Honeypot za balkanske IP adrese
#21
I da dodam izgleda da traži IoT uređaje. Google: "ANKO Products DVR root/anko Mirai".
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#22
Detektovan novi uporni 194.152.206.17, zemlja Hrvatska, provajder: Hrvatski Telekom.

Quote:Mar  7 11:25:35 base sshd[16332]: Invalid user nadia from 194.152.206.17 port 45460
Mar  7 11:27:01 base sshd[16428]: Invalid user deqingfu from 194.152.206.17 port 17310
Mar  7 11:28:14 base sshd[16498]: Invalid user mohsen from 194.152.206.17 port 64688
Mar  7 11:29:29 base sshd[16579]: Invalid user monstruola from 194.152.206.17 port 55150
Mar  7 11:30:44 base sshd[16679]: Invalid user maucosta from 194.152.206.17 port 35638

AbuseIPDB: https://www.abuseipdb.com/check/194.152.206.17

[Image: attachment.php?aid=690]


Attached Files Image(s)
   
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#23
Prateći tragove iz ove teme (https://www.abuseipdb.com/check-block/79.101.45.94/24) indetifikovao sam IP (79.101.45.94) koja je prilično aktivna sa malicioznim aktivnostima. Provajder Telekom, uređaj Mikrotik (https://www.shodan.io/host/79.101.45.94).

[Image: attachment.php?aid=726]


Attached Files Image(s)
   
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#24
Prateći tragove iz ove teme indetifikovao sam IP (212.57.43.75) koja je prilično aktivna sa malicioznim aktivnostima. Provajder Astra Telekom / Telekom Srbija, uređaj najverovatnje Mikrotik (https://www.shodan.io/host/212.57.43.75).

AbuseIPDB: https://www.abuseipdb.com/check/212.57.43.75

[Image: attachment.php?aid=727]


Attached Files Image(s)
   
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#25
Prateći tragove iz ove teme indetifikovao sam IP (95.140.126.82) koja je prilično aktivna sa malicioznim aktivnostima. Provajder Orion Telekom.

AbuseIPDB: https://www.abuseipdb.com/check/95.140.126.82

[Image: attachment.php?aid=728]


Attached Files Image(s)
   
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#26
Evo još jednog upornog sa napadima, IP: 194.152.206.17, zemlja Hrvatska, provajder Hrvatski Telekom: https://www.abuseipdb.com/check/194.152.206.17.

Quote:Mar 21 06:37:18 base sshd[15493]: Invalid user timofej from 194.152.206.17 port 58381
Mar 21 06:40:11 base sshd[16267]: Invalid user gabdul from 194.152.206.17 port 48215
Mar 21 06:41:22 base sshd[16331]: Invalid user sakhab from 194.152.206.17 port 40053
Mar 21 06:42:34 base sshd[16368]: Invalid user marya from 194.152.206.17 port 33476
Mar 21 06:43:46 base sshd[16491]: Invalid user adelzyan from 194.152.206.17 port 43891
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#27
Evo još jednog upornog sa napadima, IP: 194.152.214.252 zemlja Hrvatska, provajder Hrvatski Telekom: https://www.abuseipdb.com/check/194.152.214.252

Quote:Apr  1 00:11:02 base sshd[26869]: Invalid user remote from 194.152.214.252 port 37809
Apr  1 00:15:20 base sshd[27017]: Invalid user redmine from 194.152.214.252 port 44865
Apr  1 00:17:47 base sshd[27138]: Invalid user pluto from 194.152.214.252 port 27557
Apr  1 00:20:06 base sshd[27269]: Invalid user hadoop from 194.152.214.252 port 31241
Apr  1 00:22:21 base sshd[27384]: Invalid user jeffrey from 194.152.214.252 port 48876
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#28
SMB CRAWLER: https://viz.greynoise.io/ip/79.101.33.190, Provider: TELEKOM SRBIJA (79-101-33-190.static.isp.telekom.rs).
AbuseIPDB: https://www.abuseipdb.com/check/79.101.33.190.


Attached Files Image(s)
   
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#29
MIRAI, IP: 93.87.46.178, Provajder: Telekom Srbija

https://viz.greynoise.io/ip/93.87.46.178
https://threatbook.io/ip/93.87.46.178
https://www.abuseipdb.com/check/93.87.46.178


Attached Files Image(s)
   
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply
#30
Scanner: 93.87.59.88, provajder Telekom Srbija. SUR ELITE, Kladovo je vlasnik IP adrese. 

https://www.abuseipdb.com/check/93.87.59.88
https://threatbook.io/ip/93.87.59.88
https://viz.greynoise.io/ip/93.87.59.88
https://www.shodan.io/host/93.87.59.88
https://whois.domaintools.com/93.87.59.88

   
“If you think you are too small to make a difference, try sleeping with a mosquito.” - Dalai Lama XIV
Reply


Forum Jump:


Users browsing this thread: 3 Guest(s)