Tag Archives: 60.173.26.69

[Fail2Ban] ssh: banned 60.173.26.69

Hi,

The IP 60.173.26.69 has just been banned by Fail2Ban after
6 attempts against ssh.

Here are more information about 60.173.26.69:

% [whois.apnic.net]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html

% Information related to ‘60.166.0.0 – 60.175.255.255’

inetnum: 60.166.0.0 – 60.175.255.255
netname: CHINANET-AH
descr: CHINANET anhui province network
descr: China Telecom
descr: A12,Xin-Jie-Kou-Wai Street
descr: Beijing 100088
country: CN
admin-c: CH93-AP
tech-c: JW89-AP
mnt-by: APNIC-HM
mnt-routes: MAINT-CHINANET-AH
mnt-lower: MAINT-CHINANET-AH
status: ALLOCATED PORTABLE
changed: hm-changed@apnic.net 20040721
source: APNIC

person: Chinanet Hostmaster
nic-hdl: CH93-AP
e-mail: anti-spam@ns.chinanet.cn.net
address: No.31 ,jingrong street,beijing
address: 100032
phone: +86-10-58501724
fax-no: +86-10-58501724
country: CN
changed: dingsy@cndata.com 20070416
changed: zhengzm@gsta.com 20140227
mnt-by: MAINT-CHINANET
source: APNIC

person: Jinneng Wang
address: 17/F, Postal Building No.120 Changjiang
address: Middle Road, Hefei, Anhui, China
country: CN
phone: +86-551-2659073
fax-no: +86-551-2659287
e-mail: ahdata@189.cn
nic-hdl: JW89-AP
mnt-by: MAINT-CHINANET-AH
changed: wang@mail.hf.ah.cninfo.net 19990818
changed: hm-changed@apnic.net 20140221
source: APNIC

% This query was served by the APNIC Whois Service version 1.69.1-APNICv1r0 (WHOIS2)

Lines containing IP:60.173.26.69 in /var/log/auth.log

Apr 25 19:31:41 vps3 sshd[11271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.173.26.69 user=root
Apr 25 19:31:43 vps3 sshd[11271]: Failed password for root from 60.173.26.69 port 13398 ssh2
Apr 25 19:31:43 vps3 sshd[11271]: Received disconnect from 60.173.26.69: 11: Normal Shutdown, Thank you for playing [preauth]
Apr 25 19:31:45 vps3 sshd[11273]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.173.26.69 user=root
Apr 25 19:31:46 vps3 sshd[11273]: Failed password for root from 60.173.26.69 port 14250 ssh2
Apr 25 19:31:46 vps3 sshd[11273]: Received disconnect from 60.173.26.69: 11: Normal Shutdown, Thank you for playing [preauth]
Apr 25 19:31:48 vps3 sshd[11275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.173.26.69 user=root
Apr 25 19:31:50 vps3 sshd[11275]: Failed password for root from 60.173.26.69 port 15008 ssh2
Apr 25 19:31:50 vps3 sshd[11275]: Received disconnect from 60.173.26.69: 11: Normal Shutdown, Thank you for playing [preauth]
Apr 25 19:31:52 vps3 sshd[11277]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.173.26.69 user=root
Apr 25 19:31:54 vps3 sshd[11277]: Failed password for root from 60.173.26.69 port 15848 ssh2
Apr 25 19:31:54 vps3 sshd[11277]: Received disconnect from 60.173.26.69: 11: Normal Shutdown, Thank you for playing [preauth]
Apr 25 19:31:56 vps3 sshd[11280]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.173.26.69 user=root
Apr 25 19:31:58 vps3 sshd[11280]: Failed password for root from 60.173.26.69 port 16657 ssh2
Apr 25 19:31:58 vps3 sshd[11280]: Received disconnect from 60.173.26.69: 11: Normal Shutdown, Thank you for playing [preauth]
Apr 25 19:32:00 vps3 sshd[11282]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.173.26.69 user=root
Apr 25 19:32:01 vps3 sshd[11282]: Failed password for root from 60.173.26.69 port 17537 ssh2
Apr 25 19:32:02 vps3 sshd[11282]: Received disconnect from 60.173.26.69: 11: Normal Shutdown, Thank you for playing [preauth]
Apr 25 19:32:03 vps3 sshd[11284]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=60.173.26.69 user=root