Jun  5 21:18:06 debian-2gb-nbg1-2 kernel: \[13643438.920290\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=195.54.160.107 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=14733 PROTO=TCP SPT=8080 DPT=4086 WINDOW=1024 RES=0x00 SYN URGP=0

Jun  5 18:18:40 game-panel sshd[28553]: Failed password for root from 152.250.252.179 port 37934 ssh2
Jun  5 18:22:14 game-panel sshd[28751]: Failed password for root from 152.250.252.179 port 33524 ssh2

Unauthorized connection attempt detected from IP address 185.56.80.46 to port 8089

(sshd) Failed SSH login from 203.162.13.68 (VN/Vietnam/static.vnpt.vn): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun  5 16:44:46 ubnt-55d23 sshd[3956]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=203.162.13.68  user=root
Jun  5 16:44:48 ubnt-55d23 sshd[3956]: Failed password for root from 203.162.13.68 port 43160 ssh2

Jun  5 21:20:53 server dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.234.219.224, lip=172.104.140.148, session=
Jun  5 21:22:02 server dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.234.219.224, lip=172.104.140.148, session=
Jun  5 21:22:09 server dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 6 secs): user=, method=PLAIN, rip=185.234.219.224, lip=172.104.140.148, session=
Jun  5 21:24:29 server dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.234.219.224, lip=172.104.140.148, session=<7xGlNVunjMC56tvg>
Jun  5 21:26:15 server dovecot: pop3-login: Aborted login (auth failed, 1 attempts in 2 secs): user=, method=PLAIN, rip=185.234.219.224, lip=1
...

Bruteforce detected by fail2ban

5x Failed Password

Jun  5 15:00:09 master sshd[2516]: Failed password for root from 186.33.216.36 port 58408 ssh2
Jun  5 15:06:50 master sshd[2523]: Failed password for root from 186.33.216.36 port 38836 ssh2
Jun  5 15:09:44 master sshd[2562]: Failed password for root from 186.33.216.36 port 58735 ssh2
Jun  5 15:12:34 master sshd[2599]: Failed password for root from 186.33.216.36 port 50402 ssh2
Jun  5 15:15:15 master sshd[2640]: Failed password for root from 186.33.216.36 port 42068 ssh2
Jun  5 15:17:59 master sshd[2647]: Failed password for root from 186.33.216.36 port 33734 ssh2
Jun  5 15:20:39 master sshd[2684]: Failed password for root from 186.33.216.36 port 53633 ssh2
Jun  5 15:23:29 master sshd[2686]: Failed password for root from 186.33.216.36 port 45300 ssh2
Jun  5 15:26:12 master sshd[2688]: Failed password for root from 186.33.216.36 port 36966 ssh2
Jun  5 15:29:03 master sshd[2692]: Failed password for root from 186.33.216.36 port 56865 ssh2

Jun  5 21:57:41 localhost sshd[361436]: Unable to negotiate with 60.191.20.213 port 45534: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth]
...

Hits on port : 9030

Jun  5 19:15:02 localhost sshd[2769]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.238.159  user=root
Jun  5 19:15:04 localhost sshd[2769]: Failed password for root from 167.172.238.159 port 57368 ssh2
Jun  5 19:19:04 localhost sshd[3275]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.238.159  user=root
Jun  5 19:19:07 localhost sshd[3275]: Failed password for root from 167.172.238.159 port 60032 ssh2
Jun  5 19:22:54 localhost sshd[3718]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=167.172.238.159  user=root
Jun  5 19:22:55 localhost sshd[3718]: Failed password for root from 167.172.238.159 port 34466 ssh2
...

Jun  5 15:14:24 PorscheCustomer sshd[29102]: Failed password for root from 157.230.47.241 port 49590 ssh2
Jun  5 15:17:09 PorscheCustomer sshd[29212]: Failed password for root from 157.230.47.241 port 33014 ssh2
...

firewall-block, port(s): 2000/tcp

Jun  5 13:30:28 game-panel sshd[16021]: Failed password for root from 106.52.137.134 port 50128 ssh2
Jun  5 13:35:01 game-panel sshd[16168]: Failed password for root from 106.52.137.134 port 43558 ssh2

$f2bV_matches