Pmarszal Posted December 20, 2021 Share Posted December 20, 2021 Hello, Newb here needing answers! I recently changed my router and same day noticed the following: What is going on? Attempt at a hack? What are the proper steps to secure my network? I turned off SSH and TELNET. HELP! Dec 19 22:14:52 unraid sshd[28336]: Connection from 192.168.1.1 port 53921 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid vsftpd[28335]: connect from 192.168.1.1 (192.168.1.1) Dec 19 22:14:52 unraid in.telnetd[28334]: connect from 192.168.1.1 (192.168.1.1) Dec 19 22:14:52 unraid sshd[28336]: error: kex_exchange_identification: Connection closed by remote host Dec 19 22:14:52 unraid sshd[28336]: Connection closed by 192.168.1.1 port 53921 Dec 19 22:14:52 unraid sshd[28361]: Connection from 192.168.1.1 port 53989 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28367]: Connection from 192.168.1.1 port 53999 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28371]: Connection from 192.168.1.1 port 54001 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28357]: Connection from 192.168.1.1 port 53983 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28363]: Connection from 192.168.1.1 port 53975 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28366]: Connection from 192.168.1.1 port 53991 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28368]: Connection from 192.168.1.1 port 53985 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28362]: Connection from 192.168.1.1 port 53993 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28370]: Connection from 192.168.1.1 port 53995 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28360]: Connection from 192.168.1.1 port 53973 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28359]: Connection from 192.168.1.1 port 53977 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28352]: Connection from 192.168.1.1 port 53971 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28358]: Connection from 192.168.1.1 port 53981 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28365]: Connection from 192.168.1.1 port 53987 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28364]: Connection from 192.168.1.1 port 53979 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:52 unraid sshd[28369]: Connection from 192.168.1.1 port 53997 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:56 unraid sshd[28361]: Invalid user admin from 192.168.1.1 port 53989 Dec 19 22:14:56 unraid sshd[28361]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:56 unraid sshd[28361]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:56 unraid sshd[28371]: Invalid user admin from 192.168.1.1 port 54001 Dec 19 22:14:56 unraid sshd[28371]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:56 unraid sshd[28371]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28363]: Invalid user from 192.168.1.1 port 53975 Dec 19 22:14:57 unraid sshd[28363]: Failed none for invalid user from 192.168.1.1 port 53975 ssh2 Dec 19 22:14:57 unraid sshd[28368]: Invalid user admin from 192.168.1.1 port 53985 Dec 19 22:14:57 unraid sshd[28358]: Invalid user admin from 192.168.1.1 port 53981 Dec 19 22:14:57 unraid sshd[28363]: Bad packet length 3764872703. [preauth] Dec 19 22:14:57 unraid sshd[28363]: ssh_dispatch_run_fatal: Connection from invalid user 192.168.1.1 port 53975: message authentication code incorrect [preauth] Dec 19 22:14:57 unraid sshd[28360]: Invalid user pi from 192.168.1.1 port 53973 Dec 19 22:14:57 unraid sshd[28369]: Invalid user admin from 192.168.1.1 port 53997 Dec 19 22:14:57 unraid sshd[28367]: Invalid user admin from 192.168.1.1 port 53999 Dec 19 22:14:57 unraid sshd[28357]: Invalid user admin from 192.168.1.1 port 53983 Dec 19 22:14:57 unraid sshd[28370]: Invalid user admin from 192.168.1.1 port 53995 Dec 19 22:14:57 unraid sshd[28366]: Invalid user admin from 192.168.1.1 port 53991 Dec 19 22:14:57 unraid sshd[28365]: Invalid user admin from 192.168.1.1 port 53987 Dec 19 22:14:57 unraid sshd[28359]: Invalid user admin from 192.168.1.1 port 53977 Dec 19 22:14:57 unraid sshd[28352]: Invalid user pi from 192.168.1.1 port 53971 Dec 19 22:14:57 unraid sshd[28368]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28368]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28733]: Connection from 192.168.1.1 port 54007 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:57 unraid sshd[28358]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28358]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28364]: Invalid user admin from 192.168.1.1 port 53979 Dec 19 22:14:57 unraid sshd[28360]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28360]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28369]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28369]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28367]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28367]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28357]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28370]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28370]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28366]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28366]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28365]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28365]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28359]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28359]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28352]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28352]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28364]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28364]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28362]: Invalid user admin from 192.168.1.1 port 53993 Dec 19 22:14:57 unraid sshd[28362]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28362]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28733]: Invalid user admin from 192.168.1.1 port 54007 Dec 19 22:14:57 unraid sshd[28733]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:57 unraid sshd[28733]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:57 unraid sshd[28361]: Failed password for invalid user admin from 192.168.1.1 port 53989 ssh2 Dec 19 22:14:58 unraid sshd[28371]: Failed password for invalid user admin from 192.168.1.1 port 54001 ssh2 Dec 19 22:14:58 unraid sshd[28361]: Bad packet length 604003085. [preauth] Dec 19 22:14:58 unraid sshd[28361]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53989: message authentication code incorrect [preauth] Dec 19 22:14:58 unraid sshd[28772]: Connection from 192.168.1.1 port 54041 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:58 unraid sshd[28772]: Invalid user admin from 192.168.1.1 port 54041 Dec 19 22:14:58 unraid sshd[28772]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:58 unraid sshd[28772]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:58 unraid sshd[28371]: Bad packet length 3850756272. [preauth] Dec 19 22:14:58 unraid sshd[28371]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 54001: message authentication code incorrect [preauth] Dec 19 22:14:58 unraid sshd[28776]: Connection from 192.168.1.1 port 54043 on 192.168.1.12 port 22 rdomain "" Dec 19 22:14:58 unraid sshd[28776]: Invalid user admin from 192.168.1.1 port 54043 Dec 19 22:14:58 unraid sshd[28776]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:14:58 unraid sshd[28776]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:14:59 unraid sshd[28368]: Failed password for invalid user admin from 192.168.1.1 port 53985 ssh2 Dec 19 22:14:59 unraid sshd[28360]: Failed password for invalid user pi from 192.168.1.1 port 53973 ssh2 Dec 19 22:14:59 unraid sshd[28358]: Failed password for invalid user admin from 192.168.1.1 port 53981 ssh2 Dec 19 22:14:59 unraid sshd[28369]: Failed password for invalid user admin from 192.168.1.1 port 53997 ssh2 Dec 19 22:14:59 unraid sshd[28367]: Failed password for invalid user admin from 192.168.1.1 port 53999 ssh2 Dec 19 22:14:59 unraid sshd[28357]: Failed password for invalid user admin from 192.168.1.1 port 53983 ssh2 Dec 19 22:14:59 unraid sshd[28370]: Failed password for invalid user admin from 192.168.1.1 port 53995 ssh2 Dec 19 22:14:59 unraid sshd[28359]: Failed password for invalid user admin from 192.168.1.1 port 53977 ssh2 Dec 19 22:14:59 unraid sshd[28366]: Failed password for invalid user admin from 192.168.1.1 port 53991 ssh2 Dec 19 22:14:59 unraid sshd[28365]: Failed password for invalid user admin from 192.168.1.1 port 53987 ssh2 Dec 19 22:14:59 unraid sshd[28364]: Failed password for invalid user admin from 192.168.1.1 port 53979 ssh2 Dec 19 22:14:59 unraid sshd[28352]: Failed password for invalid user pi from 192.168.1.1 port 53971 ssh2 Dec 19 22:14:59 unraid sshd[28362]: Failed password for invalid user admin from 192.168.1.1 port 53993 ssh2 Dec 19 22:14:59 unraid sshd[28733]: Failed password for invalid user admin from 192.168.1.1 port 54007 ssh2 Dec 19 22:15:00 unraid sshd[28772]: Failed password for invalid user admin from 192.168.1.1 port 54041 ssh2 Dec 19 22:15:00 unraid sshd[28772]: Bad packet length 4075915883. [preauth] Dec 19 22:15:00 unraid sshd[28772]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 54041: message authentication code incorrect [preauth] Dec 19 22:15:00 unraid sshd[3287]: error: beginning MaxStartups throttling Dec 19 22:15:00 unraid sshd[3287]: drop connection #15 from [192.168.1.1]:54047 on [192.168.1.12]:22 past MaxStartups Dec 19 22:15:00 unraid sshd[28776]: Failed password for invalid user admin from 192.168.1.1 port 54043 ssh2 Dec 19 22:15:00 unraid sshd[28776]: Bad packet length 921309574. [preauth] Dec 19 22:15:00 unraid sshd[28776]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 54043: message authentication code incorrect [preauth] Dec 19 22:15:00 unraid sshd[28815]: Connection from 192.168.1.1 port 54049 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:00 unraid sshd[28352]: Bad packet length 1359432112. [preauth] Dec 19 22:15:00 unraid sshd[28360]: Bad packet length 1589818681. [preauth] Dec 19 22:15:00 unraid sshd[28360]: ssh_dispatch_run_fatal: Connection from invalid user pi 192.168.1.1 port 53973: message authentication code incorrect [preauth] Dec 19 22:15:00 unraid sshd[28352]: ssh_dispatch_run_fatal: Connection from invalid user pi 192.168.1.1 port 53971: message authentication code incorrect [preauth] Dec 19 22:15:00 unraid sshd[3287]: drop connection #13 from [192.168.1.1]:54053 on [192.168.1.12]:22 past MaxStartups Dec 19 22:15:00 unraid sshd[28817]: Connection from 192.168.1.1 port 54055 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:01 unraid sshd[28815]: Invalid user admin from 192.168.1.1 port 54049 Dec 19 22:15:01 unraid sshd[28815]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:15:01 unraid sshd[28815]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:15:01 unraid sshd[28359]: Bad packet length 1920080390. [preauth] Dec 19 22:15:01 unraid sshd[28368]: Bad packet length 4184988466. [preauth] Dec 19 22:15:01 unraid sshd[28368]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53985: message authentication code incorrect [preauth] Dec 19 22:15:01 unraid sshd[28359]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53977: message authentication code incorrect [preauth] Dec 19 22:15:01 unraid sshd[28357]: Bad packet length 1795377332. [preauth] Dec 19 22:15:01 unraid sshd[28357]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53983: message authentication code incorrect [preauth] Dec 19 22:15:01 unraid sshd[28367]: Bad packet length 1107808729. [preauth] Dec 19 22:15:01 unraid sshd[28367]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53999: message authentication code incorrect [preauth] Dec 19 22:15:01 unraid sshd[28365]: Bad packet length 789643454. [preauth] Dec 19 22:15:01 unraid sshd[28365]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53987: message authentication code incorrect [preauth] Dec 19 22:15:01 unraid sshd[28366]: Bad packet length 2221404649. [preauth] Dec 19 22:15:01 unraid sshd[28366]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53991: message authentication code incorrect [preauth] Dec 19 22:15:01 unraid sshd[28358]: Bad packet length 1974245784. [preauth] Dec 19 22:15:01 unraid sshd[28358]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53981: message authentication code incorrect [preauth] Dec 19 22:15:01 unraid sshd[28370]: Bad packet length 1081036157. [preauth] Dec 19 22:15:01 unraid sshd[28370]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53995: message authentication code incorrect [preauth] Dec 19 22:15:01 unraid sshd[28369]: Bad packet length 1012252943. [preauth] Dec 19 22:15:01 unraid sshd[28369]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53997: message authentication code incorrect [preauth] Dec 19 22:15:01 unraid sshd[3287]: exited MaxStartups throttling after 00:00:01, 2 connections dropped Dec 19 22:15:01 unraid sshd[28364]: Bad packet length 602478263. [preauth] Dec 19 22:15:01 unraid sshd[28364]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53979: message authentication code incorrect [preauth] Dec 19 22:15:01 unraid sshd[28863]: Connection from 192.168.1.1 port 54065 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:01 unraid sshd[28867]: Connection from 192.168.1.1 port 54079 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:01 unraid sshd[28868]: Connection from 192.168.1.1 port 54069 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:01 unraid sshd[28869]: Connection from 192.168.1.1 port 54071 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:01 unraid sshd[28865]: Connection from 192.168.1.1 port 54061 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:01 unraid sshd[28866]: Connection from 192.168.1.1 port 54067 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:01 unraid sshd[28864]: Connection from 192.168.1.1 port 54063 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:01 unraid sshd[28872]: Connection from 192.168.1.1 port 54075 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:01 unraid sshd[28870]: Connection from 192.168.1.1 port 54077 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:01 unraid sshd[28871]: Connection from 192.168.1.1 port 54073 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:01 unraid sshd[28362]: Bad packet length 2295812421. [preauth] Dec 19 22:15:01 unraid sshd[28362]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 53993: message authentication code incorrect [preauth] Dec 19 22:15:01 unraid sshd[28817]: Invalid user admin from 192.168.1.1 port 54055 Dec 19 22:15:01 unraid sshd[28817]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:15:01 unraid sshd[28817]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:15:01 unraid sshd[28885]: Connection from 192.168.1.1 port 54083 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:02 unraid sshd[28733]: Bad packet length 608058997. [preauth] Dec 19 22:15:02 unraid sshd[28733]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 54007: message authentication code incorrect [preauth] Dec 19 22:15:02 unraid sshd[28912]: Connection from 192.168.1.1 port 54089 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:03 unraid sshd[28815]: Failed password for invalid user admin from 192.168.1.1 port 54049 ssh2 Dec 19 22:15:03 unraid sshd[28817]: Failed password for invalid user admin from 192.168.1.1 port 54055 ssh2 Dec 19 22:15:04 unraid sshd[28864]: Invalid user vagrant from 192.168.1.1 port 54063 Dec 19 22:15:04 unraid sshd[28864]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:15:04 unraid sshd[28864]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:15:04 unraid sshd[28865]: Invalid user admin from 192.168.1.1 port 54061 Dec 19 22:15:04 unraid sshd[28865]: pam_unix(sshd:auth): check pass; user unknown Dec 19 22:15:04 unraid sshd[28865]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 Dec 19 22:15:04 unraid sshd[28868]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 user=root Dec 19 22:15:04 unraid sshd[28870]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 user=root Dec 19 22:15:04 unraid sshd[28867]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 user=root Dec 19 22:15:04 unraid sshd[28872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 user=root Dec 19 22:15:04 unraid sshd[28866]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 user=root Dec 19 22:15:04 unraid sshd[28863]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 user=root Dec 19 22:15:04 unraid sshd[28871]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 user=root Dec 19 22:15:04 unraid sshd[28869]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 user=root Dec 19 22:15:04 unraid sshd[28885]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 user=root Dec 19 22:15:04 unraid sshd[28912]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 user=root Dec 19 22:15:05 unraid sshd[28815]: Bad packet length 1975614561. [preauth] Dec 19 22:15:05 unraid sshd[28815]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 54049: message authentication code incorrect [preauth] Dec 19 22:15:05 unraid sshd[29182]: Connection from 192.168.1.1 port 54123 on 192.168.1.12 port 22 rdomain "" Dec 19 22:15:05 unraid sshd[28817]: Bad packet length 2733480275. [preauth] Dec 19 22:15:05 unraid sshd[28817]: ssh_dispatch_run_fatal: Connection from invalid user admin 192.168.1.1 port 54055: message authentication code incorrect [preauth] Dec 19 22:15:05 unraid sshd[3287]: error: beginning MaxStartups throttling Dec 19 22:15:05 unraid sshd[3287]: drop connection #13 from [192.168.1.1]:54125 on [192.168.1.12]:22 past MaxStartups Dec 19 22:15:05 unraid sshd[29182]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=192.168.1.1 user=root .... Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR guest, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR user, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR 666666, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR guest, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR user, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR user, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR user, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR 888888, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR user, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR mother, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR administrator, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR Administrator, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR tech, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR administrator, Authentication failure Dec 19 22:15:37 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR ubnt, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR support, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR info, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR oracle, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR default, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR ftp, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR ftp, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR supervisor, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR Carlisle, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR public, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR admin1, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR security, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR Darlington, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR ghost, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR info, Authentication failure Dec 19 22:15:44 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR ftpuser, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR adm, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR julian, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR Kirton, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR mysql, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR git, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR joggler, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR sybase, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR nagios, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR mike, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR 1234, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR cop, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR Aldershot, Authentication failure Dec 19 22:15:51 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR backup, Authentication failure Dec 19 22:15:52 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR nobody, Authentication failure Dec 19 22:15:52 unraid login: FAILED LOGIN 1 FROM 192.168.1.1 FOR Bedford, Authentication failure 1 Quote Link to comment
ConnerVT Posted December 21, 2021 Share Posted December 21, 2021 New Netgear router? May be Netgear Armor scanning your network. 1 Quote Link to comment
MrGrey Posted December 31, 2021 Share Posted December 31, 2021 Welcome to the real world. So few people even want to look. Mr. Grey Quote Link to comment
JonathanM Posted December 31, 2021 Share Posted December 31, 2021 6 hours ago, MrGrey said: Welcome to the real world. So few people even want to look. Mr. Grey Well, since the OP changed his router and immediately starting seeing login attempts with common users coming FROM THE ROUTER, it's reasonable to assume that the first answer is correct. The OP never answered, so we can only assume the issue was solved, one way or the other. Your answer didn't add anything to the discussion. 1 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.