When I checked the fail2ban log on a CentOS 7 server today, I found that two IP addresses assigned to to a system or systems in China had been banned 385 times in the past week because of repeated failed attempts to break into the system via Secure Shell (SSH) logins. The IP addresses were:
183.3.202.183
183.3.202.184
When I checked for whether others had noted hostile activity from those IP addresses at the Internet Storm Center, I found that others had reported such activity from the two IP addresses starting on March 30, 2016 and continuing through today.
[ More Info ]