Jan  3 07:55:36 MK-Soft-VM4 sshd[29690]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.99.217.194 
Jan  3 07:55:38 MK-Soft-VM4 sshd[29690]: Failed password for invalid user wor from 167.99.217.194 port 35286 ssh2
...

\[2020-01-03 03:02:27\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-03T03:02:27.630-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="011972592277524",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.28.57/54219",ACLName="no_extension_match"
\[2020-01-03 03:05:21\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-03T03:05:21.829-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="011972595725636",SessionID="0x7f0fb4a5a908",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.28.57/49636",ACLName="no_extension_match"
\[2020-01-03 03:11:26\] SECURITY\[2857\] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-01-03T03:11:26.821-0500",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011972592277524",SessionID="0x7f0fb4812b98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/62.210.28.57/59220",ACLName="no_exten

Telnet/23 MH Probe, BF, Hack -

www.xn--netzfundstckderwoche-yec.de 164.160.91.23 [03/Jan/2020:05:48:12 +0100] "POST /wp-login.php HTTP/1.1" 200 6301 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
www.xn--netzfundstckderwoche-yec.de 164.160.91.23 [03/Jan/2020:05:48:13 +0100] "POST /xmlrpc.php HTTP/1.1" 200 4062 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"

Jan  3 05:42:45 dev0-dcde-rnet sshd[14531]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.231.81.222
Jan  3 05:42:47 dev0-dcde-rnet sshd[14531]: Failed password for invalid user vps from 89.231.81.222 port 53224 ssh2
Jan  3 05:48:23 dev0-dcde-rnet sshd[14678]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.231.81.222

...

Jan  3 09:30:13 [host] sshd[24708]: Invalid user bsmith from 106.54.106.194
Jan  3 09:30:13 [host] sshd[24708]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.54.106.194
Jan  3 09:30:15 [host] sshd[24708]: Failed password for invalid user bsmith from 106.54.106.194 port 50408 ssh2

Invalid user Esko from 51.158.103.85 port 51840

Automatic report - Port Scan Attack

Jan  3 09:27:43 debian-2gb-nbg1-2 kernel: \[299390.695520\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=45.136.108.116 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=245 ID=44511 PROTO=TCP SPT=51062 DPT=3489 WINDOW=1024 RES=0x00 SYN URGP=0

Jan  3 05:48:25 grey postfix/smtpd\[15720\]: NOQUEUE: reject: RCPT from unknown\[113.167.143.44\]: 554 5.7.1 Service unavailable\; Client host \[113.167.143.44\] blocked using dul.dnsbl.sorbs.net\; Dynamic IP Addresses See: http://www.sorbs.net/lookup.shtml\?113.167.143.44\; from=\ to=\ proto=ESMTP helo=\
...

Jan  3 09:20:56 vps691689 sshd[24874]: Failed password for root from 49.88.112.116 port 58033 ssh2
Jan  3 09:21:53 vps691689 sshd[24879]: Failed password for root from 49.88.112.116 port 53675 ssh2
...

Brute force SMTP login attempts.

Jan  3 06:05:41 haigwepa sshd[18843]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.254.141.18 
Jan  3 06:05:43 haigwepa sshd[18843]: Failed password for invalid user musikbot from 51.254.141.18 port 42556 ssh2
...

Jan  3 05:17:58 game-panel sshd[28331]: Failed password for root from 112.85.42.94 port 48982 ssh2
Jan  3 05:18:00 game-panel sshd[28331]: Failed password for root from 112.85.42.94 port 48982 ssh2
Jan  3 05:18:02 game-panel sshd[28331]: Failed password for root from 112.85.42.94 port 48982 ssh2