Scribd
Upload
107 views7 pages

Report Network Hack

The document describes several failed SSH login attempts from IP addresses in China to a root username. Location lookups show one IP address is located in Shanghai, China and the other in Jiangsu, China. Blacklist checks show neither IP is listed on known blacklists.

Uploaded by

Edmar Samortin
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
107 views7 pages

Report Network Hack

The document describes several failed SSH login attempts from IP addresses in China to a root username. Location lookups show one IP address is located in Shanghai, China and the other in Jiangsu, China. Blacklist checks show neither IP is listed on known blacklists.

Uploaded by

Edmar Samortin
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd

Failed SSH login attempt from [Link] at 2020-04-13 [Link] with username root.

Failed SSH login attempt from [Link] at 2020-04-13 [Link] with username root.
Failed SSH login attempt from [Link] at 2020-04-13 [Link] with username root.
Failed SSH login attempt from [Link] at 2020-04-13 [Link] with username root.
Failed SSH login attempt from [Link] at 2020-04-13 [Link] with username root.

IP Address Geographical Location Finder


Details for [Link]
IP: [Link]
Decimal: 3736735498
Hostname: [Link]
ASN: 23650
ISP: China Telecom
Organization: China Telecom jiangsu province backbone
Services: None detected
Type: Wireless Broadband
Assignment: Likely Dynamic IP

Continent: Asia
Country: China
Latitude: 34.7725  (34° 46′ 21.00″ N)
Longitude: 113.7266  (113° 43′ 35.76″ E)

Blacklist Status
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]

= IP Not Listed (Good!)


= IP Listed (Bad!)
= Blacklist Timeout Error
= Blacklist Offline

Details for [Link]


IP: [Link]
Decimal: 827879536
Hostname: [Link]
ASN: 4134
ISP: China Telecom
Organization: China Telecom
Services: None detected
Type: Broadband
Assignment: Likely Static IP
Blacklist:
Bottom of Form
Continent: Asia
Country: China
State/Region: Shanghai
City: Shanghai
Latitude: 31.0449  (31° 2′ 41.64″ N)
Longitude: 121.4012  (121° 24′ 4.32″ E)

Blacklist Status
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]
[Link] [Link]

= IP Not Listed (Good!)


= IP Listed (Bad!)
= Blacklist Timeout Error
= Blacklist Offline
RUN TESTING USING NETWORK MAPPING
root@kali:~# nmap -sV -Pn -A [Link]
Starting Nmap 7.70 ( [Link] ) at 2020-04-13 09:20 EDT
Nmap scan report for [Link]
Host is up (1.5s latency).
Not shown: 999 filtered ports
PORT STATE SERVICE VERSION
443/tcp open https Apache
|_http-server-header: Apache
|_http-title: User Portal
| ssl-cert: Subject: commonName=[Link]/organizationName=CEZA/countryName=ph
| Subject Alternative Name: DNS:[Link]
| Not valid before: 2020-03-13T[Link]
|_Not valid after: 2022-05-22T[Link]
|_ssl-date: TLS randomness does not represent time
| tls-alpn:
|_ http/1.1
Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
Device type: general purpose
Running (JUST GUESSING): Linux 4.X (92%)
OS CPE: cpe:/o:linux:linux_kernel:4.4
Aggressive OS guesses: Linux 4.4 (92%)
No exact OS matches for host (test conditions non-ideal).
Network Distance: 9 hops

TRACEROUTE (using port 443/tcp)


HOP RTT ADDRESS
1 59.40 ms [Link]
2 59.85 ms [Link]
3 93.00 ms [Link]
4 71.32 ms [Link]
5 ...
6 60.10 ms [Link]
7 ...
8 131.45 ms [Link]
9 111.57 ms [Link]

OS and Service detection performed. Please report any incorrect results at [Link] .
Nmap done: 1 IP address (1 host up) scanned in 879.41 seconds

Summary for Network Mapping Testing

You might also like