Tag Archives: 220.177.198.31

[Fail2Ban] ssh: banned 220.177.198.31

Hi,

The IP 220.177.198.31 has just been banned by Fail2Ban after
6 attempts against ssh.

Here are more information about 220.177.198.31:

% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to ‘220.175.0.0 – 220.177.255.255’

inetnum: 220.175.0.0 – 220.177.255.255
netname: CHINANET-JX
descr: CHINANET jiangxi province network
descr: China Telecom
descr: No.31,jingrong street
descr: Beijing 100032
country: CN
admin-c: CH93-AP
tech-c: XY1-AP
mnt-by: MAINT-CHINANET
mnt-lower: MAINT-IP-WWF
changed: hostmaster@ns.chinanet.cn.net 20030516
status: ALLOCATED NON-PORTABLE
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
changed: zhengzm@gsta.com 20140227
mnt-by: MAINT-CHINANET
source: APNIC

person: Xu Yongzhong
address: Data Communication Bireau
address: Ministry of Posts and Telecommunications
address: A12 Xin-jie-kou-wai Street
address: Beijing 100088
country: CN
phone: +86-10-62053991
fax-no: +86-10-62053995
e-mail: yzxu@publicf.bta.net.cn
nic-hdl: XY1-AP
mnt-by: MAINT-NULL
changed: hostmaster@apnic.net 19960319
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS1)

Lines containing IP:220.177.198.31 in /var/log/auth.log

Apr 29 16:29:07 vps3 sshd[29621]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.177.198.31 user=root
Apr 29 16:29:10 vps3 sshd[29621]: Failed password for root from 220.177.198.31 port 43485 ssh2
Apr 29 16:29:10 vps3 sshd[29621]: Received disconnect from 220.177.198.31: 11: Bye Bye [preauth]
Apr 29 16:29:13 vps3 sshd[29623]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.177.198.31 user=root
Apr 29 16:29:16 vps3 sshd[29623]: Failed password for root from 220.177.198.31 port 45962 ssh2
Apr 29 16:29:16 vps3 sshd[29623]: Received disconnect from 220.177.198.31: 11: Bye Bye [preauth]
Apr 29 16:29:20 vps3 sshd[29626]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.177.198.31 user=root
Apr 29 16:29:21 vps3 sshd[29626]: Failed password for root from 220.177.198.31 port 48807 ssh2
Apr 29 16:29:22 vps3 sshd[29626]: Received disconnect from 220.177.198.31: 11: Bye Bye [preauth]
Apr 29 16:29:25 vps3 sshd[29628]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.177.198.31 user=root
Apr 29 16:29:28 vps3 sshd[29628]: Failed password for root from 220.177.198.31 port 51296 ssh2
Apr 29 16:29:28 vps3 sshd[29628]: Received disconnect from 220.177.198.31: 11: Bye Bye [preauth]
Apr 29 16:29:32 vps3 sshd[29630]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.177.198.31 user=root
Apr 29 16:29:34 vps3 sshd[29630]: Failed password for root from 220.177.198.31 port 54163 ssh2
Apr 29 16:29:35 vps3 sshd[29630]: Received disconnect from 220.177.198.31: 11: Bye Bye [preauth]
Apr 29 16:29:39 vps3 sshd[29632]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.177.198.31 user=root
Apr 29 16:29:41 vps3 sshd[29632]: Failed password for root from 220.177.198.31 port 57288 ssh2
Apr 29 16:29:42 vps3 sshd[29632]: Received disconnect from 220.177.198.31: 11: Bye Bye [preauth]