—–begin warning.pot.alert.repeat—–
warned: 2012 Mar 17 14:15:51.92 [Warning]: Honeypot entry from r_host:58.26.207.170[masqueraded] s_port 22 on t_host:kuchingfest.com d_port:22 mangled ssl packet: userid: root password: ******** [password.db match: [desc]legacy SAINS Base DN: o=SAINS, ldap_host=ldap.sains.com.my]
warned: 2012 Mar 24 20:23:15.66 [Warning]: Honeypot entry from r_host:58.26.207.170[masqueraded] s_port 22 on t_host:kuchingfest.com d_port:22 mangled ssl packet: userid: root password: ******** [password.db match: [desc]legacy SAINS Base DN: o=SAINS, ldap_host=ldap.sains.com.my]
Alert! 2012 Mar 24 22:23:17.41 [notify]: Repeated attempts from r_host:58.26.207.170[masqueraded] s_port=22 on t_host:kuchingfest.com d_port:22 mangled ssl packet. flag:ACC_TRAP_LEGACY, ACC_SSH, ACC_IP_PROXY_SRC_REVERSE, R_ANONYMOUS_PROXY_DETECTED[219.93.178.162], R_TUNNEL_TRAP, TCP_HEADER_MANGLED_REVERSED[58.26.207.170],ACC_REPEAT,A_TRAPPED
WHOIS 58.26.207.170
% [whois.apnic.net node-4]
% Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
inetnum: 58.26.0.0 – 58.27.127.255
netname: TMNET-MY
descr: TMnet TELEKOM MALAYSIA,
descr: Level 25 (South), Menara Telekom, Jalan Pantai Baru,
descr: 50672 Kuala Lumpur.
country: MY
admin-c: TA35-AP
tech-c: TA35-AP
status: ALLOCATED PORTABLE
mnt-by: APNIC-HM
mnt-lower: TM-NET-AP
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
remarks: This object can only be updated by APNIC hostmasters.
remarks: To update this object, please contact APNIC
remarks: hostmasters and include your organisation’s account
remarks: name in the subject line.
remarks: -+-+-+-+-+-+-+-+-+-+-+-++-+-+-+-+-+-+-+-+-+-+-+-+-+-+
changed: hm-changed@apnic.net 20050303
changed: hm-changed@apnic.net 20070209
source: APNIC
route: 58.26.192.0/18
descr: TMnet route object
origin: AS4788
mnt-by: TM-NET-AP
changed: roshime@tm.com.my 20090220
source: APNIC
role: TMNET IP Administrators
address: Telekom Malaysia
address: Jalan Pantai Baru, Kuala Lumpur.
country: MY
phone: +6-1800-88-2646
phone: +603-83185434
fax-no: +603-22402126
remarks: dnsadm@tmnet.com.my
remarks: tm_osc@tmnet.com.my [TMDirect]
remarks: ssc@tmnet.com.my [Streamyx]
remarks: abuse@tm.net.my
e-mail: ipno@tm.net.my
admin-c: AS115-AP
tech-c: SM135-AP
nic-hdl: TA35-AP
mnt-by: TM-NET-AP
changed: hm-changed@apnic.net 20070209
changed: hm-changed@apnic.net 20110325
source: APNIC
yankfurther.ip 58.26.207.170
IP:
58.26.207.170
server location:
Kuching in Malaysia
ISP:
TMnet Telekom Malaysia
IP: 58.26.207.170
IP Country: Malaysia
This IP address resolves to proxy1.swinburne.edu.my
—–end warning.pot.alert.repeat—–
