IAAI
Very Senior Member
I have AC68U - Running Merlin's 42-2
I was working on the internet and suddenly got disconnected from 5GHz WiFi Switched to 2GHz and logged in to check log and found this :
I was running Chinese iPhone app called iTools from my computer (Copying Music)
http://www.itools.cn/multi_lang_pc_download.htm
restarted the router + Closed the app and still getting these attacks
Tracked the IP's , they come from the same location in China
"31 May 2014
116.10.191.216
116.10.191.173
ISP: China Telecom Guangxi
Nanning, Guangxi (16), China
Lat: 22.8167
Lon: 108.3167"
I was working on the internet and suddenly got disconnected from 5GHz WiFi Switched to 2GHz and logged in to check log and found this :
Code:
May 31 05:08:19 crond[546]: time disparity of 1794848 minutes detected
May 31 05:08:30 dropbear[787]: Child connection from 116.10.191.173:20146
May 31 05:08:32 dropbear[787]: Login attempt for nonexistent user from 116.10.191.173:20146
May 31 05:08:33 dropbear[787]: Login attempt for nonexistent user from 116.10.191.173:20146
May 31 05:08:33 dropbear[787]: Login attempt for nonexistent user from 116.10.191.173:20146
May 31 05:08:34 dropbear[787]: Login attempt for nonexistent user from 116.10.191.173:20146
May 31 05:08:34 dropbear[787]: Login attempt for nonexistent user from 116.10.191.173:20146
May 31 05:08:35 dropbear[787]: Login attempt for nonexistent user from 116.10.191.173:20146
May 31 05:08:36 dropbear[787]: Login attempt for nonexistent user from 116.10.191.173:20146
May 31 05:08:37 dropbear[787]: Login attempt for nonexistent user from 116.10.191.173:20146
May 31 05:08:38 dropbear[787]: Login attempt for nonexistent user from 116.10.191.173:20146
May 31 05:08:39 dropbear[787]: Login attempt for nonexistent user from 116.10.191.173:20146
May 31 05:08:39 dropbear[787]: Login attempt for nonexistent user from 116.10.191.173:20146
May 31 05:08:40 dropbear[787]: Exit before auth: Max auth tries reached - user 'is invalid' from 116.10.191.173:20146
May 31 05:08:40 dropbear[789]: Child connection from 116.10.191.173:23744
May 31 05:08:45 dropbear[789]: Login attempt for nonexistent user from 116.10.191.173:23744
May 31 05:08:45 dropbear[789]: Login attempt for nonexistent user from 116.10.191.173:23744
May 31 05:08:46 dropbear[789]: Login attempt for nonexistent user from 116.10.191.173:23744
May 31 05:08:46 dropbear[789]: Login attempt for nonexistent user from 116.10.191.173:23744
May 31 05:08:47 dropbear[789]: Login attempt for nonexistent user from 116.10.191.173:23744
May 31 05:08:47 kernel: br0: received packet on eth1 with own address as source address
May 31 05:08:48 dropbear[789]: Login attempt for nonexistent user from 116.10.191.173:23744
May 31 05:08:48 dropbear[789]: Login attempt for nonexistent user from 116.10.191.173:23744
May 31 05:08:49 dropbear[789]: Login attempt for nonexistent user from 116.10.191.173:23744
May 31 05:08:50 dropbear[789]: Login attempt for nonexistent user from 116.10.191.173:23744
May 31 05:08:50 dropbear[789]: Login attempt for nonexistent user from 116.10.191.173:23744
May 31 05:08:51 dropbear[789]: Login attempt for nonexistent user from 116.10.191.173:23744
May 31 05:08:51 dropbear[789]: Exit before auth: Max auth tries reached - user 'is invalid' from 116.10.191.173:23744
May 31 05:08:52 dropbear[790]: Child connection from 116.10.191.173:27670
May 31 05:08:54 dropbear[790]: Login attempt for nonexistent user from 116.10.191.173:27670
May 31 05:08:55 dropbear[790]: Login attempt for nonexistent user from 116.10.191.173:27670
May 31 05:08:55 dropbear[790]: Login attempt for nonexistent user from 116.10.191.173:27670
May 31 05:08:56 dropbear[790]: Login attempt for nonexistent user from 116.10.191.173:27670
May 31 05:08:56 dropbear[790]: Login attempt for nonexistent user from 116.10.191.173:27670
May 31 05:08:57 dropbear[790]: Login attempt for nonexistent user from 116.10.191.173:27670
May 31 05:08:58 dropbear[790]: Login attempt for nonexistent user from 116.10.191.173:27670
May 31 05:08:58 dropbear[790]: Login attempt for nonexistent user from 116.10.191.173:27670
May 31 05:09:02 dropbear[790]: Login attempt for nonexistent user from 116.10.191.173:27670
May 31 05:09:03 dropbear[790]: Login attempt for nonexistent user from 116.10.191.173:27670
May 31 05:09:04 dropbear[790]: Login attempt for nonexistent user from 116.10.191.173:27670
May 31 05:09:04 dropbear[790]: Exit before auth: Max auth tries reached - user 'is invalid' from 116.10.191.173:27670
May 31 05:09:05 dropbear[791]: Child connection from 116.10.191.173:31985
May 31 05:09:07 dropbear[791]: Login attempt for nonexistent user from 116.10.191.173:31985
May 31 05:09:08 dropbear[791]: Login attempt for nonexistent user from 116.10.191.173:31985
May 31 05:09:09 dropbear[791]: Login attempt for nonexistent user from 116.10.191.173:31985
May 31 05:09:10 dropbear[791]: Login attempt for nonexistent user from 116.10.191.173:31985
May 31 05:09:10 dropbear[791]: Login attempt for nonexistent user from 116.10.191.173:31985
May 31 05:09:11 dropbear[791]: Login attempt for nonexistent user from 116.10.191.173:31985
May 31 05:09:12 dropbear[791]: Login attempt for nonexistent user from 116.10.191.173:31985
May 31 05:09:12 dropbear[791]: Login attempt for nonexistent user from 116.10.191.173:31985
May 31 05:09:13 dropbear[791]: Login attempt for nonexistent user from 116.10.191.173:31985
May 31 05:09:14 dropbear[791]: Exit before auth: Error reading: Connection reset by peer
I was running Chinese iPhone app called iTools from my computer (Copying Music)
http://www.itools.cn/multi_lang_pc_download.htm
restarted the router + Closed the app and still getting these attacks
Tracked the IP's , they come from the same location in China
"31 May 2014
116.10.191.216
116.10.191.173
ISP: China Telecom Guangxi
Nanning, Guangxi (16), China
Lat: 22.8167
Lon: 108.3167"
Last edited: