bad packet length 608058997. [preauth]
Dec 19 22:15:02 unraid sshd[28733]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 54007: message authentication code incorrect [preauth]
Dec 19 22:15:02 unraid sshd[28912]: Connection from 192.168.1.1 port 54089 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:03 unraid sshd[28815]: Failed password for invalid user admin from 192.168.1.1 port 54049 ssh2
Dec 19 22:15:03 unraid sshd[28817]: Failed password for invalid user admin from 192.168.1.1 port 54055 ssh2
Dec 19 22:15:04 unraid sshd[28864]: Invalid user vagrant from 192.168.1.1 port 54063
Dec 19 22:15:04 unraid sshd[28864]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:15:04 unraid sshd[28864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:15:04 unraid sshd[28865]: Invalid user admin from 192.168.1.1 port 54061
Dec 19 22:15:04 unraid sshd[28865]: pam_unix(sshd:auth): check pass; user unknown
Dec 19 22:15:04 unraid sshd[28865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 
Dec 19 22:15:04 unraid sshd[28868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1  user=root
Dec 19 22:15:04 unraid sshd[28870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1  user=root
Dec 19 22:15:04 unraid sshd[28867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1  user=root
Dec 19 22:15:04 unraid sshd[28872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1  user=root
Dec 19 22:15:04 unraid sshd[28866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1  user=root
Dec 19 22:15:04 unraid sshd[28863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1  user=root
Dec 19 22:15:04 unraid sshd[28871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1  user=root
Dec 19 22:15:04 unraid sshd[28869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1  user=root
Dec 19 22:15:04 unraid sshd[28885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1  user=root
Dec 19 22:15:04 unraid sshd[28912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1  user=root
Dec 19 22:15:05 unraid sshd[28815]: Bad packet length 1975614561. [preauth]
Dec 19 22:15:05 unraid sshd[28815]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 54049: message authentication code incorrect [preauth]
Dec 19 22:15:05 unraid sshd[29182]: Connection from 192.168.1.1 port 54123 on 192.168.1.12 port 22 rdomain ""
Dec 19 22:15:05 unraid sshd[28817]: Bad packet length 2733480275. [preauth]
Dec 19 22:15:05 unraid sshd[28817]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 54055: message authentication code incorrect [preauth]
Dec 19 22:15:05 unraid sshd[3287]: error: beginning MaxStartups throttling
Dec 19 22:15:05 unraid sshd[3287]: drop connection #13 from [192.168.1.1]:54125 on [192.168.1.12]:22 past MaxStartups
Dec 19 22:15:05 unraid sshd[29182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1  user=root

....
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR guest, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR user, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR 666666, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR guest, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR user, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR user, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR user, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR 888888, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR user, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR mother, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR administrator, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR Administrator, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR tech, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR administrator, Authentication failure
Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR ubnt, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR support, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR info, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR oracle, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR default, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR ftp, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR ftp, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR supervisor, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR Carlisle, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR public, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR admin1, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR security, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR Darlington, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR ghost, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR info, Authentication failure
Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR ftpuser, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR adm, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR julian, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR Kirton, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR mysql, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR git, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR joggler, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR sybase, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR nagios, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR mike, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR 1234, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR cop, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR Aldershot, Authentication failure
Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR backup, Authentication failure
Dec 19 22:15:52 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR nobody, Authentication failure
Dec 19 22:15:52 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR Bedford, Authentication failure

 

  • Like 1
Link to comment
  • 2 weeks later...
6 hours ago, MrGrey said:

Welcome to the real world. So few people even want to look.

 

Mr. Grey

Well, since the OP changed his router and immediately starting seeing login attempts with common users coming FROM THE ROUTER, it's reasonable to assume that the first answer is correct. The OP never answered, so we can only assume the issue was solved, one way or the other.

 

Your answer didn't add anything to the discussion.

  • Thanks 1
  • Haha 1
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.