(sshd) Failed SSH login from 51.68.196.163 (GB/United Kingdom/163.ip-51-68-196.eu): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jul 11 10:23:19 srv sshd[30163]: Invalid user talibanu from 51.68.196.163 port 34228
Jul 11 10:23:22 srv sshd[30163]: Failed password for invalid user talibanu from 51.68.196.163 port 34228 ssh2
Jul 11 10:40:05 srv sshd[30623]: Invalid user dhcp from 51.68.196.163 port 47106
Jul 11 10:40:08 srv sshd[30623]: Failed password for invalid user dhcp from 51.68.196.163 port 47106 ssh2
Jul 11 10:43:43 srv sshd[30687]: Invalid user asus from 51.68.196.163 port 39906

CMS (WordPress or Joomla) login attempt.

Jul 11 12:33:05 vpn01 sshd[5699]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=151.80.140.166
Jul 11 12:33:07 vpn01 sshd[5699]: Failed password for invalid user smith from 151.80.140.166 port 52688 ssh2
...

 TCP (SYN) 60.170.126.12:39167 -> port 23, len 44

1594439408 - 07/11/2020 05:50:08 Host: 42.114.162.15/42.114.162.15 Port: 445 TCP Blocked

TCP ports : 22 / 2211 / 7788 / 7997 / 8877 / 8899 / 9988 / 40022

 TCP (SYN) 180.242.181.219:27529 -> port 23, len 44

$f2bV_matches

firewall-block, port(s): 80/tcp

W 5701,/var/log/auth.log,-,-

Automated report (2020-07-11T12:20:47+08:00). Faked user agent detected.

35.186.173.231 - - [11/Jul/2020:10:54:42 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1910 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
35.186.173.231 - - [11/Jul/2020:10:54:43 +0100] "POST /wp/wp-login.php HTTP/1.1" 200 1900 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
35.186.173.231 - - [11/Jul/2020:10:54:44 +0100] "POST /wp/xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

SSH invalid-user multiple login try

$f2bV_matches

Brute-force attempt banned