Wedew 3 hari yang melelahkan  :cd setelah dapat attack terpaksa deh menutup port ssh, :hammer
for log file

=>MONGGO di simak  :cystg

Nov 15 23:00:00 unting newsyslog[6520]: logfile turned over due to size>100K
Nov 15 23:01:49 unting sshd[6541]: error: PAM: authentication error for root from 93.157.210.254
Nov 15 23:04:22 unting sshd[6544]: Did not receive identification string from 209.90.115.126
Nov 15 23:18:40 unting sshd[6569]: error: PAM: authentication error for root from 124.193.106.231
Nov 16 00:08:42 unting sshd[6687]: Address 190.1.159.185 maps to adsl-pool2-185.metrotel.net.co, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!

Nov 16 00:08:43 unting sshd[6687]: error: PAM: authentication error for root from 190.1.159.185
Nov 16 00:41:18 unting sshd[6779]: error: PAM: authentication error for root from 124.193.106.231
Nov 16 01:15:08 unting sshd[6872]: error: PAM: authentication error for root from 115-186-131-106.nayatel.pk
Nov 16 01:31:26 unting sshd[6900]: Address 190.1.159.185 maps to adsl-pool2-185.metrotel.net.co, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!
Nov 16 01:31:27 unting sshd[6900]: error: PAM: authentication error for root from 190.1.159.185
Nov 16 01:48:08 unting sshd[6940]: error: PAM: authentication error for root from 124.193.106.231
Nov 16 02:05:34 unting sshd[6996]: error: PAM: authentication error for root from 122.229.6.189
Nov 16 02:22:29 unting sshd[7036]: error: PAM: authentication error for root from 124.193.106.231
Nov 16 02:39:42 unting sshd[7066]: error: PAM: authentication error for root from 117.123.175.86
Nov 16 02:56:28 unting sshd[7107]: error: PAM: authentication error for root from informatika.brkk.hu
Nov 16 03:13:12 unting sshd[7442]: error: PAM: authentication error for root from 93.157.210.254
Nov 16 03:31:02 unting sshd[7470]: error: PAM: authentication error for root from 93.157.210.254
Nov 16 03:47:42 unting sshd[7517]: reverse mapping checking getaddrinfo for 166.129.109.202.dial.nc.jx.dynamic.163data.com.cn [202.109.129.166] failed – POSSIBLE BREAK-IN ATTEMPT!
Nov 16 03:47:43 unting sshd[7517]: error: PAM: authentication error for root from 202.109.129.166
Nov 16 04:04:56 unting sshd[7586]: Invalid user nagios from 183.62.134.34
Nov 16 04:04:59 unting sshd[7588]: error: PAM: authentication error for root from 115-186-131-75.nayatel.pk
Nov 16 04:04:59 unting sshd[7589]: Invalid user nagios from 183.62.134.34
Nov 16 04:05:09 unting sshd[7593]: Invalid user nagios from 183.62.134.34
Nov 16 04:05:11 unting sshd[7598]: Invalid user nagios from 183.62.134.34
Nov 16 04:05:14 unting sshd[7600]: Invalid user nagios from 183.62.134.34
Nov 16 04:05:17 unting sshd[7602]: Invalid user nagios from 183.62.134.34
Nov 16 04:05:20 unting sshd[7604]: Invalid user nagios from 183.62.134.34
Nov 16 04:05:22 unting sshd[7606]: Invalid user nagios from 183.62.134.34
Nov 16 04:05:58 unting sshd[7626]: Invalid user transfer from 183.62.134.34
Nov 16 04:06:00 unting sshd[7628]: Invalid user transfer from 183.62.134.34
Nov 16 04:06:03 unting sshd[7630]: Invalid user transfer from 183.62.134.34
Nov 16 04:06:06 unting sshd[7632]: Invalid user transfer from 183.62.134.34
Nov 16 04:06:17 unting sshd[7640]: Invalid user oracle from 183.62.134.34
Nov 16 04:06:20 unting sshd[7642]: Invalid user oracle from 183.62.134.34
Nov 16 04:06:23 unting sshd[7644]: Invalid user oracle from 183.62.134.34
Nov 16 04:06:26 unting sshd[7646]: Invalid user oracle from 183.62.134.34
Nov 16 04:06:29 unting sshd[7648]: Invalid user oracle from 183.62.134.34
Nov 16 04:06:32 unting sshd[7650]: Invalid user oracle from 183.62.134.34
Nov 16 04:06:34 unting sshd[7652]: Invalid user user from 183.62.134.34
Nov 16 04:06:37 unting sshd[7654]: Invalid user user from 183.62.134.34
Nov 16 04:06:40 unting sshd[7656]: Invalid user user from 183.62.134.34
Nov 16 04:06:43 unting sshd[7658]: Invalid user user from 183.62.134.34
Nov 16 04:06:48 unting sshd[7660]: Invalid user user from 183.62.134.34
Nov 16 04:06:51 unting sshd[7662]: Invalid user user from 183.62.134.34
Nov 16 04:07:10 unting sshd[7676]: Invalid user ftpguest from 183.62.134.34
Nov 16 04:07:13 unting sshd[7678]: Invalid user ftpguest from 183.62.134.34
Nov 16 04:07:16 unting sshd[7680]: Invalid user ftpguest from 183.62.134.34
Nov 16 04:07:18 unting sshd[7682]: Invalid user ftpguest from 183.62.134.34
Nov 16 04:07:21 unting sshd[7684]: Invalid user student from 183.62.134.34
Nov 16 04:07:24 unting sshd[7686]: Invalid user student from 183.62.134.34
Nov 16 04:07:26 unting sshd[7688]: Invalid user student from 183.62.134.34
Nov 16 04:07:29 unting sshd[7690]: Invalid user student from 183.62.134.34
Nov 16 04:07:32 unting sshd[7692]: Invalid user student from 183.62.134.34
Nov 16 04:09:03 unting sshd[7759]: Invalid user teamspeam from 183.62.134.34
Nov 16 04:09:06 unting sshd[7762]: Invalid user ts from 183.62.134.34
Nov 16 04:09:09 unting sshd[7764]: Invalid user ts3 from 183.62.134.34
Nov 16 04:22:09 unting sshd[7790]: error: PAM: authentication error for root from 122.229.6.189
Nov 16 04:39:52 unting sshd[7833]: error: PAM: authentication error for root from 122.229.6.189
Nov 16 04:56:32 unting sshd[7874]: error: PAM: authentication error for root from 95.155.122.12
Nov 16 05:15:09 unting sshd[7932]: error: PAM: authentication error for root from 95.155.122.12
Nov 16 05:50:51 unting sshd[8011]: reverse mapping checking getaddrinfo for 166.129.109.202.dial.nc.jx.dynamic.163data.com.cn [202.109.129.166] failed – POSSIBLE BREAK-IN ATTEMPT!
Nov 16 05:50:51 unting sshd[8011]: error: PAM: authentication error for root from 202.109.129.166
Nov 16 06:08:32 unting sshd[8061]: error: PAM: authentication error for root from informatika.brkk.hu
Nov 16 06:26:47 unting sshd[8104]: error: PAM: authentication error for root from 222.107.61.161
Nov 16 06:43:55 unting sshd[8131]: error: PAM: authentication error for root from 190.144.81.234
Nov 16 07:02:13 unting sshd[8197]: error: PAM: authentication error for root from 122.229.6.189
Nov 16 07:19:44 unting sshd[8224]: error: PAM: authentication error for root from 187.53.57.247
Nov 16 07:53:25 unting sshd[8289]: error: PAM: authentication error for root from 95.155.122.12
Nov 16 08:11:22 unting sshd[8357]: Address 190.2.3.85 maps to customer-static-2-3-85.iplannetworks.net, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!
Nov 16 08:11:23 unting sshd[8357]: error: PAM: authentication error for root from 190.2.3.85
Nov 16 08:29:01 unting sshd[8382]: error: PAM: authentication error for root from 95.155.122.12
Nov 16 08:47:02 unting sshd[8425]: error: PAM: authentication error for root from 122.229.6.189
Nov 16 09:04:45 unting sshd[8475]: error: PAM: authentication error for root from 95.155.122.12
Nov 16 09:22:25 unting sshd[8518]: error: PAM: authentication error for root from 190.144.81.234
Nov 16 09:40:18 unting sshd[8548]: error: PAM: authentication error for root from 190.144.81.234
Nov 16 09:57:39 unting sshd[8586]: error: PAM: authentication error for root from 115-186-131-75.nayatel.pk
Nov 16 10:15:17 unting sshd[8641]: error: PAM: authentication error for root from 93.157.210.254
Nov 16 10:50:27 unting sshd[8708]: error: PAM: authentication error for root from 208.124.238.246
Nov 16 11:07:38 unting sshd[8758]: Address 190.29.2.204 maps to static-adsl190-29-2-204.une.net.co, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!
Nov 16 11:07:39 unting sshd[8758]: error: PAM: authentication error for root from 190.29.2.204
Nov 16 11:27:03 unting sshd[8801]: error: PAM: authentication error for root from 122.229.6.189
Nov 16 11:43:45 unting sshd[8828]: error: PAM: authentication error for root from 117.123.175.86
Nov 16 12:19:20 unting sshd[8920]: Address 190.2.3.85 maps to customer-static-2-3-85.iplannetworks.net, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!
Nov 16 12:19:21 unting sshd[8920]: error: PAM: authentication error for root from 190.2.3.85
Nov 16 12:37:39 unting sshd[8961]: error: PAM: authentication error for root from 222.107.61.161
Nov 16 12:55:53 unting sshd[9004]: error: PAM: authentication error for root from 93.157.210.254
Nov 16 13:13:45 unting sshd[9056]: error: PAM: authentication error for root from 190.144.1.98
Nov 16 13:30:58 unting sshd[9084]: error: PAM: authentication error for root from 190.144.81.234
Nov 16 13:48:49 unting sshd[9124]: error: PAM: authentication error for root from 122.229.6.189
Nov 16 14:20:03 unting sshd[9198]: error: PAM: authentication error for root from find-bg.com
Nov 16 14:24:52 unting sshd[9217]: error: PAM: authentication error for root from 117.123.175.86
Nov 16 14:42:22 unting sshd[9247]: error: PAM: authentication error for root from 190.144.1.98
Nov 16 15:00:51 unting sshd[9314]: error: PAM: authentication error for root from 208.124.238.246
Nov 16 15:18:54 unting sshd[9341]: error: PAM: authentication error for root from 222.107.61.161
Nov 16 15:36:15 unting sshd[9382]: error: PAM: authentication error for root from 115-186-131-106.nayatel.pk
Nov 16 15:54:45 unting sshd[9409]: error: PAM: authentication error for root from 208.124.238.246
Nov 16 16:04:53 unting su: unting to root on /dev/ttyp0
Nov 16 16:12:45 unting sshd[9487]: error: PAM: authentication error for root from 115-186-131-75.nayatel.pk
Nov 16 16:30:28 unting sshd[9518]: error: PAM: authentication error for root from 95.155.122.12
Nov 16 16:48:37 unting sshd[9558]: error: PAM: authentication error for root from 122.229.6.189
Nov 16 17:06:30 unting sshd[9611]: error: PAM: authentication error for root from informatika.brkk.hu
Nov 16 17:41:13 unting sshd[9680]: error: PAM: authentication error for root from 95.155.122.12
Nov 16 17:59:31 unting sshd[9719]: Address 190.29.2.204 maps to static-adsl190-29-2-204.une.net.co, but this does not map back to the address – POSSIBLE BREAK-IN ATTEMPT!
Nov 16 17:59:31 unting sshd[9719]: error: PAM: authentication error for root from 190.29.2.204
Nov 16 18:18:00 unting sshd[9774]: error: PAM: authentication error for root from 122.229.6.189
Nov 16 18:35:05 unting sshd[9815]: error: PAM: authentication error for root from 95.155.122.12
Nov 16 18:52:30 unting sshd[9843]: error: PAM: authentication error for root from 93.157.210.254
Nov 16 19:27:56 unting sshd[9933]: Accepted keyboard-interactive/pam for unting from 192.168.0.200 port 1957 ssh2
Nov 16 19:28:01 unting su: unting to root on /dev/ttyp0
Nov 16 19:29:05 unting sshd[9943]: error: PAM: authentication error for root from 208.124.238.246
Nov 16 19:46:46 unting sshd[9986]: error: PAM: authentication error for root from 124.193.106.231
Nov 16 19:48:57 unting sshd[9989]: Did not receive identification string from 180.149.62.227
Nov 16 19:52:33 unting sshd[9995]: Invalid user fluffy from 180.149.62.227
Nov 16 20:05:24 unting sshd[10048]: error: PAM: authentication error for root from adsl-70-247-71-201.dsl.hrlntx.swbell.net
Nov 16 20:40:43 unting sshd[10115]: error: PAM: authentication error for root from 212.174.45.37
Nov 16 20:57:58 unting sshd[10154]: error: PAM: authentication error for root from 190.144.81.234
Nov 16 21:01:12 unting sshd[10185]: Accepted keyboard-interactive/pam for unting from 192.168.0.200 port 3297 ssh2
Nov 16 21:01:18 unting su: unting to root on /dev/ttyp1
Nov 16 21:15:10 unting sshd[10226]: error: PAM: authentication error for root from 187.53.57.247
Nov 16 21:16:00 unting login: 2 LOGIN FAILURES ON ttyv1
Nov 16 21:16:00 unting login: 2 LOGIN FAILURES ON ttyv1, a
Nov 16 21:16:16 unting login: 2 LOGIN FAILURES ON ttyv1
Nov 16 21:16:57 unting login: 2 LOGIN FAILURES ON ttyv1
Nov 16 21:16:57 unting login: 2 LOGIN FAILURES ON ttyv1, exit
Nov 16 21:17:03 unting login: login on ttyv1 as root
Nov 16 21:17:03 unting login: ROOT LOGIN (root) ON ttyv1
Nov 16 21:32:43 unting sshd[896]: error: PAM: authentication error for root from 95.155.122.12
Nov 16 21:38:41 unting su: unting to root on /dev/ttyp1
Nov 16 21:50:35 unting sshd[976]: error: PAM: authentication error for root from 115-186-131-75.nayatel.pk
Nov 16 21:51:50 unting sshd[979]: reverse mapping checking getaddrinfo for 93.subnet125-164-232.speedy.telkom.net.id [125.164.232.93] failed – POSSIBLE BREAK-IN ATTEMPT!
Nov 16 21:52:03 unting sshd[979]: Accepted keyboard-interactive/pam for unting from 125.164.232.93 port 49531 ssh2
Nov 16 22:08:10 unting sshd[1058]: error: PAM: authentication error for root from 190.144.81.234
Nov 16 22:26:13 unting sshd[1104]: error: PAM: authentication error for root from 95.155.122.12
Nov 16 23:00:37 unting sshd[1214]: error: PAM: authentication error for root from 95.155.122.12
Nov 16 23:18:55 unting sshd[1309]: error: PAM: authentication error for root from 122.229.6.189
Nov 16 23:36:02 unting sshd[1352]: error: PAM: authentication error for root from 201.227.239.11
Nov 16 23:53:17 unting sshd[1380]: error: PAM: authentication error for root from 180.168.5.184
Nov 17 00:10:03 unting sshd[1439]: error: PAM: authentication error for root from 124.193.106.231
Nov 17 00:27:35 unting sshd[1477]: error: PAM: authentication error for root from 122.229.6.189
Nov 17 00:45:15 unting sshd[1523]: error: PAM: authentication error for root from dsl-202-173-145-182.qld.westnet.com.au
Nov 17 01:02:52 unting sshd[1578]: error: PAM: authentication error for root from 122.229.6.189
Nov 17 01:21:31 unting sshd[1606]: reverse mapping checking getaddrinfo for 166.129.109.202.dial.nc.jx.dynamic.163data.com.cn [202.109.129.166] failed – POSSIBLE BREAK-IN ATTEMPT!
Nov 17 01:21:31 unting sshd[1606]: error: PAM: authentication error for root from 202.109.129.166
Nov 17 01:40:21 unting sshd[1652]: error: PAM: authentication error for root from 187.53.57.247
Nov 17 02:16:02 unting sshd[1745]: error: PAM: authentication error for root from 187.53.57.247
Nov 17 02:20:44 unting sshd[1751]: Did not receive identification string from 114.80.166.224
Nov 17 02:34:31 unting sshd[1789]: error: PAM: authentication error for root from 124.193.106.231
Nov 17 03:11:05 unting sshd[2170]: error: PAM: authentication error for root from 222.107.61.161
Nov 17 03:29:46 unting sshd[2195]: error: PAM: authentication error for root from 115-186-131-106.nayatel.pk
Nov 17 03:48:15 unting sshd[2243]: reverse mapping checking getaddrinfo for 166.129.109.202.dial.nc.jx.dynamic.163data.com.cn [202.109.129.166] failed – POSSIBLE BREAK-IN ATTEMPT!
Nov 17 03:48:16 unting sshd[2243]: error: PAM: authentication error for root from 202.109.129.166
Nov 17 04:08:08 unting sshd[2301]: error: PAM: authentication error for root from 117.123.175.86
Nov 17 04:22:38 unting su: BAD SU unting to root on /dev/ttyp1
Nov 17 04:22:53 unting su: BAD SU unting to root on /dev/ttyp1
Nov 17 04:23:03 unting su: unting to root on /dev/ttyp1
Nov 17 04:27:33 unting sshd[2355]: error: PAM: authentication error for root from 115-186-131-75.nayatel.pk
Nov 17 15:03:00 unting login: login on ttyv0 as root
Nov 17 15:03:00 unting login: ROOT LOGIN (root) ON ttyv0

:toast :cendol