[MediaWiki-announce] Maintenance release: 1.31.5 and 1.32.5
by Sam Reed
Hi all,
I would like to announce the release of MediaWiki 1.32.5 and 1.31.5. These
releases primarily fix an issue in the backported security patch for
T230402.
This wasn't compatible with 1.32 and 1.31 as is, so modifications were
required. It was fine for 1.33, hence no followup release for 1.33. Some
other minor fixes are also included.
== Links to all mentioned tasks ==
* https://phabricator.wikimedia.org/T230402
== Release notes ==
Full release notes for 1.31.5:
https://phabricator.wikimedia.org/diffusion/MW/browse/REL1_31/RELEASE-NOT...
https://www.mediawiki.org/wiki/Release_notes/1.31
Full release notes for 1.32.5:
https://phabricator.wikimedia.org/diffusion/MW/browse/REL1_32/RELEASE-NOT...
https://www.mediawiki.org/wiki/Release_notes/1.32
For information about how to upgrade, see
<https://www.mediawiki.org/wiki/Manual:Upgrading>
**********************************************************************
Download:
https://releases.wikimedia.org/mediawiki/1.32/mediawiki-1.32.5.tar.gz
Download without bundled extensions:
https://releases.wikimedia.org/mediawiki/1.32/mediawiki-core-1.32.5.tar.gz
Patch to previous version (1.32.4):
https://releases.wikimedia.org/mediawiki/1.32/mediawiki-1.32.5.patch.gz
GPG signatures:
https://releases.wikimedia.org/mediawiki/1.32/mediawiki-core-1.32.5.tar.g...
https://releases.wikimedia.org/mediawiki/1.32/mediawiki-1.32.5.tar.gz.sig
https://releases.wikimedia.org/mediawiki/1.32/mediawiki-1.32.5.patch.gz.sig
Public keys:
https://www.mediawiki.org/keys/keys.html
**********************************************************************
Download:
https://releases.wikimedia.org/mediawiki/1.31/mediawiki-1.31.5.tar.gz
Download without bundled extensions:
https://releases.wikimedia.org/mediawiki/1.31/mediawiki-core-1.31.5.tar.gz
Patch to previous version (1.31.4):
https://releases.wikimedia.org/mediawiki/1.31/mediawiki-1.31.5.patch.gz
GPG signatures:
https://releases.wikimedia.org/mediawiki/1.31/mediawiki-core-1.31.5.tar.g...
https://releases.wikimedia.org/mediawiki/1.31/mediawiki-1.31.5.tar.gz.sig
https://releases.wikimedia.org/mediawiki/1.31/mediawiki-1.31.5.patch.gz.sig
Public keys:
https://www.mediawiki.org/keys/keys.html
_______________________________________________
MediaWiki announcements mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce
6 Jahre
- 1
- 0
Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Tue Oct 15 04:42:05 2019
Date Range Processed: yesterday
( 2019-Oct-14 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [153:152]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 8 sites probed the server
15.188.47.240
183.129.160.229
185.234.218.15
61.219.11.153
62.210.189.8
66.240.205.34
80.82.64.125
89.248.169.17
Requests with error response codes
400 Bad Request
null: 9 Time(s)
../../mnt/custom/ProductDefinition: 2 Time(s)
mstshash=Administr: 2 Time(s)
/dana-na/../dana/html5acc/guacamole/../../ ... 5acc/guacamole/: 1 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 1 Time(s)
404 Not Found
/robots.txt: 39 Time(s)
/wp-login.php: 4 Time(s)
/berlin/apple-touch-icon.png: 2 Time(s)
/reader/2016_sose_konstanz_lang.pdf: 1 Time(s)
/reader/2017_SoSe_Berlin_vorlaeufig.pdf%7C: 1 Time(s)
/reader/https//zapf.wiki/User:Kuschelb%C3%A4r9000: 1 Time(s)
/verein/satzung/%7CSatzung: 1 Time(s)
500 Internal Server Error
/: 14 Time(s)
//xmlrpc.php: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (ns3003413.ip-5-196-75.eu): 96 Time(s)
root (ns3075598.ip-164-132-207.eu): 95 Time(s)
root (118.24.108.205): 93 Time(s)
root (113.80.86.2): 90 Time(s)
root (vmi264252.contaboserver.net): 74 Time(s)
root (140.143.22.200): 73 Time(s)
unknown (118.89.30.76): 65 Time(s)
unknown (106.13.140.110): 63 Time(s)
root (111.ip-144-217-242.net): 62 Time(s)
root (52.232.31.246): 54 Time(s)
root (103.54.219.106): 52 Time(s)
unknown (159.89.153.54): 52 Time(s)
root (148.70.65.131): 48 Time(s)
unknown (srv208.firstheberg.net): 45 Time(s)
root (182.61.176.53): 44 Time(s)
unknown (81.4.106.152): 42 Time(s)
root (159.89.201.59): 41 Time(s)
root (185.25.48.194): 36 Time(s)
unknown (115.159.86.75): 36 Time(s)
unknown (159.89.201.59): 36 Time(s)
unknown (106.13.4.117): 32 Time(s)
unknown (103.54.219.106): 31 Time(s)
root (202.119.81.229): 30 Time(s)
root (host213-120-170-33.in-addr.btopenworld.com): 29 Time(s)
unknown (150.109.52.25): 29 Time(s)
unknown (36.92.95.10): 29 Time(s)
unknown (52.232.31.246): 29 Time(s)
unknown (115.249.92.88): 28 Time(s)
root (40.122.29.117): 27 Time(s)
root (ns513151.ip-167-114-157.net): 27 Time(s)
unknown (140.143.22.200): 27 Time(s)
unknown (49.206.31.144): 27 Time(s)
unknown (vmi264252.contaboserver.net): 27 Time(s)
root (106.13.140.110): 26 Time(s)
root (177.ip-54-38-183.eu): 26 Time(s)
root (118.89.30.76): 25 Time(s)
unknown (111.ip-144-217-242.net): 25 Time(s)
unknown (58.ip-51-255-35.eu): 25 Time(s)
unknown (139.199.48.217): 24 Time(s)
root (115.249.92.88): 23 Time(s)
root (169.ip-167-114-98.net): 23 Time(s)
unknown (169.ip-167-114-98.net): 23 Time(s)
root (36.92.95.10): 22 Time(s)
root (49.235.101.153): 22 Time(s)
unknown (177.ip-54-38-183.eu): 22 Time(s)
root (104.236.230.165): 21 Time(s)
unknown (ns513151.ip-167-114-157.net): 21 Time(s)
root (49.206.31.144): 20 Time(s)
unknown (40.73.101.100): 20 Time(s)
root (139.199.80.67): 19 Time(s)
root (58.ip-51-255-35.eu): 19 Time(s)
unknown (119.29.11.242): 19 Time(s)
unknown (178.128.59.109): 19 Time(s)
root (119.29.11.242): 18 Time(s)
unknown (49.235.101.153): 18 Time(s)
root (106.13.4.117): 17 Time(s)
root (116.214.56.11): 17 Time(s)
unknown (40.122.29.117): 17 Time(s)
unknown (202.119.81.229): 16 Time(s)
unknown (16.ip-51-83-46.eu): 15 Time(s)
unknown (b2b-37-24-118-239.unitymedia.biz): 14 Time(s)
root (45.119.212.105): 13 Time(s)
root (81.4.106.152): 13 Time(s)
unknown (185.25.48.194): 13 Time(s)
root (139.199.48.217): 10 Time(s)
root (40.73.101.100): 10 Time(s)
root (static-47-180-89-23.lsan.ca.frontiernet.net): 10 Time(s)
unknown (139.199.80.67): 10 Time(s)
root (159.89.153.54): 9 Time(s)
unknown (ns563195.ip-192-99-19.net): 9 Time(s)
unknown (104.236.230.165): 8 Time(s)
unknown (118.24.108.205): 8 Time(s)
root (srv208.firstheberg.net): 7 Time(s)
root (115.68.1.14): 6 Time(s)
root (net-93-71-35-76.cust.vodafonedsl.it): 6 Time(s)
root (ns563195.ip-192-99-19.net): 6 Time(s)
unknown (host213-120-170-33.in-addr.btopenworld.com): 6 Time(s)
unknown (net-93-71-35-76.cust.vodafonedsl.it): 6 Time(s)
unknown (static-47-180-89-23.lsan.ca.frontiernet.net): 6 Time(s)
root (150.109.52.25): 5 Time(s)
root (177.ip-137-74-199.eu): 5 Time(s)
root (80.211.245.103): 5 Time(s)
unknown (116.214.56.11): 5 Time(s)
unknown (193.201.224.232): 5 Time(s)
root (157.red-81-47-160.staticip.rima-tde.net): 4 Time(s)
unknown (157.red-81-47-160.staticip.rima-tde.net): 4 Time(s)
unknown (218.4.169.82): 4 Time(s)
unknown (45.119.212.105): 4 Time(s)
unknown (148.70.65.131): 3 Time(s)
unknown (185.88.197.15): 3 Time(s)
unknown (193.32.163.182): 3 Time(s)
unknown (200-98-1-189.tlf.dialuol.com.br): 3 Time(s)
unknown (80.211.245.103): 3 Time(s)
unknown (cpe-104-175-32-206.socal.res.rr.com): 3 Time(s)
unknown (ns3075598.ip-164-132-207.eu): 3 Time(s)
root (16.ip-51-83-46.eu): 2 Time(s)
root (200.70.56.204): 2 Time(s)
unknown (113.80.86.2): 2 Time(s)
unknown (118.141.215.184): 2 Time(s)
unknown (177.ip-137-74-199.eu): 2 Time(s)
unknown (178.33.216.209): 2 Time(s)
unknown (200.70.56.204): 2 Time(s)
unknown (62.168.141.253): 2 Time(s)
unknown (92.63.194.26): 2 Time(s)
unknown (areims-651-1-138-75.w92-142.abo.wanadoo.fr): 2 Time(s)
unknown (ns3108173.ip-54-37-253.eu): 2 Time(s)
unknown (ns388423.ip-176-31-253.eu): 2 Time(s)
unknown (ool-2f168746.static.optonline.net): 2 Time(s)
unknown (static-100-37-253-46.nycmny.fios.verizon.net): 2 Time(s)
backup (49.206.31.144): 1 Time(s)
irc (169.ip-167-114-98.net): 1 Time(s)
mysql (40.122.29.117): 1 Time(s)
postgres (40.122.29.117): 1 Time(s)
postgres (45.119.212.105): 1 Time(s)
postgres (server.herojus.lt): 1 Time(s)
root (103.91.95.223): 1 Time(s)
root (104.131.113.106): 1 Time(s)
root (115.159.86.75): 1 Time(s)
root (140.ip-164-132-49.eu): 1 Time(s)
root (142.93.39.29): 1 Time(s)
root (213.135.230.147): 1 Time(s)
root (87.247.157.122): 1 Time(s)
root (96.57.82.166): 1 Time(s)
root (b2b-37-24-118-239.unitymedia.biz): 1 Time(s)
root (server.multixservices.net): 1 Time(s)
sshd (139.199.80.67): 1 Time(s)
sshd (169.ip-167-114-98.net): 1 Time(s)
sync (169.ip-167-114-98.net): 1 Time(s)
unknown (103.91.54.100): 1 Time(s)
unknown (106.12.89.13): 1 Time(s)
unknown (112.220.24.131): 1 Time(s)
unknown (113.160.165.66): 1 Time(s)
unknown (113.172.0.136): 1 Time(s)
unknown (123.30.154.184): 1 Time(s)
unknown (130.61.122.5): 1 Time(s)
unknown (139.59.56.121): 1 Time(s)
unknown (140.ip-164-132-49.eu): 1 Time(s)
unknown (154.120.242.70): 1 Time(s)
unknown (206.189.132.204): 1 Time(s)
unknown (255.red-2-139-215.staticip.rima-tde.net): 1 Time(s)
unknown (46.ip-51-254-114.eu): 1 Time(s)
unknown (60.12.26.9): 1 Time(s)
unknown (68.183.105.52): 1 Time(s)
unknown (94.156.119.230): 1 Time(s)
unknown (94.51.140.253): 1 Time(s)
unknown (host-212.96.235.122.tvksmp.pl): 1 Time(s)
unknown (ns335893.ip-37-59-17.eu): 1 Time(s)
unknown (rrcs-108-176-0-2.nyc.biz.rr.com): 1 Time(s)
unknown (s17783852.onlinehome-server.info): 1 Time(s)
www-data (185.25.48.194): 1 Time(s)
Invalid Users:
Unknown Account: 1030 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
1 Miscellaneous warnings
18.881K Bytes accepted 19,334
18.881K Bytes sent via SMTP 19,334
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
1879 Connections
1873 Connections lost (inbound)
1880 Disconnections
1 Removed from queue
1 Sent via SMTP
1 SMTP dialog errors
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 1 Time(s)
root : 1 Time(s)
Failed logins from:
5.196.75.47 (ns3003413.ip-5-196-75.eu): 96 times
36.92.95.10: 22 times
37.24.118.239 (b2b-37-24-118-239.unitymedia.biz): 1 time
40.73.101.100: 10 times
40.122.29.117: 29 times
45.119.212.105: 14 times
46.101.163.220 (server.herojus.lt): 1 time
47.180.89.23 (static-47-180-89-23.lsan.ca.frontiernet.net): 10 times
49.206.31.144 (broadband.actcorp.in): 21 times
49.235.101.153: 22 times
51.83.46.16 (16.ip-51-83-46.eu): 2 times
51.255.35.58 (58.ip-51-255-35.eu): 19 times
52.232.31.246: 54 times
54.38.183.177 (177.ip-54-38-183.eu): 26 times
80.211.245.103 (host103-245-211-80.static.arubacloud.pl): 5 times
81.4.106.152 (lamb.lardcave.net): 13 times
81.47.160.157 (157.red-81-47-160.staticip.rima-tde.net): 4 times
87.247.157.122: 1 time
91.236.239.56 (srv208.firstheberg.net): 7 times
93.71.35.76 (net-93-71-35-76.cust.vodafonedsl.it): 6 times
96.57.82.166 (ool-603952a6.static.optonline.net): 1 time
103.54.219.106: 52 times
103.91.95.223: 1 time
104.131.113.106: 1 time
104.236.230.165 (24autobids.com): 21 times
106.13.4.117: 17 times
106.13.140.110: 26 times
113.80.86.2: 90 times
115.68.1.14: 6 times
115.159.86.75: 1 time
115.249.92.88: 23 times
116.214.56.11 (user.nova.net.cn): 17 times
118.24.108.205: 93 times
118.89.30.76: 25 times
119.29.11.242: 18 times
137.74.199.177 (177.ip-137-74-199.eu): 5 times
139.199.48.217: 10 times
139.199.80.67: 20 times
140.143.22.200: 73 times
142.93.39.29: 1 time
144.217.242.111 (111.ip-144-217-242.net): 62 times
148.70.65.131: 48 times
150.109.52.25: 5 times
159.89.153.54: 9 times
159.89.201.59: 41 times
162.241.178.219 (server.multixservices.net): 1 time
164.132.49.140 (140.ip-164-132-49.eu): 1 time
164.132.207.231 (ns3075598.ip-164-132-207.eu): 95 times
167.114.98.169 (169.ip-167-114-98.net): 26 times
167.114.157.86 (ns513151.ip-167-114-157.net): 27 times
178.238.230.212 (vmi264252.contaboserver.net): 74 times
182.61.176.53: 44 times
185.25.48.194: 37 times
192.99.19.77 (ns563195.ip-192-99-19.net): 6 times
200.70.56.204 (host204.advance.com.ar): 2 times
202.119.81.229: 30 times
213.120.170.33 (host213-120-170-33.in-addr.btopenworld.com): 29 times
213.135.230.147 (ip-213-135-230-147.static.luxdsl.pt.lu): 1 time
Illegal users from:
undef: 853 times
2.139.215.255 (255.red-2-139-215.staticip.rima-tde.net): 1 time
36.92.95.10: 29 times
37.24.118.239 (b2b-37-24-118-239.unitymedia.biz): 14 times
37.59.17.24 (ns335893.ip-37-59-17.eu): 1 time
40.73.101.100: 20 times
40.122.29.117: 17 times
45.119.212.105: 4 times
47.22.135.70 (ool-2f168746.static.optonline.net): 2 times
47.180.89.23 (static-47-180-89-23.lsan.ca.frontiernet.net): 6 times
49.206.31.144 (broadband.actcorp.in): 27 times
49.235.101.153: 18 times
51.83.46.16 (16.ip-51-83-46.eu): 15 times
51.254.114.46 (46.ip-51-254-114.eu): 1 time
51.255.35.58 (58.ip-51-255-35.eu): 25 times
52.232.31.246: 29 times
54.37.253.161 (ns3108173.ip-54-37-253.eu): 2 times
54.38.183.177 (177.ip-54-38-183.eu): 22 times
60.12.26.9: 1 time
62.168.141.253: 2 times
68.183.105.52: 1 time
80.211.245.103 (host103-245-211-80.static.arubacloud.pl): 3 times
81.4.106.152 (lamb.lardcave.net): 42 times
81.47.160.157 (157.red-81-47-160.staticip.rima-tde.net): 4 times
82.165.35.17 (s17783852.onlinehome-server.info): 1 time
91.236.239.56 (srv208.firstheberg.net): 45 times
92.63.194.26: 2 times
92.142.33.75 (areims-651-1-138-75.w92-142.abo.wanadoo.fr): 2 times
93.71.35.76 (net-93-71-35-76.cust.vodafonedsl.it): 6 times
94.51.140.253: 1 time
94.156.119.230: 1 time
100.37.253.46 (static-100-37-253-46.nycmny.fios.verizon.net): 2 times
103.54.219.106: 31 times
103.91.54.100: 1 time
104.175.32.206 (cpe-104-175-32-206.socal.res.rr.com): 3 times
104.236.230.165 (24autobids.com): 8 times
106.12.89.13: 1 time
106.13.4.117: 32 times
106.13.140.110: 63 times
108.176.0.2 (rrcs-108-176-0-2.nyc.biz.rr.com): 1 time
112.220.24.131: 1 time
113.80.86.2: 2 times
113.160.165.66 (static.vnpt.vn): 1 time
113.172.0.136 (static.vnpt.vn): 1 time
115.159.86.75: 36 times
115.249.92.88: 28 times
116.214.56.11 (user.nova.net.cn): 5 times
118.24.108.205: 8 times
118.89.30.76: 65 times
118.141.215.184 (sr-184-215-141-118-on-nets.com): 2 times
119.29.11.242: 19 times
123.30.154.184 (static.vnpt.vn): 1 time
130.61.122.5: 1 time
137.74.199.177 (177.ip-137-74-199.eu): 2 times
139.59.56.121: 1 time
139.199.48.217: 24 times
139.199.80.67: 10 times
140.143.22.200: 27 times
144.217.242.111 (111.ip-144-217-242.net): 25 times
148.70.65.131: 3 times
150.109.52.25: 29 times
154.120.242.70 (154.120.242.70.liquidtelecom.net): 1 time
159.89.153.54: 52 times
159.89.201.59: 36 times
164.132.49.140 (140.ip-164-132-49.eu): 1 time
164.132.207.231 (ns3075598.ip-164-132-207.eu): 3 times
167.114.98.169 (169.ip-167-114-98.net): 23 times
167.114.157.86 (ns513151.ip-167-114-157.net): 21 times
176.31.253.204 (ns388423.ip-176-31-253.eu): 2 times
178.33.216.209: 2 times
178.128.59.109: 19 times
178.238.230.212 (vmi264252.contaboserver.net): 27 times
185.25.48.194: 13 times
185.88.197.15 (not-updated.castle-it.net): 3 times
192.99.19.77 (ns563195.ip-192-99-19.net): 9 times
193.32.163.182 (hosting-by.cloud-home.me): 3 times
193.201.224.232: 6 times
200.70.56.204 (host204.advance.com.ar): 2 times
200.98.1.189 (200-98-1-189.tlf.dialuol.com.br): 3 times
202.119.81.229: 16 times
206.189.132.204: 1 time
212.96.235.122 (host-212.96.235.122.tvksmp.pl): 1 time
213.120.170.33 (host213-120-170-33.in-addr.btopenworld.com): 6 times
218.4.169.82 (mail.innoventbio.com): 4 times
**Unmatched Entries**
error: Received disconnect from 81.47.160.157: 3: com.jcraft.jsch.JSchException: Auth fail [preauth] : 8 time(s)
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 3 time(s)
fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 2 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 241G 160G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
6 Jahre
- 1
- 0
App und Mail
by Paul Fleing
Hallo lieber TOPF,
Ich wollte nochmal nachhaken, ob die Mail Adressen Timo@zapf und
Nadja@zapf schon eingerichtet sind, da ich heute eine Testmail
geschrieben hab und beide zurück gekommen sind. Es sind die
Vertrauenspersonen der Orga und ich würde mich freuen zu wissen, dass
die Mailadressen funktionieren.
Außerdem wollte ich nachfragen, wie es mit der App ausschaut. Habt ihr
die schon deployed?
Liebe grüße aus Freiburg
Paul
6 Jahre
- 1
- 0
Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Mon Oct 14 04:42:06 2019
Date Range Processed: yesterday
( 2019-Oct-13 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [204:205]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Connection attempts using mod_proxy:
112.66.103.93 -> zapf.wiki:443: 1 Time(s)
60.191.52.254 -> zapf.wiki:443: 1 Time(s)
A total of 2 sites probed the server
154.47.32.66
61.219.11.153
Requests with error response codes
400 Bad Request
mstshash=Administr: 4 Time(s)
null: 2 Time(s)
zapf.wiki:443: 2 Time(s)
/manager/html: 1 Time(s)
/manager/text/list: 1 Time(s)
404 Not Found
/robots.txt: 37 Time(s)
/berlin/apple-touch-icon.png: 4 Time(s)
/node: 2 Time(s)
/protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s)
/reader/2016_sose_konstanz_lang.pdf: 1 Time(s)
/resolutionen/sose17/gesellschaftlich_vera ... wantwortung.pdf: 1 Time(s)
/wp-login.php: 1 Time(s)
408 Request Timeout
/reader/2014-SoSe_Duesseldorf.pdf: 1 Time(s)
500 Internal Server Error
/: 8 Time(s)
/api/v1/pod: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (116.196.80.104): 100 Time(s)
root (91.215.244.12): 91 Time(s)
root (68.183.178.162): 90 Time(s)
root (89.35.57.214): 89 Time(s)
root (189.109.247.149): 84 Time(s)
root (58.62.207.50): 78 Time(s)
root (94.101.181.238): 77 Time(s)
root (118.24.9.152): 76 Time(s)
root (164.ip-51-255-174.eu): 75 Time(s)
root (202.51.74.189): 75 Time(s)
unknown (182.61.58.166): 69 Time(s)
root (210.212.237.67): 67 Time(s)
unknown (49.235.80.149): 66 Time(s)
root (132.232.59.247): 65 Time(s)
root (116.90.165.26): 64 Time(s)
unknown (181.222.143.177): 58 Time(s)
unknown (58.162.140.172): 58 Time(s)
root (51.158.100.176): 57 Time(s)
root (76.73.206.90): 54 Time(s)
root (ns3133228.ip-51-75-52.eu): 53 Time(s)
root (104.236.214.8): 52 Time(s)
root (62.234.62.191): 52 Time(s)
root (129.146.149.185): 50 Time(s)
unknown (197.85.191.178): 50 Time(s)
unknown (13.71.5.110): 49 Time(s)
unknown (190.96.49.189): 48 Time(s)
unknown (maq01.crcrj.org.br): 48 Time(s)
root (178.62.118.53): 44 Time(s)
root (ns3036126.ip-193-70-81.eu): 43 Time(s)
unknown (62.234.62.191): 43 Time(s)
unknown (159.65.13.203): 42 Time(s)
unknown (118.89.221.36): 40 Time(s)
root (200-98-1-189.tlf.dialuol.com.br): 37 Time(s)
unknown (176.107.131.128): 37 Time(s)
unknown (178.62.118.53): 37 Time(s)
unknown (177.50.208.206): 36 Time(s)
unknown (132.232.59.247): 35 Time(s)
unknown (ns3036126.ip-193-70-81.eu): 34 Time(s)
root (159.65.13.203): 33 Time(s)
unknown (200-98-1-189.tlf.dialuol.com.br): 33 Time(s)
root (l37-195-50-41.novotelecom.ru): 32 Time(s)
root (51.15.159.7): 31 Time(s)
unknown (129.146.149.185): 31 Time(s)
unknown (178.128.59.109): 31 Time(s)
unknown (76.73.206.90): 31 Time(s)
unknown (ns3133228.ip-51-75-52.eu): 31 Time(s)
root (139.199.48.217): 30 Time(s)
root (148.70.65.131): 30 Time(s)
root (49.235.80.149): 30 Time(s)
unknown (51.158.100.176): 29 Time(s)
root (182.61.58.166): 27 Time(s)
root (197.85.191.178): 27 Time(s)
root (181.222.143.177): 24 Time(s)
unknown (116.90.165.26): 24 Time(s)
unknown (217.61.17.7): 24 Time(s)
root (13.71.5.110): 23 Time(s)
root (maq01.crcrj.org.br): 23 Time(s)
unknown (157.245.103.117): 23 Time(s)
root (58.162.140.172): 22 Time(s)
root (178.128.59.109): 20 Time(s)
unknown (164.ip-51-255-174.eu): 19 Time(s)
root (43.243.128.213): 18 Time(s)
unknown (210.212.237.67): 18 Time(s)
unknown (118.24.9.152): 17 Time(s)
root (157.245.103.117): 16 Time(s)
unknown (148.70.65.131): 16 Time(s)
unknown (202.51.74.189): 16 Time(s)
root (201.114.252.23): 14 Time(s)
unknown (104.236.214.8): 14 Time(s)
unknown (139.199.48.217): 13 Time(s)
unknown (51.15.159.7): 13 Time(s)
root (118.89.221.36): 12 Time(s)
root (182.61.176.53): 12 Time(s)
unknown (177.42.73.75): 12 Time(s)
unknown (189.109.247.149): 11 Time(s)
root (177.50.208.206): 10 Time(s)
unknown (58.62.207.50): 10 Time(s)
root (60.191.82.107): 8 Time(s)
unknown (68.183.178.162): 8 Time(s)
root (107.173.145.168): 6 Time(s)
root (190.96.49.189): 6 Time(s)
root (203.129.199.163): 6 Time(s)
root (27.210.143.2): 6 Time(s)
root (net-2-36-67-194.cust.vodafonedsl.it): 6 Time(s)
unknown (112.171.248.197): 6 Time(s)
unknown (157.red-81-47-160.staticip.rima-tde.net): 6 Time(s)
unknown (91.215.244.12): 6 Time(s)
root (oc-129-158-73-144.compute.oraclecloud.com): 5 Time(s)
unknown (192.red-79-155-112.dynamicip.rima-tde.net): 5 Time(s)
unknown (ip46.ip-151-80-203.eu): 5 Time(s)
root (ns3003413.ip-5-196-75.eu): 4 Time(s)
unknown (114.119.4.74): 4 Time(s)
unknown (185.88.197.15): 4 Time(s)
unknown (193.32.163.182): 4 Time(s)
unknown (203.160.91.226): 4 Time(s)
unknown (43.243.128.213): 4 Time(s)
unknown (team.holonix.biz): 4 Time(s)
unknown (213.32.31.116): 3 Time(s)
unknown (45.ip-51-75-16.eu): 3 Time(s)
unknown (51.15.178.114): 3 Time(s)
unknown (ns3108173.ip-54-37-253.eu): 3 Time(s)
unknown (ns323907.ip-94-23-16.eu): 3 Time(s)
unknown (ns359239.ip-91-121-156.eu): 3 Time(s)
root (server.multixservices.net): 2 Time(s)
root (static-100-37-253-46.nycmny.fios.verizon.net): 2 Time(s)
unknown (50.ip-193-70-2.eu): 2 Time(s)
unknown (60.191.82.107): 2 Time(s)
unknown (82-64-25-207.subs.proxad.net): 2 Time(s)
unknown (84.ip-54-38-186.eu): 2 Time(s)
unknown (91.134.173.103): 2 Time(s)
unknown (93.152.158.132): 2 Time(s)
unknown (94.156.119.230): 2 Time(s)
unknown (ns365771.ovh.net): 2 Time(s)
unknown (static-84-242-116-94.net.upcbroadband.cz): 2 Time(s)
backup (sds-155.hosteur.net): 1 Time(s)
daemon (ns359239.ip-91-121-156.eu): 1 Time(s)
mysql (236.ip-92-222-70.eu): 1 Time(s)
postgres (team.holonix.biz): 1 Time(s)
root (118.187.31.11): 1 Time(s)
root (124.29.198.212): 1 Time(s)
root (157.red-81-47-160.staticip.rima-tde.net): 1 Time(s)
root (168.255.251.126): 1 Time(s)
root (178.33.216.209): 1 Time(s)
root (222.91.150.250): 1 Time(s)
root (23.94.133.28): 1 Time(s)
root (84.ip-54-38-186.eu): 1 Time(s)
root (93.152.158.132): 1 Time(s)
root (94.156.119.230): 1 Time(s)
root (ip46.ip-151-80-203.eu): 1 Time(s)
root (ns359239.ip-91-121-156.eu): 1 Time(s)
root (ool-2f168252.static.optonline.net): 1 Time(s)
root (sds-155.hosteur.net): 1 Time(s)
root (static-84-242-116-94.net.upcbroadband.cz): 1 Time(s)
unknown (103.204.244.131): 1 Time(s)
unknown (110.ip-217-182-204.eu): 1 Time(s)
unknown (113.190.232.244): 1 Time(s)
unknown (138.68.89.76): 1 Time(s)
unknown (14.227.43.135): 1 Time(s)
unknown (140.ip-164-132-49.eu): 1 Time(s)
unknown (15.ip-92-222-84.eu): 1 Time(s)
unknown (162.ip-54-37-205.eu): 1 Time(s)
unknown (163.172.94.72): 1 Time(s)
unknown (178.33.216.209): 1 Time(s)
unknown (236.ip-92-222-70.eu): 1 Time(s)
unknown (37.114.172.151): 1 Time(s)
unknown (37.114.186.205): 1 Time(s)
unknown (46.ip-51-254-114.eu): 1 Time(s)
unknown (92.63.194.26): 1 Time(s)
unknown (95-31-97-102.broadband.corbina.ru): 1 Time(s)
unknown (ip-83-99-35-116.dyn.luxdsl.pt.lu): 1 Time(s)
unknown (ns3002401.ovh.net): 1 Time(s)
unknown (ns333056.ip-37-187-125.eu): 1 Time(s)
unknown (ns335893.ip-37-59-17.eu): 1 Time(s)
unknown (ool-2f168252.static.optonline.net): 1 Time(s)
unknown (sds-155.hosteur.net): 1 Time(s)
www-data (84.ip-54-38-186.eu): 1 Time(s)
Invalid Users:
Unknown Account: 1284 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
2 Miscellaneous warnings
18.092K Bytes accepted 18,526
18.092K Bytes sent via SMTP 18,526
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
3 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
3 Total 4xx Rejects 100.00%
======== ==================================================
1485 Connections
1468 Connections lost (inbound)
1484 Disconnections
1 Removed from queue
1 Sent via SMTP
5 Timeouts (inbound)
2 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 1 Time(s)
root : 3 Time(s)
Failed logins from:
2.36.67.194 (net-2-36-67-194.cust.vodafonedsl.it): 6 times
5.196.75.47 (ns3003413.ip-5-196-75.eu): 4 times
13.71.5.110: 23 times
23.94.133.28 (23-94-133-28-host.colocrossing.com): 1 time
27.210.143.2: 6 times
37.187.74.146 (team.holonix.biz): 1 time
37.195.50.41 (l37-195-50-41.novotelecom.ru): 32 times
43.243.128.213: 18 times
46.182.7.35 (sds-155.hosteur.net): 2 times
47.22.130.82 (ool-2f168252.static.optonline.net): 1 time
49.235.80.149: 30 times
51.15.159.7 (51-15-159-7.rev.poneytelecom.eu): 31 times
51.75.52.195 (ns3133228.ip-51-75-52.eu): 53 times
51.158.100.176 (176-100-158-51.rev.cloud.scaleway.com): 57 times
51.255.174.164 (164.ip-51-255-174.eu): 75 times
54.38.186.84 (84.ip-54-38-186.eu): 2 times
58.62.207.50: 78 times
58.162.140.172: 22 times
60.191.82.107: 8 times
62.234.62.191: 52 times
68.183.178.162: 90 times
76.73.206.90 (circlorama.mybizpronetwork.net): 54 times
81.47.160.157 (157.red-81-47-160.staticip.rima-tde.net): 1 time
84.242.116.94 (static-84-242-116-94.net.upcbroadband.cz): 1 time
89.35.57.214: 89 times
91.121.156.27 (ns359239.ip-91-121-156.eu): 2 times
91.215.244.12: 91 times
92.222.70.236 (236.ip-92-222-70.eu): 1 time
93.152.158.132: 1 time
94.101.181.238: 77 times
94.156.119.230: 1 time
100.37.253.46 (static-100-37-253-46.nycmny.fios.verizon.net): 2 times
104.236.214.8: 52 times
107.173.145.168 (107-173-145-168-host.colocrossing.com): 6 times
116.90.165.26 (IP-90-165-26.dtp.net.id): 64 times
116.196.80.104: 100 times
118.24.9.152: 76 times
118.89.221.36: 12 times
118.187.31.11: 1 time
124.29.198.212: 1 time
129.146.149.185: 50 times
129.158.73.144 (oc-129-158-73-144.compute.oraclecloud.com): 5 times
132.232.59.247: 65 times
139.199.48.217: 30 times
148.70.65.131: 30 times
151.80.203.46 (ip46.ip-151-80-203.eu): 1 time
157.245.103.117: 16 times
159.65.13.203: 33 times
162.241.178.219 (server.multixservices.net): 2 times
168.255.251.126: 1 time
177.50.208.206 (206.208.50.177.isp.timbrasil.com.br): 10 times
178.33.216.209: 1 time
178.62.118.53: 44 times
178.128.59.109: 20 times
181.222.143.177 (b5de8fb1.virtua.com.br): 24 times
182.61.58.166: 27 times
182.61.176.53: 12 times
189.109.247.149 (189-109-247-149.customer.tdatabrasil.net.br): 84 times
190.96.49.189: 6 times
193.70.81.201 (ns3036126.ip-193-70-81.eu): 43 times
197.85.191.178 (197-85-191-178.cpt.virtualservers.co.za): 27 times
200.98.1.189 (200-98-1-189.tlf.dialuol.com.br): 37 times
201.76.178.51 (maq01.crcrj.org.br): 23 times
201.114.252.23 (dsl-201-114-252-23-dyn.prod-infinitum.com.mx): 14 times
202.51.74.189: 75 times
203.129.199.163: 6 times
210.212.237.67: 67 times
222.91.150.250: 1 time
Illegal users from:
undef: 1000 times
13.71.5.110: 49 times
14.227.43.135 (static.vnpt.vn): 1 time
37.59.17.24 (ns335893.ip-37-59-17.eu): 1 time
37.59.51.51 (ns3002401.ovh.net): 1 time
37.114.172.151: 1 time
37.114.186.205: 1 time
37.187.74.146 (team.holonix.biz): 4 times
37.187.125.87 (ns333056.ip-37-187-125.eu): 1 time
43.243.128.213: 4 times
46.182.7.35 (sds-155.hosteur.net): 1 time
47.22.130.82 (ool-2f168252.static.optonline.net): 1 time
49.235.80.149: 66 times
51.15.159.7 (51-15-159-7.rev.poneytelecom.eu): 13 times
51.15.178.114 (51-15-178-114.rev.poneytelecom.eu): 3 times
51.75.16.45 (45.ip-51-75-16.eu): 3 times
51.75.52.195 (ns3133228.ip-51-75-52.eu): 31 times
51.158.100.176 (176-100-158-51.rev.cloud.scaleway.com): 29 times
51.254.114.46 (46.ip-51-254-114.eu): 1 time
51.255.174.164 (164.ip-51-255-174.eu): 19 times
54.37.205.162 (162.ip-54-37-205.eu): 1 time
54.37.253.161 (ns3108173.ip-54-37-253.eu): 3 times
54.38.186.84 (84.ip-54-38-186.eu): 2 times
58.62.207.50: 10 times
58.162.140.172: 58 times
60.191.82.107: 2 times
62.234.62.191: 43 times
68.183.178.162: 8 times
76.73.206.90 (circlorama.mybizpronetwork.net): 31 times
79.155.112.192 (192.red-79-155-112.dynamicip.rima-tde.net): 5 times
81.47.160.157 (157.red-81-47-160.staticip.rima-tde.net): 6 times
82.64.25.207 (82-64-25-207.subs.proxad.net): 2 times
83.99.35.116 (ip-83-99-35-116.dyn.luxdsl.pt.lu): 1 time
84.242.116.94 (static-84-242-116-94.net.upcbroadband.cz): 2 times
85.35.109.166: 1 time
91.121.156.27 (ns359239.ip-91-121-156.eu): 3 times
91.134.173.103: 2 times
91.215.244.12: 6 times
92.63.194.26: 1 time
92.222.70.236 (236.ip-92-222-70.eu): 1 time
92.222.84.15 (15.ip-92-222-84.eu): 1 time
93.152.158.132: 2 times
94.23.5.135 (ns365771.ovh.net): 2 times
94.23.16.30 (ns323907.ip-94-23-16.eu): 3 times
94.156.119.230: 2 times
95.31.97.102 (95-31-97-102.broadband.corbina.ru): 1 time
103.204.244.131: 1 time
104.236.214.8: 14 times
112.171.248.197: 6 times
113.190.232.244 (static.vnpt.vn): 1 time
114.119.4.74: 4 times
116.90.165.26 (IP-90-165-26.dtp.net.id): 24 times
118.24.9.152: 17 times
118.89.221.36: 40 times
129.146.149.185: 31 times
132.232.59.247: 35 times
138.68.89.76: 1 time
139.199.48.217: 13 times
148.70.65.131: 16 times
151.80.203.46 (ip46.ip-151-80-203.eu): 5 times
157.245.103.117: 23 times
159.65.13.203: 42 times
163.172.94.72 (163-172-94-72.rev.poneytelecom.eu): 1 time
164.132.49.140 (140.ip-164-132-49.eu): 1 time
176.107.131.128 (host128-131-107-176.static.arubacloud.pl): 37 times
177.42.73.75 (177.42.73.75.static.host.gvt.net.br): 12 times
177.50.208.206 (206.208.50.177.isp.timbrasil.com.br): 36 times
178.33.216.209: 1 time
178.62.118.53: 37 times
178.128.59.109: 31 times
181.222.143.177 (b5de8fb1.virtua.com.br): 58 times
182.61.58.166: 69 times
185.88.197.15 (not-updated.castle-it.net): 4 times
189.109.247.149 (189-109-247-149.customer.tdatabrasil.net.br): 11 times
190.96.49.189: 48 times
193.32.163.182 (hosting-by.cloud-home.me): 4 times
193.70.2.50 (50.ip-193-70-2.eu): 2 times
193.70.81.201 (ns3036126.ip-193-70-81.eu): 34 times
197.85.191.178 (197-85-191-178.cpt.virtualservers.co.za): 50 times
200.98.1.189 (200-98-1-189.tlf.dialuol.com.br): 33 times
201.76.178.51 (maq01.crcrj.org.br): 48 times
202.51.74.189: 16 times
203.160.91.226: 4 times
210.212.237.67: 18 times
213.32.31.116: 3 times
217.61.17.7 (host7-17-61-217.static.arubacloud.com): 24 times
217.182.204.110 (110.ip-217-182-204.eu): 1 time
**Unmatched Entries**
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 4 time(s)
fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 3 time(s)
error: Received disconnect from 81.47.160.157: 3: com.jcraft.jsch.JSchException: Auth fail [preauth] : 6 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 241G 160G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
6 Jahre
- 1
- 0
Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sun Oct 13 04:42:07 2019
Date Range Processed: yesterday
( 2019-Oct-12 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [284:284]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 1 sites probed the server
183.129.160.229
Requests with error response codes
400 Bad Request
mstshash=Administr: 6 Time(s)
/: 2 Time(s)
../../mnt/custom/ProductDefinition: 1 Time(s)
null: 1 Time(s)
404 Not Found
/robots.txt: 28 Time(s)
/berlin/apple-touch-icon.png: 4 Time(s)
/wp-login.php: 4 Time(s)
/berlin/orientierung/apple-touch-icon.png: 1 Time(s)
/protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s)
/sites/default/files/2011_WiSe_Bonn.pdf: 1 Time(s)
/sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
500 Internal Server Error
/: 93 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (118.89.27.248): 100 Time(s)
root (85.136.47.215.dyn.user.ono.com): 100 Time(s)
root (211-75-194-80.hinet-ip.hinet.net): 99 Time(s)
root (90.122.225.35.bc.googleusercontent.com): 99 Time(s)
root (182.61.136.53): 96 Time(s)
root (111.223.73.20): 95 Time(s)
root (128.199.128.215): 93 Time(s)
root (li2015-22.members.linode.com): 90 Time(s)
root (host35-78.ip.pdlsk.cifra1.ru): 89 Time(s)
root (192.144.151.30): 88 Time(s)
root (92.86.127.175): 87 Time(s)
root (45.6.72.17.leonetprovedor.com.br): 86 Time(s)
root (183.95.84.34): 85 Time(s)
root (58.150.46.6): 81 Time(s)
root (60.190.148.2): 79 Time(s)
root (117.50.95.121): 77 Time(s)
root (ks3097275.kimsufi.com): 77 Time(s)
root (152.136.101.65): 76 Time(s)
root (176.31.182.125): 76 Time(s)
root (64.79.101.52): 72 Time(s)
root (217.32.246.90): 70 Time(s)
root (l37-195-50-41.novotelecom.ru): 68 Time(s)
root (182.72.139.6): 67 Time(s)
root (49.207.180.197): 65 Time(s)
root (115.231.231.3): 63 Time(s)
root (187.32.120.215): 62 Time(s)
root (168.232.156.205): 61 Time(s)
root (32.ip-192-99-57.net): 59 Time(s)
root (165.227.69.39): 58 Time(s)
root (203.110.215.219): 57 Time(s)
root (217.61.17.7): 57 Time(s)
root (ir.unilag.edu.ng): 57 Time(s)
root (129.211.1.224): 55 Time(s)
root (190.8.80.42): 55 Time(s)
root (52.187.17.107): 55 Time(s)
root (106.13.181.68): 54 Time(s)
unknown (62.234.9.150): 48 Time(s)
root (1.193.160.164): 47 Time(s)
root (118.26.135.145): 47 Time(s)
unknown (103.36.84.100): 47 Time(s)
root (149.129.252.83): 44 Time(s)
root (118.25.27.102): 43 Time(s)
unknown (217.ip-51-255-192.eu): 43 Time(s)
root (37.17.65.154): 42 Time(s)
unknown (95-105-233-209.static.orange.sk): 42 Time(s)
root (118.25.143.199): 41 Time(s)
unknown (168.232.156.205): 41 Time(s)
unknown (176.31.182.125): 41 Time(s)
root (206.189.91.97): 39 Time(s)
root (62.234.9.150): 39 Time(s)
root (87.ip-51-38-238.eu): 38 Time(s)
unknown (118.25.143.199): 37 Time(s)
unknown (118.25.27.102): 37 Time(s)
unknown (182.254.172.159): 37 Time(s)
unknown (37.17.65.154): 37 Time(s)
unknown (149.129.252.83): 36 Time(s)
root (182.254.172.159): 35 Time(s)
root (95-105-233-209.static.orange.sk): 35 Time(s)
unknown (129.211.1.224): 35 Time(s)
unknown (14.225.11.25): 35 Time(s)
unknown (151.ip-151-80-60.eu): 35 Time(s)
root (14.225.11.25): 34 Time(s)
root (177.50.208.206): 34 Time(s)
unknown (206.189.91.97): 34 Time(s)
unknown (203.110.215.219): 31 Time(s)
root (132.232.40.86): 30 Time(s)
unknown (190.8.80.42): 30 Time(s)
unknown (106.13.181.68): 29 Time(s)
root (217.ip-51-255-192.eu): 27 Time(s)
unknown (106.12.133.247): 27 Time(s)
unknown (165.227.69.39): 27 Time(s)
unknown (ir.unilag.edu.ng): 27 Time(s)
unknown (115.231.231.3): 26 Time(s)
unknown (32.ip-192-99-57.net): 26 Time(s)
root (103.36.84.100): 25 Time(s)
unknown (1.193.160.164): 25 Time(s)
root (59.10.5.156): 24 Time(s)
unknown (187.32.120.215): 24 Time(s)
unknown (87.ip-51-38-238.eu): 23 Time(s)
unknown (182.72.139.6): 22 Time(s)
unknown (176.107.131.128): 21 Time(s)
unknown (221.150.22.201): 21 Time(s)
unknown (60.190.148.2): 21 Time(s)
unknown (217.32.246.90): 20 Time(s)
unknown (152.136.101.65): 18 Time(s)
unknown (49.207.180.197): 18 Time(s)
root (103.52.52.22): 17 Time(s)
unknown (177.42.73.75): 17 Time(s)
unknown (125.213.128.213): 15 Time(s)
root (151.ip-151-80-60.eu): 14 Time(s)
unknown (117.50.95.121): 14 Time(s)
unknown (103.52.52.22): 13 Time(s)
unknown (64.79.101.52): 13 Time(s)
root (104.236.214.8): 12 Time(s)
unknown (45.6.72.17.leonetprovedor.com.br): 12 Time(s)
root (179.179.255.151): 11 Time(s)
root (125.213.128.213): 10 Time(s)
unknown (59.10.5.156): 10 Time(s)
root (106.12.133.247): 9 Time(s)
root (176.107.131.128): 9 Time(s)
unknown (192.144.151.30): 9 Time(s)
unknown (ks3097275.kimsufi.com): 9 Time(s)
unknown (183.95.84.34): 8 Time(s)
unknown (host35-78.ip.pdlsk.cifra1.ru): 8 Time(s)
root (177.42.73.75): 7 Time(s)
unknown (128.199.128.215): 7 Time(s)
unknown (li2015-22.members.linode.com): 7 Time(s)
root (210.212.237.67): 6 Time(s)
root (43.243.128.213): 6 Time(s)
unknown (178.128.55.52): 6 Time(s)
unknown (216.14.66.150): 6 Time(s)
unknown (193.201.224.232): 5 Time(s)
unknown (92.86.127.175): 5 Time(s)
unknown (111.223.73.20): 4 Time(s)
unknown (119.196.83.10): 4 Time(s)
unknown (217.61.17.7): 4 Time(s)
unknown (ns3077451.ip-188-165-242.eu): 4 Time(s)
root (118.122.196.104): 3 Time(s)
unknown (118.122.196.104): 3 Time(s)
unknown (182.61.136.53): 3 Time(s)
unknown (193.32.163.182): 3 Time(s)
unknown (43.243.128.213): 3 Time(s)
root (221.150.22.201): 2 Time(s)
root (51.15.159.7): 2 Time(s)
unknown (112.186.77.98): 2 Time(s)
unknown (117.0.35.153): 2 Time(s)
unknown (211-75-194-80.hinet-ip.hinet.net): 2 Time(s)
unknown (222.120.192.122): 2 Time(s)
unknown (90.122.225.35.bc.googleusercontent.com): 2 Time(s)
unknown (aup83-1-78-195-178-119.fbx.proxad.net): 2 Time(s)
backup (178.128.55.52): 1 Time(s)
mailman (178.128.55.52): 1 Time(s)
root (111.85.191.131): 1 Time(s)
root (119.29.52.46): 1 Time(s)
root (152.136.141.227): 1 Time(s)
root (167.71.215.72): 1 Time(s)
root (178.128.55.52): 1 Time(s)
root (181.48.134.65): 1 Time(s)
root (183.203.96.105): 1 Time(s)
root (221.194.137.28): 1 Time(s)
root (45.122.221.42): 1 Time(s)
root (61.157.91.159): 1 Time(s)
root (81.30.212.14.static.ufanet.ru): 1 Time(s)
unknown (106.12.40.53): 1 Time(s)
unknown (110.77.247.180): 1 Time(s)
unknown (119.42.127.226): 1 Time(s)
unknown (123.133.78.91): 1 Time(s)
unknown (130.61.122.5): 1 Time(s)
unknown (132.232.40.86): 1 Time(s)
unknown (138.197.105.79): 1 Time(s)
unknown (159.65.149.131): 1 Time(s)
unknown (177.50.208.206): 1 Time(s)
unknown (61.183.35.44): 1 Time(s)
unknown (92.63.194.26): 1 Time(s)
unknown (95-31-97-102.broadband.corbina.ru): 1 Time(s)
unknown (c-76-27-163-60.hsd1.va.comcast.net): 1 Time(s)
unknown (ool-2f168252.static.optonline.net): 1 Time(s)
unknown (static-100-37-253-46.nycmny.fios.verizon.net): 1 Time(s)
Invalid Users:
Unknown Account: 1240 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
3 Miscellaneous warnings
18.092K Bytes accepted 18,526
18.092K Bytes sent via SMTP 18,526
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
2 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
2 Total 4xx Rejects 100.00%
======== ==================================================
35 Connections
23 Connections lost (inbound)
35 Disconnections
1 Removed from queue
1 Sent via SMTP
2 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 2 Time(s)
Failed logins from:
1.193.160.164: 47 times
14.225.11.25 (static.vnpt.vn): 34 times
35.225.122.90 (90.122.225.35.bc.googleusercontent.com): 99 times
37.17.65.154: 42 times
37.195.50.41 (l37-195-50-41.novotelecom.ru): 68 times
43.243.128.213: 6 times
45.6.72.17 (45.6.72.17.leonetprovedor.com.br): 86 times
45.122.221.42: 1 time
49.207.180.197 (broadband.actcorp.in): 65 times
51.15.159.7 (51-15-159-7.rev.poneytelecom.eu): 2 times
51.38.238.87 (87.ip-51-38-238.eu): 38 times
51.255.192.217 (217.ip-51-255-192.eu): 27 times
52.187.17.107: 55 times
58.150.46.6: 81 times
59.10.5.156: 24 times
60.190.148.2: 79 times
61.157.91.159 (159.91.157.61.dial.dy.sc.dynamic.163data.com.cn): 1 time
62.234.9.150: 39 times
64.79.101.52 (64.79.101.52.rdns.continuumdatacenters.com): 72 times
81.30.212.14 (81.30.212.14.static.ufanet.ru): 1 time
85.136.47.215 (85.136.47.215.dyn.user.ono.com): 100 times
92.86.127.175 (adsl92-86-127-175.romtelecom.net): 87 times
94.23.198.73 (ks3097275.kimsufi.com): 77 times
95.105.233.209 (95-105-233-209.static.orange.sk): 35 times
103.36.84.100: 25 times
103.52.52.22: 17 times
104.236.214.8: 12 times
106.12.133.247: 9 times
106.13.181.68: 54 times
111.85.191.131: 1 time
111.223.73.20: 95 times
115.231.231.3: 63 times
117.50.95.121: 77 times
118.25.27.102: 43 times
118.25.143.199: 41 times
118.26.135.145: 47 times
118.89.27.248: 100 times
118.122.196.104: 3 times
119.29.52.46: 1 time
125.213.128.213: 10 times
128.199.128.215: 93 times
129.211.1.224: 55 times
132.232.40.86: 30 times
149.129.252.83: 44 times
151.80.60.151 (151.ip-151-80-60.eu): 14 times
152.136.101.65: 76 times
152.136.141.227: 1 time
165.227.69.39: 58 times
167.71.215.72: 1 time
168.232.156.205: 61 times
172.105.122.22 (li2015-22.members.linode.com): 90 times
176.31.182.125 (solofarmaciveterinari.it): 76 times
176.107.131.128 (host128-131-107-176.static.arubacloud.pl): 9 times
177.42.73.75 (177.42.73.75.static.host.gvt.net.br): 7 times
177.50.208.206 (206.208.50.177.isp.timbrasil.com.br): 34 times
178.128.55.52: 3 times
179.179.255.151 (179.179.255.151.dynamic.adsl.gvt.net.br): 11 times
181.48.134.65: 1 time
182.61.136.53: 96 times
182.72.139.6 (nsg-static-006.139.72.182.airtel.in): 67 times
182.254.172.159: 35 times
183.95.84.34: 85 times
183.203.96.105: 1 time
187.32.120.215 (187-032-120-215.static.ctbctelecom.com.br): 62 times
190.8.80.42 (static.190.8.80.42.gtdinternet.com): 55 times
192.99.57.32 (32.ip-192-99-57.net): 59 times
192.144.151.30: 88 times
196.45.48.59 (ir.unilag.edu.ng): 57 times
203.110.215.219: 57 times
206.189.91.97: 39 times
210.212.237.67: 6 times
211.75.194.80 (211-75-194-80.HINET-IP.hinet.net): 99 times
212.152.35.78 (host35-78.ip.pdlsk.cifra1.ru): 89 times
217.32.246.90: 70 times
217.61.17.7 (host7-17-61-217.static.arubacloud.com): 57 times
221.150.22.201: 2 times
221.194.137.28: 1 time
Illegal users from:
undef: 953 times
1.193.160.164: 25 times
14.225.11.25 (static.vnpt.vn): 35 times
35.225.122.90 (90.122.225.35.bc.googleusercontent.com): 2 times
37.17.65.154: 37 times
43.243.128.213: 3 times
45.6.72.17 (45.6.72.17.leonetprovedor.com.br): 12 times
47.22.130.82 (ool-2f168252.static.optonline.net): 1 time
49.207.180.197 (broadband.actcorp.in): 18 times
51.38.238.87 (87.ip-51-38-238.eu): 23 times
51.255.192.217 (217.ip-51-255-192.eu): 43 times
59.10.5.156: 10 times
60.190.148.2: 21 times
61.183.35.44: 1 time
62.234.9.150: 48 times
64.79.101.52 (64.79.101.52.rdns.continuumdatacenters.com): 13 times
76.27.163.60 (c-76-27-163-60.hsd1.va.comcast.net): 1 time
78.195.178.119 (aup83-1-78-195-178-119.fbx.proxad.net): 2 times
92.63.194.26: 1 time
92.86.127.175 (adsl92-86-127-175.romtelecom.net): 5 times
94.23.198.73 (ks3097275.kimsufi.com): 9 times
95.31.97.102 (95-31-97-102.broadband.corbina.ru): 1 time
95.105.233.209 (95-105-233-209.static.orange.sk): 42 times
100.37.253.46 (static-100-37-253-46.nycmny.fios.verizon.net): 1 time
103.36.84.100: 47 times
103.52.52.22: 13 times
106.12.40.53: 1 time
106.12.133.247: 27 times
106.13.181.68: 29 times
110.77.247.180: 1 time
111.223.73.20: 4 times
112.186.77.98: 2 times
115.231.231.3: 26 times
117.0.35.153: 2 times
117.50.95.121: 14 times
118.25.27.102: 37 times
118.25.143.199: 37 times
118.122.196.104: 3 times
119.42.127.226: 1 time
119.196.83.10: 4 times
123.133.78.91: 1 time
125.213.128.213: 15 times
128.199.128.215: 7 times
129.211.1.224: 35 times
130.61.122.5: 1 time
132.232.40.86: 1 time
138.197.105.79: 1 time
149.129.252.83: 36 times
151.80.60.151 (151.ip-151-80-60.eu): 35 times
152.136.101.65: 18 times
159.65.149.131 (187449.cloudwaysapps.com): 1 time
165.227.69.39: 27 times
168.232.156.205: 41 times
172.105.122.22 (li2015-22.members.linode.com): 7 times
176.31.182.125 (solofarmaciveterinari.it): 41 times
176.107.131.128 (host128-131-107-176.static.arubacloud.pl): 21 times
177.42.73.75 (177.42.73.75.static.host.gvt.net.br): 17 times
177.50.208.206 (206.208.50.177.isp.timbrasil.com.br): 1 time
178.128.55.52: 6 times
182.61.136.53: 3 times
182.72.139.6 (nsg-static-006.139.72.182.airtel.in): 22 times
182.254.172.159: 37 times
183.95.84.34: 8 times
187.32.120.215 (187-032-120-215.static.ctbctelecom.com.br): 24 times
188.165.242.200 (ns3077451.ip-188-165-242.eu): 4 times
190.8.80.42 (static.190.8.80.42.gtdinternet.com): 30 times
192.99.57.32 (32.ip-192-99-57.net): 26 times
192.144.151.30: 9 times
193.32.163.182 (hosting-by.cloud-home.me): 3 times
193.201.224.232: 6 times
196.45.48.59 (ir.unilag.edu.ng): 27 times
203.110.215.219: 31 times
205.185.127.36: 16 times
206.189.91.97: 34 times
211.75.194.80 (211-75-194-80.HINET-IP.hinet.net): 2 times
212.152.35.78 (host35-78.ip.pdlsk.cifra1.ru): 8 times
216.14.66.150: 6 times
217.32.246.90: 20 times
217.61.17.7 (host7-17-61-217.static.arubacloud.com): 4 times
221.150.22.201: 21 times
222.120.192.122: 2 times
**Unmatched Entries**
fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 3 time(s)
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 3 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 241G 160G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
6 Jahre
- 1
- 0
Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sat Oct 12 04:42:08 2019
Date Range Processed: yesterday
( 2019-Oct-11 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [289:291]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 3 sites probed the server
172.104.242.173
176.58.124.134
61.219.11.153
Requests with error response codes
400 Bad Request
null: 4 Time(s)
/: 3 Time(s)
mstshash=Administr: 1 Time(s)
404 Not Found
/robots.txt: 26 Time(s)
/berlin/apple-touch-icon.png: 5 Time(s)
/user/register?destination=comment/reply/13%23comment-form: 2 Time(s)
/user/register?destination=comment/reply/15%23comment-form: 2 Time(s)
/user/register?destination=comment/reply/20%23comment-form: 2 Time(s)
/user/register?destination=comment/reply/24%23comment-form: 2 Time(s)
/user/register?destination=comment/reply/32%23comment-form: 2 Time(s)
/user/register?destination=comment/reply/33%23comment-form: 2 Time(s)
/user/register?destination=comment/reply/9%23comment-form: 2 Time(s)
/neuigkeiten/einladung-mgv-ws2011: 1 Time(s)
/sites/default/files/2004_WiSe_Hamburg.pdf: 1 Time(s)
/sites/default/files/2009_WiSe_M%C3%BCnchen.pdf: 1 Time(s)
/sites/default/files/2010-11-26%20vorgesch ... A4nderungen.pdf: 1 Time(s)
500 Internal Server Error
/: 116 Time(s)
/api/v1/pod: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (b2b-94-79-181-162.unitymedia.biz): 99 Time(s)
root (s0106bc9b68acafab.vc.shawcable.net): 96 Time(s)
root (222.127.86.135): 95 Time(s)
root (114.5.12.186): 91 Time(s)
root (1.71.129.49): 89 Time(s)
root (195-133-216-215.in-addr.mastertelecom.ru): 86 Time(s)
root (186.5.109.211): 83 Time(s)
root (180.179.120.70): 78 Time(s)
root (179.182.102.178): 75 Time(s)
root (47-40-20-138.dhcp.stls.mo.charter.com): 73 Time(s)
root (213.6.8.38): 71 Time(s)
root (23.94.46.192): 71 Time(s)
root (183.207.181.138): 69 Time(s)
root (106.13.189.240): 66 Time(s)
root (177.96.10.150): 61 Time(s)
root (59.10.5.156): 61 Time(s)
root (109.129.78.127): 58 Time(s)
root (182.61.27.149): 53 Time(s)
root (106.12.94.65): 52 Time(s)
root (106.75.7.70): 52 Time(s)
root (118.26.135.145): 51 Time(s)
root (ns323499.ip-94-23-41.eu): 51 Time(s)
root (104.248.187.179): 49 Time(s)
root (103.207.11.10): 48 Time(s)
unknown (104.211.216.173): 47 Time(s)
root (181.49.254.230): 46 Time(s)
root (197.248.16.118): 46 Time(s)
unknown (58.254.132.156): 46 Time(s)
root (51.15.159.7): 45 Time(s)
root (77.238.120.100): 45 Time(s)
unknown (58.56.32.238): 44 Time(s)
root (49.235.226.43): 42 Time(s)
root (203.230.6.175): 41 Time(s)
root (58.254.132.156): 40 Time(s)
root (101.68.70.14): 39 Time(s)
root (36.36.200.181): 39 Time(s)
root (52.187.17.107): 39 Time(s)
unknown (46.101.77.5): 39 Time(s)
unknown (147.red-83-48-89.staticip.rima-tde.net): 36 Time(s)
root (27.254.90.106): 35 Time(s)
unknown (212.30.52.243): 35 Time(s)
unknown (36.36.200.181): 35 Time(s)
unknown (103.207.11.10): 34 Time(s)
unknown (103.8.78.94): 34 Time(s)
unknown (182.61.27.149): 34 Time(s)
unknown (4.16.43.2): 34 Time(s)
unknown (77.238.120.100): 34 Time(s)
unknown (85.132.100.24): 34 Time(s)
root (221.150.22.201): 33 Time(s)
unknown (104.248.187.179): 33 Time(s)
unknown (106.12.94.65): 32 Time(s)
root (4.16.43.2): 31 Time(s)
unknown (197.248.16.118): 31 Time(s)
unknown (ns323499.ip-94-23-41.eu): 31 Time(s)
root (103.52.52.22): 30 Time(s)
root (147.red-83-48-89.staticip.rima-tde.net): 30 Time(s)
unknown (106.75.7.70): 30 Time(s)
unknown (121.15.7.26): 30 Time(s)
unknown (213.6.8.38): 30 Time(s)
root (58.56.32.238): 29 Time(s)
unknown (109.129.78.127): 28 Time(s)
unknown (177.96.10.150): 28 Time(s)
root (122.224.232.243): 27 Time(s)
root (67.55.92.90): 27 Time(s)
root (46.101.77.5): 26 Time(s)
unknown (49.235.226.43): 26 Time(s)
unknown (122.224.232.243): 25 Time(s)
root (104.211.216.173): 24 Time(s)
root (221.226.48.78): 24 Time(s)
root (212.30.52.243): 23 Time(s)
root (85.132.100.24): 23 Time(s)
unknown (106.13.189.240): 23 Time(s)
unknown (180.179.120.70): 23 Time(s)
unknown (103.52.52.22): 22 Time(s)
unknown (179.182.102.178): 21 Time(s)
unknown (221.150.22.201): 20 Time(s)
unknown (101.68.70.14): 19 Time(s)
unknown (23.94.46.192): 19 Time(s)
unknown (58.47.177.160): 19 Time(s)
root (112.85.42.171): 18 Time(s)
unknown (47-40-20-138.dhcp.stls.mo.charter.com): 18 Time(s)
root (194.ip-5-196-29.eu): 17 Time(s)
unknown (194.ip-5-196-29.eu): 17 Time(s)
root (58.47.177.160): 16 Time(s)
unknown (106.13.8.112): 16 Time(s)
unknown (27.254.90.106): 16 Time(s)
unknown (51.15.159.7): 16 Time(s)
unknown (23.94.133.77): 15 Time(s)
root (107.172.30.143): 14 Time(s)
root (103.8.78.94): 13 Time(s)
unknown (186.5.109.211): 12 Time(s)
unknown (36.108.170.241): 12 Time(s)
root (58.87.92.153): 11 Time(s)
unknown (195-133-216-215.in-addr.mastertelecom.ru): 11 Time(s)
root (64.79.101.52): 9 Time(s)
unknown (114.5.12.186): 9 Time(s)
unknown (181.110.240.194): 9 Time(s)
root (121.15.7.26): 8 Time(s)
unknown (58.87.92.153): 8 Time(s)
root (92.86.127.175): 7 Time(s)
unknown (36.110.78.62): 7 Time(s)
root (183.109.170.68): 6 Time(s)
root (49.88.112.54): 6 Time(s)
unknown (183.207.181.138): 6 Time(s)
root (148.70.60.190): 5 Time(s)
root (151.ip-164-132-225.eu): 4 Time(s)
root (81.30.212.14.static.ufanet.ru): 4 Time(s)
unknown (210.120.63.89): 4 Time(s)
unknown (218.150.220.230): 4 Time(s)
unknown (220.92.16.66): 4 Time(s)
unknown (52.187.17.107): 4 Time(s)
root (36.108.170.241): 3 Time(s)
unknown (106.12.127.183): 3 Time(s)
unknown (193.32.163.182): 3 Time(s)
unknown (rrcs-108-176-0-2.nyc.biz.rr.com): 3 Time(s)
unknown (s0106bc9b68acafab.vc.shawcable.net): 3 Time(s)
root (106.12.127.183): 2 Time(s)
root (181.110.240.194): 2 Time(s)
root (218.88.164.159): 2 Time(s)
root (218.92.0.145): 2 Time(s)
unknown (107.172.30.143): 2 Time(s)
unknown (118.141.215.184): 2 Time(s)
unknown (118.26.135.145): 2 Time(s)
unknown (194-118-3-160.hdsl.highway.telekom.at): 2 Time(s)
unknown (218.88.164.159): 2 Time(s)
unknown (221.226.48.78): 2 Time(s)
unknown (b2b-94-79-181-162.unitymedia.biz): 2 Time(s)
unknown (c-73-241-43-46.hsd1.ca.comcast.net): 2 Time(s)
unknown (ool-2f168746.static.optonline.net): 2 Time(s)
mysql (222.87.147.62): 1 Time(s)
root (187.60.32.153): 1 Time(s)
root (23.94.133.77): 1 Time(s)
root (36.110.78.62): 1 Time(s)
root (45.67.14.179): 1 Time(s)
root (ool-8e366592.static.optonline.net): 1 Time(s)
unknown (104.131.113.106): 1 Time(s)
unknown (118-163-178-146.hinet-ip.hinet.net): 1 Time(s)
unknown (118.173.121.37): 1 Time(s)
unknown (196.203.31.154): 1 Time(s)
unknown (203186158178.ctinets.com): 1 Time(s)
unknown (221.160.100.14): 1 Time(s)
unknown (42.116.255.216): 1 Time(s)
unknown (90-224-203-221-no2755.tbcn.telia.com): 1 Time(s)
unknown (92.63.194.26): 1 Time(s)
unknown (drmons0544w-156-57-165-26.dhcp-dynamic.fibreop.ns.bellaliant.net): 1 Time(s)
unknown (ool-addccea2.static.optonline.net): 1 Time(s)
Invalid Users:
Unknown Account: 1205 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
580 Miscellaneous warnings
19.573K Bytes accepted 20,043
19.573K Bytes sent via SMTP 20,043
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
2 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
2 Total 4xx Rejects 100.00%
======== ==================================================
644 Connections
631 Connections lost (inbound)
644 Disconnections
1 Removed from queue
1 Sent via SMTP
2 Timeouts (inbound)
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 5 Time(s)
Failed logins from:
1.71.129.49: 89 times
4.16.43.2: 31 times
5.196.29.194 (194.ip-5-196-29.eu): 17 times
23.94.46.192 (23-94-46-192-host.colocrossing.com): 71 times
23.94.133.77 (23-94-133-77-host.colocrossing.com): 1 time
27.254.90.106: 35 times
36.36.200.181: 39 times
36.108.170.241: 3 times
36.110.78.62 (62.78.110.36.static.bjtelecom.net): 1 time
45.67.14.179: 1 time
46.101.77.5 (barclays.chatbot.capco.io): 26 times
47.40.20.138 (47-40-20-138.dhcp.stls.mo.charter.com): 73 times
49.88.112.54: 6 times
49.235.226.43: 42 times
50.64.152.76 (S0106bc9b68acafab.vc.shawcable.net): 96 times
51.15.159.7 (51-15-159-7.rev.poneytelecom.eu): 45 times
52.187.17.107: 39 times
58.47.177.160: 16 times
58.56.32.238: 29 times
58.87.92.153: 11 times
58.254.132.156: 40 times
59.10.5.156: 61 times
64.79.101.52 (64.79.101.52.rdns.continuumdatacenters.com): 9 times
67.55.92.90: 27 times
77.238.120.100: 45 times
81.30.212.14 (81.30.212.14.static.ufanet.ru): 4 times
83.48.89.147 (147.red-83-48-89.staticip.rima-tde.net): 30 times
85.132.100.24: 23 times
92.86.127.175 (adsl92-86-127-175.romtelecom.net): 7 times
94.23.41.222 (ns323499.ip-94-23-41.eu): 51 times
94.79.181.162 (b2b-94-79-181-162.unitymedia.biz): 99 times
101.68.70.14: 39 times
103.8.78.94: 13 times
103.52.52.22: 30 times
103.207.11.10: 48 times
104.211.216.173: 24 times
104.248.187.179: 49 times
106.12.94.65: 52 times
106.12.127.183: 2 times
106.13.189.240: 66 times
106.75.7.70: 52 times
107.172.30.143 (107-172-30-143-host.colocrossing.com): 14 times
109.129.78.127: 58 times
112.85.42.171: 18 times
114.5.12.186 (114-5-12-186.resources.indosat.com): 91 times
118.26.135.145: 51 times
121.15.7.26: 8 times
122.224.232.243: 27 times
142.54.101.146 (ool-8e366592.static.optonline.net): 1 time
148.70.60.190: 5 times
164.132.225.151 (151.ip-164-132-225.eu): 4 times
177.96.10.150 (177.96.10.150.dynamic.adsl.gvt.net.br): 61 times
179.182.102.178 (179.182.102.178.dynamic.adsl.gvt.net.br): 75 times
180.179.120.70: 78 times
181.49.254.230: 46 times
181.110.240.194 (host194.181-110-240.telecom.net.ar): 2 times
182.61.27.149: 53 times
183.109.170.68: 6 times
183.207.181.138 (138.181.207.183.static.js.chinamobile.com): 69 times
186.5.109.211: 83 times
187.60.32.153: 1 time
195.133.216.215 (195-133-216-215.in-addr.mastertelecom.ru): 86 times
197.248.16.118 (197-248-16-118.safaricombusiness.co.ke): 46 times
203.230.6.175: 41 times
212.30.52.243: 23 times
213.6.8.38: 71 times
218.88.164.159 (159.164.88.218.broad.cd.sc.dynamic.163data.com.cn): 2 times
218.92.0.145: 7 times
221.150.22.201: 33 times
221.226.48.78: 24 times
222.87.147.62: 1 time
222.127.86.135: 95 times
Illegal users from:
undef: 956 times
4.16.43.2: 34 times
5.196.29.194 (194.ip-5-196-29.eu): 17 times
23.94.46.192 (23-94-46-192-host.colocrossing.com): 19 times
23.94.133.77 (23-94-133-77-host.colocrossing.com): 15 times
27.254.90.106: 16 times
36.36.200.181: 35 times
36.108.170.241: 12 times
36.110.78.62 (62.78.110.36.static.bjtelecom.net): 7 times
42.116.255.216: 1 time
46.101.77.5 (barclays.chatbot.capco.io): 39 times
47.22.135.70 (ool-2f168746.static.optonline.net): 2 times
47.40.20.138 (47-40-20-138.dhcp.stls.mo.charter.com): 18 times
49.235.226.43: 26 times
50.64.152.76 (S0106bc9b68acafab.vc.shawcable.net): 3 times
51.15.159.7 (51-15-159-7.rev.poneytelecom.eu): 16 times
52.187.17.107: 4 times
58.47.177.160: 19 times
58.56.32.238: 44 times
58.87.92.153: 8 times
58.254.132.156: 46 times
73.241.43.46 (c-73-241-43-46.hsd1.ca.comcast.net): 2 times
77.238.120.100: 34 times
83.48.89.147 (147.red-83-48-89.staticip.rima-tde.net): 36 times
85.132.100.24: 34 times
90.224.203.221 (90-224-203-221-no2755.tbcn.telia.com): 1 time
92.63.194.26: 1 time
94.23.41.222 (ns323499.ip-94-23-41.eu): 31 times
94.79.181.162 (b2b-94-79-181-162.unitymedia.biz): 2 times
101.68.70.14: 19 times
103.8.78.94: 34 times
103.52.52.22: 22 times
103.207.11.10: 34 times
104.131.113.106: 1 time
104.211.216.173: 47 times
104.248.187.179: 33 times
106.12.94.65: 32 times
106.12.127.183: 3 times
106.13.8.112: 16 times
106.13.189.240: 23 times
106.75.7.70: 30 times
107.172.30.143 (107-172-30-143-host.colocrossing.com): 2 times
108.176.0.2 (rrcs-108-176-0-2.nyc.biz.rr.com): 3 times
109.129.78.127: 28 times
114.5.12.186 (114-5-12-186.resources.indosat.com): 9 times
118.26.135.145: 2 times
118.141.215.184 (sr-184-215-141-118-on-nets.com): 2 times
118.163.178.146 (118-163-178-146.HINET-IP.hinet.net): 1 time
118.173.121.37 (node-nxh.pool-118-173.dynamic.totinternet.net): 1 time
121.15.7.26: 30 times
122.224.232.243: 25 times
139.162.122.110 (scan-8.security.ipip.net): 1 time
156.57.165.26 (drmons0544w-156-57-165-26.dhcp-dynamic.fibreop.ns.bellaliant.net): 1 time
173.220.206.162 (ool-addccea2.static.optonline.net): 1 time
177.96.10.150 (177.96.10.150.dynamic.adsl.gvt.net.br): 28 times
179.182.102.178 (179.182.102.178.dynamic.adsl.gvt.net.br): 21 times
180.179.120.70: 23 times
181.110.240.194 (host194.181-110-240.telecom.net.ar): 9 times
182.61.27.149: 34 times
183.207.181.138 (138.181.207.183.static.js.chinamobile.com): 6 times
186.5.109.211: 12 times
193.32.163.182 (hosting-by.cloud-home.me): 3 times
194.118.3.160 (194-118-3-160.hdsl.highway.telekom.at): 2 times
195.133.216.215 (195-133-216-215.in-addr.mastertelecom.ru): 11 times
196.203.31.154: 1 time
197.248.16.118 (197-248-16-118.safaricombusiness.co.ke): 31 times
203.186.158.178 (203186158178.ctinets.com): 1 time
210.120.63.89: 4 times
212.30.52.243: 35 times
213.6.8.38: 30 times
218.88.164.159 (159.164.88.218.broad.cd.sc.dynamic.163data.com.cn): 2 times
218.150.220.230: 4 times
220.92.16.66: 4 times
221.150.22.201: 20 times
221.160.100.14: 1 time
221.226.48.78: 2 times
**Unmatched Entries**
Disconnecting: Packet corrupt [preauth] : 1 time(s)
fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 7 time(s)
Bad packet length 521343747. [preauth] : 1 time(s)
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 2 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 241G 160G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
6 Jahre
- 1
- 0
[MediaWiki-announce] MediaWiki Extensions Security Release Supplement
by Scott Bassett
Greetings-
With the security/maintenance release of MediaWiki 1.31.4 / 1.32.4 / 1.33.1
[0], we would also like to provide this supplementary announcement of
wmf-deployed extensions [1] with now-public security patches and backports
[2]:
== MobileFrontend ==
* (T229541, CVE-2019-14807) - Javascript injection in edit summary on
mobile site.
<https://gerrit.wikimedia.org/r/q/I0cb918f8148d1782882e104d127f08cbfa23e542>
* (T230576, CVE-2019-15124) - XSS in edit summary for ex:MobileFrontend
Special:Watchlist
<https://gerrit.wikimedia.org/r/q/If4e91093c676de3391e6dde415c8c91c1f582998>
== CheckUser ==
* (T207094 [task to remain private], CVE-2019-16529) - Oversighted edit
summaries still visible in CheckUser results
<https://gerrit.wikimedia.org/r/q/I3d28bd9f14c1237a34afcd2e4479152f571e29a6>
== AbuseFilter ==
* (T224203 [task to remain private], CVE-2019-16528) - Oversighting the
user who performed an edit doesn't hide it from the abuse filter log
<https://gerrit.wikimedia.org/r/q/If3d3256404d0f3dbde171831937d1a816b3e2734>
The Wikimedia Security Team recommends updating these extensions to the
current master branch or supported release branches [3] as soon as
possible. As you may have noticed, some of the referenced Phabricator tasks
above are still private. Unfortunately, when security issues are reported,
sometimes sensitive information is exposed and since Phabricator is
historical, we cannot make these tasks public without exposing this
sensitive information. If you have any additional questions or concerns,
please feel free to contact security(a)wikimedia.org or file a security task
within Phabricator.
[0]
https://lists.wikimedia.org/pipermail/wikitech-l/2019-October/092656.html
[1] https://w.wiki/9hi
[2] https://phabricator.wikimedia.org/T232113
[3] https://www.mediawiki.org/wiki/Version_lifecycle
--
Scott Bassett
sbassett(a)wikimedia.org
_______________________________________________
MediaWiki announcements mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce
6 Jahre
- 1
- 0
Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Fri Oct 11 04:42:07 2019
Date Range Processed: yesterday
( 2019-Oct-10 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [300:300]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 5 sites probed the server
167.99.187.122
172.104.242.173
183.129.160.229
5.188.210.101
80.82.77.139
Requests with error response codes
400 Bad Request
null: 11 Time(s)
mstshash=Administr: 8 Time(s)
/: 1 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 1 Time(s)
404 Not Found
/robots.txt: 35 Time(s)
/berlin/apple-touch-icon.png: 8 Time(s)
/sites/default/files/1995_SoSe_Hannover.pdf: 1 Time(s)
/wp-login.php: 1 Time(s)
/zapf/geschaeftsordnung: 1 Time(s)
500 Internal Server Error
/: 14 Time(s)
/.well-known/security.txt: 1 Time(s)
/favicon.ico: 1 Time(s)
/robots.txt: 1 Time(s)
/sitemap.xml: 1 Time(s)
/srcheck/10/10/2019-004228/81.169.150.252/_/: 1 Time(s)
/srcheck/10/10/2019-081434/81.169.150.252/_/: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (106.13.189.240): 100 Time(s)
root (118.25.64.218): 100 Time(s)
root (103.1.153.103): 98 Time(s)
root (219.129.32.1): 98 Time(s)
root (165.227.16.222): 97 Time(s)
root (106.12.93.12): 90 Time(s)
root (14.116.253.142): 87 Time(s)
root (67.55.92.88): 86 Time(s)
root (118.69.32.167): 82 Time(s)
root (13.76.212.16): 80 Time(s)
root (118.25.99.101): 77 Time(s)
root (36.108.170.241): 77 Time(s)
unknown (151.84.222.52): 74 Time(s)
root (107.172.30.143): 73 Time(s)
root (118.24.5.135): 73 Time(s)
root (67.55.92.90): 73 Time(s)
unknown (119.235.24.244): 66 Time(s)
root (103.28.57.86): 65 Time(s)
root (95.85.60.251): 65 Time(s)
root (106.13.140.138): 63 Time(s)
root (58.87.92.153): 63 Time(s)
unknown (115.238.236.74): 63 Time(s)
root (111.230.248.125): 62 Time(s)
root (103.48.232.123): 61 Time(s)
unknown (29.0.237.35.bc.googleusercontent.com): 61 Time(s)
root (134.175.29.208): 60 Time(s)
root (168.232.163.250): 59 Time(s)
root (203.230.6.175): 59 Time(s)
root (94.191.41.77): 59 Time(s)
root (111.ip-144-217-242.net): 56 Time(s)
root (181.49.254.230): 54 Time(s)
root (80.85.70.20): 53 Time(s)
unknown (180.76.176.174): 53 Time(s)
root (27.254.90.106): 50 Time(s)
root (175.ip-92-222-77.eu): 49 Time(s)
unknown (200.107.236.169): 47 Time(s)
root (58.47.177.160): 45 Time(s)
root (211.94.143.34): 43 Time(s)
unknown (91.211.246.250): 42 Time(s)
root (23.94.133.77): 40 Time(s)
unknown (185.111.218.131): 40 Time(s)
unknown (202.230.143.53): 40 Time(s)
unknown (80.211.16.26): 39 Time(s)
unknown (103.48.232.123): 38 Time(s)
root (27.254.130.69): 37 Time(s)
root (185.111.218.131): 36 Time(s)
unknown (210.120.63.89): 36 Time(s)
root (180.76.176.174): 35 Time(s)
root (ns3055979.ip-193-70-8.eu): 35 Time(s)
unknown (211.94.143.34): 35 Time(s)
unknown (45.55.224.209): 35 Time(s)
root (91.211.246.250): 34 Time(s)
root (182.73.123.118): 32 Time(s)
unknown (114.67.98.243): 31 Time(s)
unknown (106.13.8.112): 30 Time(s)
unknown (134.175.29.208): 30 Time(s)
unknown (111.ip-144-217-242.net): 28 Time(s)
unknown (186.153.138.2): 28 Time(s)
unknown (94.191.41.77): 28 Time(s)
unknown (175.ip-92-222-77.eu): 27 Time(s)
unknown (111.43.70.254): 26 Time(s)
root (186.153.138.2): 25 Time(s)
root (200.107.236.169): 25 Time(s)
unknown (106.12.74.238): 25 Time(s)
unknown (95.85.60.251): 25 Time(s)
root (106.13.8.112): 24 Time(s)
unknown (111.230.248.125): 24 Time(s)
unknown (80.85.70.20): 24 Time(s)
unknown (103.28.57.86): 23 Time(s)
unknown (27.254.130.69): 23 Time(s)
root (114.67.98.243): 22 Time(s)
unknown (106.13.140.138): 22 Time(s)
unknown (118.25.99.101): 22 Time(s)
root (57-160-94-138.turbonetburitis.com.br): 21 Time(s)
unknown (23.94.133.77): 21 Time(s)
unknown (13.76.212.16): 20 Time(s)
root (45.55.224.209): 19 Time(s)
unknown (110.249.254.66): 18 Time(s)
unknown (ns3055979.ip-193-70-8.eu): 18 Time(s)
root (49.235.226.43): 17 Time(s)
root (85.132.100.24): 17 Time(s)
root (101.68.70.14): 16 Time(s)
unknown (173.239.37.159): 16 Time(s)
root (111.43.70.254): 13 Time(s)
root (112.85.42.177): 12 Time(s)
unknown (182.73.123.118): 12 Time(s)
unknown (118.24.5.135): 11 Time(s)
unknown (67.55.92.88): 11 Time(s)
root (151.84.222.52): 10 Time(s)
unknown (118.24.121.240): 10 Time(s)
unknown (58.87.92.153): 10 Time(s)
root (1.71.129.49): 9 Time(s)
unknown (107.172.30.143): 9 Time(s)
unknown (182.61.175.71): 9 Time(s)
unknown (14.116.253.142): 8 Time(s)
unknown (200.107.236.161): 8 Time(s)
unknown (57-160-94-138.turbonetburitis.com.br): 8 Time(s)
root (106.12.80.204): 7 Time(s)
root (112.85.42.171): 6 Time(s)
root (112.85.42.178): 6 Time(s)
root (200.107.236.161): 6 Time(s)
root (27.210.143.2): 6 Time(s)
root (64.85.228.52): 6 Time(s)
root (broadband-188-32-207-197.ip.moscow.rt.ru): 6 Time(s)
root (c-73-71-231-134.hsd1.ca.comcast.net): 6 Time(s)
root (host-cotesma-163-170.smandes.com.ar): 6 Time(s)
unknown (106.12.93.12): 6 Time(s)
unknown (122.176.120.160): 6 Time(s)
unknown (58.47.177.160): 6 Time(s)
unknown (59.108.143.83): 6 Time(s)
unknown (85.132.100.24): 6 Time(s)
root (115.238.236.74): 5 Time(s)
root (182.61.175.71): 5 Time(s)
root (202.230.143.53): 5 Time(s)
unknown (88.190.16.176): 5 Time(s)
unknown (static.5.170.194.213.ibercom.com): 5 Time(s)
root (119.235.24.244): 4 Time(s)
root (197.248.16.118): 4 Time(s)
root (210.120.63.89): 4 Time(s)
unknown (193.32.163.182): 4 Time(s)
root (222.127.86.135): 3 Time(s)
unknown (112.186.77.98): 3 Time(s)
unknown (165.227.16.222): 3 Time(s)
unknown (183.103.35.198): 3 Time(s)
unknown (58.250.79.7): 3 Time(s)
unknown (mail.gempaya.com): 3 Time(s)
root (29.0.237.35.bc.googleusercontent.com): 2 Time(s)
root (80.211.16.26): 2 Time(s)
unknown (218.150.220.234): 2 Time(s)
unknown (220.92.16.102): 2 Time(s)
unknown (221.162.255.66): 2 Time(s)
unknown (47.196.166.25): 2 Time(s)
unknown (92.63.194.26): 2 Time(s)
unknown (aqk190.neoplus.adsl.tpnet.pl): 2 Time(s)
unknown (rrcs-108-176-0-2.nyc.biz.rr.com): 2 Time(s)
bin (salonatcom.com): 1 Time(s)
daemon (110.249.254.66): 1 Time(s)
daemon (salonatcom.com): 1 Time(s)
games (dsl-208-102-113-11.fuse.net): 1 Time(s)
gnats (callisto.ucc.ie): 1 Time(s)
mysql (58.250.79.7): 1 Time(s)
postgres (151.84.222.52): 1 Time(s)
root (117.139.166.203): 1 Time(s)
root (117.232.127.50): 1 Time(s)
root (118.187.31.11): 1 Time(s)
root (123.114.108.108): 1 Time(s)
root (124.243.198.190): 1 Time(s)
root (196.32.194.90): 1 Time(s)
root (206.189.136.160): 1 Time(s)
root (218.150.220.234): 1 Time(s)
root (220.92.16.102): 1 Time(s)
root (ip-132-148-129-180.ip.secureserver.net): 1 Time(s)
root (mvx-187-111-23-14.mundivox.com): 1 Time(s)
root (ns3045583.ip-46-105-122.eu): 1 Time(s)
root (ns388423.ip-176-31-253.eu): 1 Time(s)
temp (2.152.192.52.dyn.user.ono.com): 1 Time(s)
temp (rrcs-108-176-0-2.nyc.biz.rr.com): 1 Time(s)
unknown (104.248.115.231): 1 Time(s)
unknown (112.169.255.1): 1 Time(s)
unknown (118.69.32.167): 1 Time(s)
unknown (122.154.134.38): 1 Time(s)
unknown (123.214.186.186): 1 Time(s)
unknown (130.ip-142-4-203.net): 1 Time(s)
unknown (156.199.249.27): 1 Time(s)
unknown (190.216.92.10): 1 Time(s)
unknown (202.88.241.107): 1 Time(s)
unknown (206.189.166.172): 1 Time(s)
unknown (207.154.232.160): 1 Time(s)
unknown (213.135.230.147): 1 Time(s)
unknown (221.176.177.194): 1 Time(s)
unknown (36.99.41.137): 1 Time(s)
unknown (37.139.21.75): 1 Time(s)
unknown (39.118.158.229): 1 Time(s)
unknown (41.216.174.102): 1 Time(s)
unknown (43.242.125.185): 1 Time(s)
unknown (crushdigital.co.uk): 1 Time(s)
unknown (ip94.ip-178-32-10.eu): 1 Time(s)
unknown (ool-addccea2.static.optonline.net): 1 Time(s)
unknown (server.herojus.lt): 1 Time(s)
unknown (v133-130-107-88.a036.g.tyo1.static.cnode.io): 1 Time(s)
unknown (wetech.digital): 1 Time(s)
Invalid Users:
Unknown Account: 1375 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
9 Miscellaneous warnings
19.247K Bytes accepted 19,709
19.247K Bytes sent via SMTP 19,709
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
73 Connections
64 Connections lost (inbound)
73 Disconnections
1 Removed from queue
1 Sent via SMTP
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 1 Time(s)
root : 9 Time(s)
Failed logins from:
1.71.129.49: 9 times
2.152.192.52 (2.152.192.52.dyn.user.ono.com): 1 time
13.76.212.16: 80 times
14.116.253.142: 87 times
23.94.133.77 (23-94-133-77-host.colocrossing.com): 40 times
27.210.143.2: 6 times
27.254.90.106: 50 times
27.254.130.69: 37 times
35.237.0.29 (29.0.237.35.bc.googleusercontent.com): 2 times
36.108.170.241: 77 times
45.55.224.209: 19 times
46.105.122.62 (ns3045583.ip-46-105-122.eu): 1 time
49.235.226.43: 17 times
58.47.177.160: 45 times
58.87.92.153: 63 times
58.250.79.7: 1 time
64.85.228.52: 6 times
67.55.92.88: 86 times
67.55.92.90: 73 times
73.71.231.134 (c-73-71-231-134.hsd1.ca.comcast.net): 6 times
80.85.70.20 (fairplay.playbest.de): 53 times
80.211.16.26 (host26-16-211-80.serverdedicati.aruba.it): 2 times
85.132.100.24: 17 times
91.211.246.250: 34 times
92.222.77.175 (175.ip-92-222-77.eu): 49 times
94.191.41.77: 59 times
95.85.60.251: 65 times
101.68.70.14: 16 times
103.1.153.103: 98 times
103.28.57.86: 65 times
103.48.232.123: 61 times
106.12.80.204: 7 times
106.12.93.12: 90 times
106.13.8.112: 24 times
106.13.140.138: 63 times
106.13.189.240: 100 times
107.172.30.143 (107-172-30-143-host.colocrossing.com): 73 times
108.176.0.2 (rrcs-108-176-0-2.nyc.biz.rr.com): 1 time
110.249.254.66: 1 time
111.43.70.254: 13 times
111.230.248.125: 62 times
112.85.42.171: 6 times
112.85.42.177: 12 times
112.85.42.178: 6 times
114.67.98.243: 22 times
115.238.236.74: 5 times
117.139.166.203: 1 time
117.232.127.50: 1 time
118.24.5.135: 73 times
118.25.64.218: 100 times
118.25.99.101: 77 times
118.69.32.167: 82 times
118.187.31.11: 1 time
119.235.24.244: 4 times
123.114.108.108: 1 time
124.243.198.190: 1 time
132.148.129.180 (ip-132-148-129-180.ip.secureserver.net): 1 time
134.175.29.208: 60 times
138.94.160.57 (57-160-94-138.turbonetburitis.com.br): 21 times
139.59.151.149 (salonatcom.com): 2 times
143.239.130.113 (callisto.ucc.ie): 1 time
144.217.242.111 (111.ip-144-217-242.net): 56 times
151.84.222.52: 11 times
165.227.16.222: 97 times
168.232.163.250: 59 times
176.31.253.204 (ns388423.ip-176-31-253.eu): 1 time
180.76.176.174: 35 times
181.49.254.230: 54 times
182.61.175.71: 5 times
182.73.123.118: 32 times
185.111.218.131: 36 times
186.153.138.2 (host2.186-153-138.telecom.net.ar): 25 times
187.111.23.14 (mvx-187-111-23-14.mundivox.com): 1 time
188.32.207.197 (broadband-188-32-207-197.ip.moscow.rt.ru): 6 times
193.70.8.163 (ns3055979.ip-193-70-8.eu): 35 times
196.32.194.90: 1 time
197.248.16.118 (197-248-16-118.safaricombusiness.co.ke): 4 times
200.107.236.161 (rango236publica161.reytelhn.net): 6 times
200.107.236.169 (rango236publica169.reytelhn.net): 25 times
201.220.163.170 (host-cotesma-163-170.smandes.com.ar): 6 times
202.230.143.53: 5 times
203.230.6.175: 59 times
206.189.136.160: 1 time
208.102.113.11 (dsl-208-102-113-11.fuse.net): 1 time
210.120.63.89: 4 times
211.94.143.34: 43 times
218.150.220.234: 1 time
219.129.32.1: 98 times
220.92.16.102: 1 time
222.127.86.135: 3 times
Illegal users from:
undef: 1083 times
13.76.212.16: 20 times
14.116.253.142: 8 times
23.94.133.77 (23-94-133-77-host.colocrossing.com): 21 times
27.254.130.69: 23 times
35.237.0.29 (29.0.237.35.bc.googleusercontent.com): 61 times
36.99.41.137: 1 time
37.139.21.75: 1 time
39.118.158.229: 5 times
41.216.174.102: 1 time
43.242.125.185 (static-43-242-125-185.ctrls.in): 1 time
45.55.224.209: 35 times
46.101.27.6 (wetech.digital): 1 time
46.101.88.10 (crushdigital.co.uk): 1 time
46.101.163.220 (server.herojus.lt): 1 time
47.196.166.25: 2 times
58.47.177.160: 6 times
58.87.92.153: 10 times
58.250.79.7: 3 times
59.108.143.83: 6 times
67.55.92.88: 11 times
80.85.70.20 (fairplay.playbest.de): 24 times
80.211.16.26 (host26-16-211-80.serverdedicati.aruba.it): 39 times
83.26.170.190 (aqk190.neoplus.adsl.tpnet.pl): 2 times
85.132.100.24: 6 times
88.190.16.176 (mil75-8-88-190-16-176.fbxo.proxad.net): 5 times
91.211.246.250: 42 times
92.63.194.26: 2 times
92.222.77.175 (175.ip-92-222-77.eu): 27 times
94.191.41.77: 28 times
95.85.60.251: 25 times
103.28.57.86: 23 times
103.48.232.123: 38 times
104.248.115.231: 1 time
106.12.74.238: 25 times
106.12.93.12: 6 times
106.13.8.112: 30 times
106.13.140.138: 22 times
107.172.30.143 (107-172-30-143-host.colocrossing.com): 9 times
108.176.0.2 (rrcs-108-176-0-2.nyc.biz.rr.com): 2 times
110.249.254.66: 18 times
111.43.70.254: 26 times
111.230.248.125: 24 times
112.169.255.1: 1 time
112.186.77.98: 3 times
114.67.98.243: 31 times
115.238.236.74: 63 times
118.24.5.135: 11 times
118.24.121.240: 10 times
118.25.99.101: 22 times
118.69.32.167: 1 time
119.235.24.244: 66 times
122.154.134.38: 1 time
122.176.120.160 (abts-north-static-160.120.176.122.airtelbroadband.in): 6 times
123.214.186.186: 1 time
133.130.107.88 (v133-130-107-88.a036.g.tyo1.static.cnode.io): 1 time
134.175.29.208: 30 times
137.74.131.224 (mail.gempaya.com): 3 times
138.94.160.57 (57-160-94-138.turbonetburitis.com.br): 8 times
139.162.122.110 (scan-8.security.ipip.net): 1 time
142.4.203.130 (130.ip-142-4-203.net): 1 time
144.217.242.111 (111.ip-144-217-242.net): 28 times
151.84.222.52: 74 times
156.199.249.27 (host-156.199.27.249-static.tedata.net): 1 time
165.227.16.222: 3 times
173.220.206.162 (ool-addccea2.static.optonline.net): 1 time
173.239.37.159: 16 times
178.32.10.94 (ip94.ip-178-32-10.eu): 1 time
180.76.176.174: 53 times
182.61.175.71: 9 times
182.73.123.118: 12 times
183.103.35.198: 3 times
185.111.218.131: 40 times
186.153.138.2 (host2.186-153-138.telecom.net.ar): 28 times
190.216.92.10: 1 time
193.32.163.182 (hosting-by.cloud-home.me): 4 times
193.70.8.163 (ns3055979.ip-193-70-8.eu): 18 times
200.107.236.161 (rango236publica161.reytelhn.net): 8 times
200.107.236.169 (rango236publica169.reytelhn.net): 47 times
202.88.241.107 (107.241.88.202.asianet.co.in): 1 time
202.230.143.53: 40 times
206.189.166.172: 1 time
207.154.232.160: 1 time
210.120.63.89: 36 times
211.94.143.34: 35 times
213.135.230.147 (ip-213-135-230-147.static.luxdsl.pt.lu): 1 time
213.194.170.5 (static.5.170.194.213.ibercom.com): 5 times
218.150.220.234: 2 times
220.92.16.102: 2 times
221.162.255.66: 2 times
221.176.177.194: 1 time
**Unmatched Entries**
fatal: Unable to negotiate a key exchange method [preauth] : 1 time(s)
Bad packet length 2715869341. [preauth] : 1 time(s)
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 3 time(s)
fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 6 time(s)
Disconnecting: Packet corrupt [preauth] : 1 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 241G 160G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
6 Jahre
- 1
- 0
DOMAIN zapf.wiki RENEWAL SUCCESSFUL
by no-reply@inwx.de
DOMAIN: zapf.wiki
PERIOD: 1
PERIODTIMEUNIT: Y
-----------------------------------------------------------------------------------
DOMAIN RENEWAL SUCCESSFUL
-----------------------------------------------------------------------------------
6 Jahre
- 1
- 0
Your account is being used by another person!
by topf@zapf.in
Hello!
I have very bad news for you.
17/07/2019 - on this day I hacked your OS and got full access to your account topf(a)zapf.in.
You can check it - I sent this message from your account.
So, you can change the password, yes.. But my malware intercepts it every time.
How I made it:
In the software of the router, through which you went online, was a vulnerability.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.
After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).
A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
I'm talk you about sites for adults.
I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!
And I got an idea....
I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
Turned out amazing! You are so spectacular!
I'm know that you would not like to show these screenshots to your friends, relatives or colleagues.
I think $960 is a very, very small amount for my silence.
Besides, I have been spying on you for so long, having spent a lot of time!
Pay ONLY in Bitcoins!
My BTC wallet: 15yF8WkUg8PRjJehYW4tGdqcyzc4z7dScM
You do not know how to use bitcoins?
Enter a query in any search engine: "how to replenish btc wallet".
It's extremely easy
For this payment I give you two days (48 hours).
As soon as this letter is opened, the timer will work.
After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your "enjoys".
I hope you understand your situation.
- Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
- Do not try to contact me (you yourself will see that this is impossible, I sent you an email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.
P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
This is the word of honor hacker.
I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.
Do not hold evil! I just do my job.
Good luck.
6 Jahre
- 1
- 0