Hackers?

Here are the relevant parts of my log files:

Yesterday:

sshd:
Authentication Failures:
unknown (c-24-218-44-187.hsd1.ma.comcast.net): 1839 Time(s)
root (c-24-218-44-187.hsd1.ma.comcast.net): 845 Time(s)
61.139.30.62 (1): 75 Time(s)
root (61.139.30.62): 75 Time(s)
rpc (c-24-218-44-187.hsd1.ma.comcast.net): 59 Time(s)
root (61.172.246.73): 40 Time(s)
mysql (c-24-218-44-187.hsd1.ma.comcast.net): 36 Time(s)
rpcuser (c-24-218-44-187.hsd1.ma.comcast.net): 33 Time(s)
operator (c-24-218-44-187.hsd1.ma.comcast.net): 32 Time(s)
john (c-24-218-44-187.hsd1.ma.comcast.net): 28 Time(s)
mailman (c-24-218-44-187.hsd1.ma.comcast.net): 20 Time(s)
nscd (c-24-218-44-187.hsd1.ma.comcast.net): 20 Time(s)
dbus (c-24-218-44-187.hsd1.ma.comcast.net): 18 Time(s)
nfsnobody (c-24-218-44-187.hsd1.ma.comcast.net): 18 Time(s)
ntp (c-24-218-44-187.hsd1.ma.comcast.net): 18 Time(s)
pcap (c-24-218-44-187.hsd1.ma.comcast.net): 18 Time(s)
rpm (c-24-218-44-187.hsd1.ma.comcast.net): 18 Time(s)
smmsp (c-24-218-44-187.hsd1.ma.comcast.net): 18 Time(s)
vcsa (c-24-218-44-187.hsd1.ma.comcast.net): 18 Time(s)
sshd (c-24-218-44-187.hsd1.ma.comcast.net): 16 Time(s)
adm (c-24-218-44-187.hsd1.ma.comcast.net): 12 Time(s)
unknown (1): 5 Time(s)
unknown (61.139.30.62): 5 Time(s)
bin (c-24-218-44-187.hsd1.ma.comcast.net): 4 Time(s)
daemon (c-24-218-44-187.hsd1.ma.comcast.net): 4 Time(s)
ftp (c-24-218-44-187.hsd1.ma.comcast.net): 4 Time(s)
games (c-24-218-44-187.hsd1.ma.comcast.net): 4 Time(s)
gopher (c-24-218-44-187.hsd1.ma.comcast.net): 4 Time(s)
mail (c-24-218-44-187.hsd1.ma.comcast.net): 4 Time(s)
mailnull (c-24-218-44-187.hsd1.ma.comcast.net): 4 Time(s)
named (c-24-218-44-187.hsd1.ma.comcast.net): 4 Time(s)
news (c-24-218-44-187.hsd1.ma.comcast.net): 4 Time(s)
nobody (c-24-218-44-187.hsd1.ma.comcast.net): 4 Time(s)
adam (c-24-218-44-187.hsd1.ma.comcast.net): 2 Time(s)
andreas (c-24-218-44-187.hsd1.ma.comcast.net): 2 Time(s)
andrew (c-24-218-44-187.hsd1.ma.comcast.net): 2 Time(s)
erik (c-24-218-44-187.hsd1.ma.comcast.net): 2 Time(s)
tomcat (c-24-218-44-187.hsd1.ma.comcast.net): 2 Time(s)
uucp (c-24-218-44-187.hsd1.ma.comcast.net): 2 Time(s)
web (c-24-218-44-187.hsd1.ma.comcast.net): 2 Time(s)
brian (c-24-218-44-187.hsd1.ma.comcast.net): 1 Time(s)
Invalid Users:
Unknown Account: 1849 Time(s)


About a week ago maybe:

**Unmatched Entries**
Invalid user miha from ::ffff:213.189.237.98
Invalid user miha from ::ffff:213.189.237.98
Invalid user miha from ::ffff:213.189.237.98
Invalid user miha from ::ffff:213.189.237.98
Failed password for invalid user miha from ::ffff:213.189.237.98 port 50490 ssh2
Failed password for invalid user miha from ::ffff:213.189.237.98 port 50491 ssh2
Invalid user miha from ::ffff:213.189.237.98
Failed password for invalid user miha from ::ffff:213.189.237.98 port 50497 ssh2
Failed password for invalid user miha from ::ffff:213.189.237.98 port 50513 ssh2
Failed password for invalid user miha from ::ffff:213.189.237.98 port 50524 ssh2
Invalid user miha from ::ffff:213.189.237.98
Invalid user miha from ::ffff:213.189.237.98
Invalid user miha from ::ffff:213.189.237.98
Invalid user miha from ::ffff:213.189.237.98
Invalid user miha from ::ffff:213.189.237.98
Failed password for invalid user miha from ::ffff:213.189.237.98 port 50609 ssh2
Failed password for invalid user miha from ::ffff:213.189.237.98 port 50626 ssh2
Failed password for invalid user miha from ::ffff:213.189.237.98 port 50623 ssh2
Failed password for invalid user miha from ::ffff:213.189.237.98 port 50627 ssh2
Failed password for invalid user miha from ::ffff:213.189.237.98 port 50660 ssh2
Invalid user simon from ::ffff:213.189.237.98
Invalid user simon from ::ffff:213.189.237.98
Failed password for invalid user simon from ::ffff:213.189.237.98 port 50986 ssh2
Failed password for invalid user simon from ::ffff:213.189.237.98 port 50969 ssh2
Invalid user simon from ::ffff:213.189.237.98
Failed password for invalid user simon from ::ffff:213.189.237.98 port 51078 ssh2
Invalid user simon from ::ffff:213.189.237.98
Failed password for invalid user simon from ::ffff:213.189.237.98 port 51090 ssh2
Invalid user andrej from ::ffff:213.189.237.98
Failed password for invalid user andrej from ::ffff:213.189.237.98 port 51399 ssh2
Invalid user andrej from ::ffff:213.189.237.98
Failed password for invalid user andrej from ::ffff:213.189.237.98 port 51433 ssh2

I have chatted online with ComCast and they told me to email their abuse team which I did. However the suto-reply said I needed to include the following details:

Network Abuse Submission Guidelines

1.Provide a brief, general description of the network abuse incident.

2.Include all logs or information relevant to the incident, ensure the logs
your submitting contain:
a.Date of incident
b.Time of incident and time zone
c.Source Internet protocol (IP) address or host name
d.Destination IP address or host name
e.Destination port


Where/how do I get all of these details?

I have the APF firewall installed but I had to disable it as I haven't configured it properly yet. All suggestions on what I should do about this matter are greatly appreciated - thanks.

 

 

 

 

Top