Some-one keeps on trying to enter my server for a couple of days now. I can't find any info on this IP address. He is scanning all my ports for 2 days now. Anything I can do about this?
Failed password for illegal user test from 218.111.85.10 port 53829 ssh2 (this goes on an on for many more portscans. about 6 pages logfile)
Failed password for root from 218.111.85.10 port 55035 ssh2 (also many pages in logfile on different ports)
Or is this "normal" and shouldn't I worry about that?
Hi,
218.111.85.10 (Reverse lookup failed) : whois.apnic.net
% [whois.apnic.net node-2]
% Whois data copyright terms
http://www.apnic.net/db/dbcopyright.htmlinetnum: 218.111.0.0 - 218.111.255.255
netname: XDSLSTREAMYX
descr: Telekom Malaysia Berhad
descr: Network Strategy
descr: 5th Floor, North Wing
descr: Menara Telekom
descr: Jalan Pantai Baru
descr: 50672 Kuala Lumpur
country: MY
admin-c: DA5-AP
tech-c: NA16-AP
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: MAINT-AP-STREAMYX
changed: hm-changed@apnic.net 20031112
source: APNIC
person: Darmataksiah Abai
nic-hdl: DA5-AP
e-mail: darma@telekom.com.my
address: Telekom Malaysia Berhad
address: Network Strategy
address: 5th Floor, North Wing
address: Menara Telekom
address: Jalan Pantai Baru
address: 50672 Kuala Lumpur
phone: +603-2240-7307
fax-no: +603-7958-2034
country: MY
mnt-by: MAINT-AP-STREAMYX
changed: hm-changed@apnic.net 20031112
source: APNIC
person: Napizah Alang Jaafar
nic-hdl: NA16-AP
e-mail: napizah@telekom.com.my
address: Telekom Malaysia Berhad
address: Network Strategy
address: 5th Floor, North Wing
address: Menara Telekom
address: Jalan Pantai Baru
address: 50672 Kuala Lumpur
phone: +603-2240-7327
fax-no: +603-7958-2034
country: MY
mnt-by: MAINT-AP-STREAMYX
changed: hm-changed@apnic.net 20031112
source: APNIC