Yesterday came another round of break-in attempts (all from the same person). Reported to the FBI:
elsmar.com login failures:
Sep 15 17:04:38 elsmar proftpd[24255]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:04:49 elsmar proftpd[24311]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:05:04 elsmar proftpd[24419]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:05:10 elsmar proftpd[24716]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:05:25 elsmar proftpd[24791]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:05:37 elsmar proftpd[24936]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:05:40 elsmar proftpd[24954]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:05:52 elsmar proftpd[25067]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:06:24 elsmar proftpd[25324]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:06:29 elsmar proftpd[25346]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:06:42 elsmar proftpd[25404]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:06:51 elsmar proftpd[25521]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:06:53 elsmar proftpd[25545]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:03 elsmar proftpd[25605]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:07 elsmar proftpd[25668]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:18 elsmar proftpd[25711]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:22 elsmar proftpd[25762]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:27 elsmar proftpd[25836]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:33 elsmar proftpd[25868]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:38 elsmar proftpd[25909]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:55 elsmar proftpd[26003]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:08:01 elsmar proftpd[26147]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
-- End of security output --
Identified as:
domain: qsc.de
descr: QSC AG
descr: Mathias-Brueggen-Str. 55
descr: D-50829 Koeln
descr: Germany
nserver: ns01.qsc.de 213.148.129.11
nserver: ns02.qsc.de 213.148.130.11
status: connect
changed: 20030210 165502
source: DENIC
[admin-c]
Type: PERSON
Name: Christian Ebert
Address: QSC AG
Address: Mathias-Brueggen-Str. 55
City: Koeln
Pcode: 50829
Country: DE
Changed: 20020228 093428
Source: DENIC
[tech-c][zone-c]
Type: ROLE
Name: QSC Hostmaster
Address: QSC AG
Address: Mathias-Brueggen-Str. 55
City: Koeln
Pcode: 50829
Country: DE
Phone: +49 221 66 98 000
Fax: +49 221 66 98 009
Email: [email protected]
Changed: 20020228 094104
Source: DENIC
elsmar.com login failures:
Sep 15 17:04:38 elsmar proftpd[24255]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:04:49 elsmar proftpd[24311]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:05:04 elsmar proftpd[24419]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:05:10 elsmar proftpd[24716]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:05:25 elsmar proftpd[24791]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:05:37 elsmar proftpd[24936]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:05:40 elsmar proftpd[24954]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:05:52 elsmar proftpd[25067]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:06:24 elsmar proftpd[25324]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:06:29 elsmar proftpd[25346]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:06:42 elsmar proftpd[25404]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:06:51 elsmar proftpd[25521]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:06:53 elsmar proftpd[25545]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:03 elsmar proftpd[25605]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:07 elsmar proftpd[25668]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:18 elsmar proftpd[25711]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:22 elsmar proftpd[25762]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:27 elsmar proftpd[25836]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:33 elsmar proftpd[25868]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:38 elsmar proftpd[25909]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:07:55 elsmar proftpd[26003]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
Sep 15 17:08:01 elsmar proftpd[26147]: elsmar.com (212.202.36.38[212.202.36.38]) - USER www (Login failed): Incorrect password.
-- End of security output --
Identified as:
domain: qsc.de
descr: QSC AG
descr: Mathias-Brueggen-Str. 55
descr: D-50829 Koeln
descr: Germany
nserver: ns01.qsc.de 213.148.129.11
nserver: ns02.qsc.de 213.148.130.11
status: connect
changed: 20030210 165502
source: DENIC
[admin-c]
Type: PERSON
Name: Christian Ebert
Address: QSC AG
Address: Mathias-Brueggen-Str. 55
City: Koeln
Pcode: 50829
Country: DE
Changed: 20020228 093428
Source: DENIC
[tech-c][zone-c]
Type: ROLE
Name: QSC Hostmaster
Address: QSC AG
Address: Mathias-Brueggen-Str. 55
City: Koeln
Pcode: 50829
Country: DE
Phone: +49 221 66 98 000
Fax: +49 221 66 98 009
Email: [email protected]
Changed: 20020228 094104
Source: DENIC