2020-07-20T09:57:43.256830vps1033 sshd[19768]: Invalid user Administrator from 122.114.11.101 port 33173
2020-07-20T09:57:43.259501vps1033 sshd[19768]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.114.11.101
2020-07-20T09:57:43.256830vps1033 sshd[19768]: Invalid user Administrator from 122.114.11.101 port 33173
2020-07-20T09:57:45.521900vps1033 sshd[19768]: Failed password for invalid user Administrator from 122.114.11.101 port 33173 ssh2
2020-07-20T10:01:37.602118vps1033 sshd[28040]: Invalid user sha from 122.114.11.101 port 57249
...

Jul 20 05:31:04 hostnameghostname sshd[25508]: Invalid user lk from 106.13.166.122
Jul 20 05:31:06 hostnameghostname sshd[25508]: Failed password for invalid user lk from 106.13.166.122 port 59048 ssh2
Jul 20 05:32:54 hostnameghostname sshd[25818]: Invalid user adv from 106.13.166.122
Jul 20 05:32:57 hostnameghostname sshd[25818]: Failed password for invalid user adv from 106.13.166.122 port 51122 ssh2
Jul 20 05:34:19 hostnameghostname sshd[26093]: Invalid user family from 106.13.166.122
Jul 20 05:34:22 hostnameghostname sshd[26093]: Failed password for invalid user family from 106.13.166.122 port 38266 ssh2
Jul 20 05:35:36 hostnameghostname sshd[26327]: Invalid user postgres from 106.13.166.122
Jul 20 05:35:39 hostnameghostname sshd[26327]: Failed password for invalid user postgres from 106.13.166.122 port 53636 ssh2
Jul 20 05:36:53 hostnameghostname sshd[26566]: Invalid user wsk from 106.13.166.122
Jul 20 05:36:54 hostnameghostname sshd[26566]: Failed password for inva........
------------------------------

Fail2Ban - SSH Bruteforce Attempt

" "

firewall-block, port(s): 23/tcp

Jul 20 12:47:00 eventyay sshd[31785]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.31.34
Jul 20 12:47:02 eventyay sshd[31785]: Failed password for invalid user xinpeng from 150.136.31.34 port 45704 ssh2
Jul 20 12:50:59 eventyay sshd[31955]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.136.31.34
...

2020-07-20T10:54:11.711502shield sshd\[27611\]: Invalid user qsb from 51.79.145.158 port 34920
2020-07-20T10:54:11.721007shield sshd\[27611\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-e4a844d8.vps.ovh.ca
2020-07-20T10:54:13.777952shield sshd\[27611\]: Failed password for invalid user qsb from 51.79.145.158 port 34920 ssh2
2020-07-20T10:58:33.880991shield sshd\[28979\]: Invalid user one from 51.79.145.158 port 48960
2020-07-20T10:58:33.889714shield sshd\[28979\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=vps-e4a844d8.vps.ovh.ca

Failed password for invalid user lyx from 86.61.66.59 port 39345 ssh2

Automatic report - Port Scan Attack

Jul 20 13:26:49 db sshd[24443]: Invalid user admin from 142.93.212.91 port 55586
...

[2020-07-20 07:40:06] NOTICE[1277] chan_sip.c: Registration from '"1007" ' failed for '103.145.12.209:5614' - Wrong password
[2020-07-20 07:40:06] SECURITY[1295] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-07-20T07:40:06.818-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1007",SessionID="0x7f1754188e58",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/103.145.12.209/5614",Challenge="2c487982",ReceivedChallenge="2c487982",ReceivedHash="9e38023216166b52ba8ae3268a751515"
[2020-07-20 07:40:06] NOTICE[1277] chan_sip.c: Registration from '"1007" ' failed for '103.145.12.209:5614' - Wrong password
[2020-07-20 07:40:06] SECURITY[1295] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-07-20T07:40:06.934-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="1007",SessionID="0x7f17541b8598",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP
...

Jul 20 11:18:06 l02a sshd[21269]: Invalid user tominaga from 159.65.130.78
Jul 20 11:18:06 l02a sshd[21269]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=muellers.do1.sogency.com 
Jul 20 11:18:06 l02a sshd[21269]: Invalid user tominaga from 159.65.130.78
Jul 20 11:18:09 l02a sshd[21269]: Failed password for invalid user tominaga from 159.65.130.78 port 44112 ssh2

srv02 Mass scanning activity detected Target: 22296  ..

(sshd) Failed SSH login from 176.122.166.102 (US/United States/-): 5 in the last 3600 secs

CMS (WordPress or Joomla) login attempt.