| unban | # | remove | id | IP | jail | country | rdns | loglines | timestamp | ports | protocol | hostname | failures |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| 40181 | 45.148.10.119 | apache-auth | NL, Netherlands | [Wed Mar 11 07:37:24.367148 2026] [access_compat:error] [pid 3025346:tid 3025448] [client 45.148.10.119:43220] AH01797: client denied by server configuration: /var/www/nextcloud/config/aws.php | 2026-03-11 06:37:25 | ||||||||
| 40180 | 102.244.220.224 | postfix-sasl | CM, Cameroon | 2026-03-11T04:17:19.096759+01:00 server postfix/submission/smtpd[3030608]: warning: unknown[102.244.220.224]: SASL PLAIN authentication failed: (reason unavailable), sasl_username=theo@langstraatonline.nl | 2026-03-11 03:17:22 | ||||||||
| 40179 | 185.177.72.56 | apache-auth | GB, United Kingdom | [Tue Mar 10 15:37:18.252352 2026] [authz_core:error] [pid 2863517:tid 2863591] [client 185.177.72.56:9288] AH01630: client denied by server configuration: /var/www/Pure-FTPd/server-status | 2026-03-10 14:37:23 | ||||||||
| 40173 | 185.177.72.22 | apache-auth | GB, United Kingdom | [Sat Mar 07 11:04:12.967583 2026] [authz_core:error] [pid 2403423:tid 2403472] [client 185.177.72.22:8640] AH01630: client denied by server configuration: /var/www/Pure-FTPd/server-status | 2026-03-07 10:04:20 | ||||||||
| 40170 | 62.60.130.63 | postfix-sasl | IR, Iran, Islamic Republic of | 2026-03-04T22:44:08.453107+01:00 server postfix/smtps/smtpd[1989476]: warning: unknown[62.60.130.63]: SASL LOGIN authentication failed: (reason unavailable), sasl_username=demo1@langstraatonline.nl | 2026-03-04 21:44:09 | ||||||||
| 40158 | 45.91.64.6 | apache-auth | ES, Spain | [Wed Mar 04 17:35:05.166143 2026] [authz_core:error] [pid 1838857:tid 1838955] [client 45.91.64.6:40940] AH01630: client denied by server configuration: /var/www/Pure-FTPd/server-status | 2026-03-04 16:35:06 | ||||||||
| 40140 | 185.177.72.52 | apache-auth | GB, United Kingdom | [Mon Mar 02 01:34:53.889541 2026] [authz_core:error] [pid 1641953:tid 1642047] [client 185.177.72.52:35050] AH01630: client denied by server configuration: /var/www/mail/console | 2026-03-02 00:34:59 | ||||||||
| 39852 | 94.102.49.155 | apache-auth | NL, Netherlands | [Sun Feb 08 08:25:58.719214 2026] [authz_core:error] [pid 1816923:tid 1816997] [client 94.102.49.155:49572] AH01630: client denied by server configuration: /var/www/Pure-FTPd/server-status | 2026-02-08 07:26:00 |
Analyse
Nach drei Tagen wurden 399 SSHD-Angriffe registriert. Dies führte zu einer Änderung der Portnummer. Port 22 ist offenbar bei Hackern sehr beliebt. Interessanterweise entfallen fast die Hälfte der Angriffe auf die USA mit 94 und China mit 86 Angriffen. Russland belegt mit 14 Angriffen den achten Platz.
Apache- und Dovecot-Angriffe wurden in diesem Zeitraum „nur“ 16 bzw. 9 Mal registriert.