Yikes. This IP attempted to hit my server 1880233 times (yes, that's
nearly TWO MILLION ssh attempts) over the past couple of days. First
blocked in the firewall at Jan 5 01:42:33 for an ssh attempt with
invalid user ROOT, but kept right on trying. Logs are submitting now.
-s
[shaun@shaunc ~]$ whois -h
whois.lacnic.net 177.69.238.15
% Joint Whois -
whois.lacnic.net
% This server accepts single ASN, IPv4 or IPv6 queries
% Brazilian resource:
whois.registro.br
% Copyright (c) Nic.br
% The use of the data below is only permitted as described in
% full by the terms of use (
http://registro.br/termo/en.html),
% being prohibited its distribution, comercialization or
% reproduction, in particular, to use it for advertising or
% any similar purpose.
% 2013-01-06 19:26:29 (BRST -02:00)
inetnum: 177.69/16
aut-num: AS16735
abuse-c: CST87
owner: COMPANHIA DE TELECOMUNICACOES DO BRASIL CENTRAL
ownerid: 071.208.516/0001-74
responsible: Cristiano Azevedo Vinaud
country: BR
owner-c: CCRDO
tech-c: CNI15
inetrev: 177.69.128/17
nserver:
nspar.ctbc.com.br
nsstat: 20130105 AA
nslastaa: 20130105
nserver:
nssar.ctbc.com.br
nsstat: 20130105 AA
nslastaa: 20130105
created: 20110621
changed: 20110629
nic-hdl-br: CCRDO
person: CTBC - Contratos e Registro de Domínios
e-mail:
secu...@ctbc.com.br
created: 20070606
changed: 20121025
nic-hdl-br: CNI15
person: CTBC - Núcleo de Aministração de IPs
e-mail:
ad...@ctbc.com.br
created: 20060417
changed: 20110608
nic-hdl-br: CST87
person: Computer Security Incident Response Team
e-mail:
ab...@ctbc.com.br
created: 20051208
changed: 20111117
% Security and mail abuse issues should also be addressed to
%
cert.br,
http://www.cert.br/, respectivelly to
ce...@cert.br
% and
mail-...@cert.br
%
%
whois.registro.br accepts only direct match queries. Types
% of queries are: domain (.br), ticket, provider, ID, CIDR
% block, IP and ASN.