Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Thu Oct 10 04:42:06 2019
Date Range Processed: yesterday
( 2019-Oct-09 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [295:291]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 1 sites probed the server
61.219.11.153
Requests with error response codes
400 Bad Request
mstshash=Administr: 4 Time(s)
null: 4 Time(s)
../../mnt/custom/ProductDefinition: 1 Time(s)
/: 1 Time(s)
/robots.txt: 1 Time(s)
404 Not Found
/robots.txt: 41 Time(s)
/berlin/apple-touch-icon.png: 6 Time(s)
/wp-login.php: 2 Time(s)
/reader/2017_SoSe_Berlin_vorlaeufig.pdf: 1 Time(s)
/sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
500 Internal Server Error
/: 60 Time(s)
/81.169.150.252/_/: 1 Time(s)
/cgi-bin/config.exp: 1 Time(s)
/default: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (200.149.231.50): 100 Time(s)
root (49.235.35.12): 99 Time(s)
root (171.221.217.145): 98 Time(s)
root (komutodev.aptmi.com): 94 Time(s)
root (221.224.194.83): 92 Time(s)
root (128.199.235.18): 89 Time(s)
root (142.93.163.125): 89 Time(s)
root (151.80.254.78): 76 Time(s)
root (182.61.175.71): 74 Time(s)
root (202.131.126.142): 73 Time(s)
root (68.183.110.49): 73 Time(s)
root (57-160-94-138.turbonetburitis.com.br): 68 Time(s)
root (138.197.152.113): 67 Time(s)
root (61.161.125.1): 66 Time(s)
root (l37-195-105-57.novotelecom.ru): 66 Time(s)
root (125.162.37.129): 63 Time(s)
root (129.28.142.81): 62 Time(s)
root (59.108.143.83): 60 Time(s)
root (92.188.124.228): 55 Time(s)
unknown (219.93.20.155): 54 Time(s)
unknown (106.12.90.45): 52 Time(s)
root (117.139.166.203): 50 Time(s)
root (202.127.26.219): 46 Time(s)
unknown (c-69-245-220-97.hsd1.il.comcast.net): 44 Time(s)
root (118.24.121.240): 42 Time(s)
unknown (115.68.77.68): 42 Time(s)
root (103.85.4.2): 41 Time(s)
unknown (190.186.170.83): 41 Time(s)
unknown (95-105-237-69.dynamic.orange.sk): 41 Time(s)
unknown (185.187.74.235): 39 Time(s)
root (106.12.74.238): 38 Time(s)
unknown (103.85.4.2): 38 Time(s)
unknown (134.175.189.153): 38 Time(s)
unknown (181.49.153.74): 38 Time(s)
root (106.12.80.204): 37 Time(s)
root (185.187.74.235): 37 Time(s)
root (157.230.113.218): 36 Time(s)
root (95-105-237-69.dynamic.orange.sk): 35 Time(s)
unknown (106.12.80.204): 35 Time(s)
unknown (46.101.43.224): 34 Time(s)
unknown (213.128.67.212): 33 Time(s)
root (182.73.123.118): 32 Time(s)
root (c-69-245-220-97.hsd1.il.comcast.net): 32 Time(s)
unknown (157.230.113.218): 32 Time(s)
root (115.68.77.68): 31 Time(s)
unknown (128.199.212.82): 31 Time(s)
unknown (92.188.124.228): 31 Time(s)
root (114.67.98.243): 30 Time(s)
root (46.101.43.224): 29 Time(s)
unknown (202.127.26.219): 29 Time(s)
root (27.254.130.69): 28 Time(s)
root (ns3262586.ip-5-39-77.eu): 28 Time(s)
unknown (118.24.121.240): 28 Time(s)
root (128.199.212.82): 26 Time(s)
unknown (129.28.142.81): 25 Time(s)
root (50-250-231-41-static.hfc.comcastbusiness.net): 24 Time(s)
unknown (125.162.37.129): 24 Time(s)
root (111.43.70.254): 22 Time(s)
root (ns3055979.ip-193-70-8.eu): 22 Time(s)
root (ns329837.ip-37-187-117.eu): 22 Time(s)
unknown (173.239.37.159): 22 Time(s)
unknown (197.248.205.53): 22 Time(s)
unknown (l37-195-105-57.novotelecom.ru): 21 Time(s)
unknown (138.197.152.113): 20 Time(s)
root (134.175.189.153): 19 Time(s)
root (89.216.47.154): 19 Time(s)
unknown (202.131.126.142): 19 Time(s)
unknown (68.183.110.49): 19 Time(s)
root (197.248.205.53): 18 Time(s)
unknown (61.161.125.1): 18 Time(s)
root (123.30.174.85): 17 Time(s)
root (178.128.202.35): 16 Time(s)
root (211-75-136-208.hinet-ip.hinet.net): 16 Time(s)
unknown (na-172-242.static.avantel.net.mx): 16 Time(s)
root (106.12.90.45): 15 Time(s)
root (110.47.218.84): 15 Time(s)
unknown (151.80.254.78): 15 Time(s)
unknown (59.108.143.83): 15 Time(s)
unknown (106.12.74.238): 14 Time(s)
unknown (27.254.130.69): 14 Time(s)
unknown (ns329837.ip-37-187-117.eu): 14 Time(s)
root (181.49.153.74): 13 Time(s)
unknown (129.204.77.45): 12 Time(s)
unknown (190.113.142.197): 12 Time(s)
root (219.93.20.155): 11 Time(s)
unknown (182.73.123.118): 11 Time(s)
unknown (ns3055979.ip-193-70-8.eu): 11 Time(s)
root (45.55.224.209): 10 Time(s)
root (186.153.138.2): 9 Time(s)
unknown (117.139.166.203): 9 Time(s)
root (118.69.32.167): 8 Time(s)
root (190.186.170.83): 8 Time(s)
unknown (128.199.235.18): 8 Time(s)
unknown (142.93.163.125): 8 Time(s)
unknown (183.146.209.68): 8 Time(s)
root (na-172-242.static.avantel.net.mx): 7 Time(s)
root (102.152.33.164): 6 Time(s)
root (112.85.42.180): 6 Time(s)
unknown (118.69.32.167): 6 Time(s)
unknown (182.61.175.71): 6 Time(s)
unknown (211-75-136-208.hinet-ip.hinet.net): 6 Time(s)
unknown (ns3262586.ip-5-39-77.eu): 6 Time(s)
root (li1364-67.members.linode.com): 5 Time(s)
unknown (komutodev.aptmi.com): 5 Time(s)
root (203.121.116.11): 4 Time(s)
root (129.204.77.45): 3 Time(s)
root (173.239.37.159): 3 Time(s)
root (213.128.67.212): 3 Time(s)
unknown (116.110.117.42): 3 Time(s)
unknown (171.235.84.8): 3 Time(s)
unknown (183.191.179.151): 3 Time(s)
unknown (193.32.163.182): 3 Time(s)
unknown (80.82.64.125): 3 Time(s)
unknown (ool-2f168252.static.optonline.net): 3 Time(s)
root (195.223.59.201): 2 Time(s)
root (51.254.248.18): 2 Time(s)
unknown (123.30.174.85): 2 Time(s)
unknown (142.93.39.29): 2 Time(s)
unknown (36.66.149.211): 2 Time(s)
unknown (49.235.35.12): 2 Time(s)
unknown (s70.metronv.ru): 2 Time(s)
mysql (181.63.245.127): 1 Time(s)
mysql (198.199.107.41): 1 Time(s)
root (103.101.52.48): 1 Time(s)
root (109.110.52.77): 1 Time(s)
root (110.164.205.133): 1 Time(s)
root (139.59.180.53): 1 Time(s)
root (139.59.78.236): 1 Time(s)
root (159.224.194.240): 1 Time(s)
root (183.146.209.68): 1 Time(s)
root (185.211.245.202): 1 Time(s)
root (190.113.142.197): 1 Time(s)
root (195.29.105.125): 1 Time(s)
root (221.162.255.82): 1 Time(s)
root (223.197.175.171): 1 Time(s)
root (45.114.244.56): 1 Time(s)
root (45.55.210.248): 1 Time(s)
root (5751a94a.skybroadband.com): 1 Time(s)
root (80.82.64.125): 1 Time(s)
root (kch-106-33.tm.net.my): 1 Time(s)
root (ns3045583.ip-46-105-122.eu): 1 Time(s)
unknown (111.85.11.22): 1 Time(s)
unknown (113.190.145.250): 1 Time(s)
unknown (121.141.5.199): 1 Time(s)
unknown (124.133.246.162): 1 Time(s)
unknown (128.106.195.126): 1 Time(s)
unknown (139.59.180.53): 1 Time(s)
unknown (142.93.81.77): 1 Time(s)
unknown (159.203.77.51): 1 Time(s)
unknown (159.65.149.131): 1 Time(s)
unknown (189.10.195.130): 1 Time(s)
unknown (190.85.203.254): 1 Time(s)
unknown (196.32.194.90): 1 Time(s)
unknown (206.189.137.113): 1 Time(s)
unknown (210.183.236.30): 1 Time(s)
unknown (221.162.255.82): 1 Time(s)
unknown (37.139.13.105): 1 Time(s)
unknown (43.252.36.98): 1 Time(s)
unknown (45.182.159.193): 1 Time(s)
unknown (54.ip-51-68-230.eu): 1 Time(s)
unknown (58.215.12.226): 1 Time(s)
unknown (59.25.197.150): 1 Time(s)
unknown (8.81.69.111.dynamic.snap.net.nz): 1 Time(s)
unknown (83.25.25.222.ipv4.supernova.orange.pl): 1 Time(s)
unknown (89-71-114-153.dynamic.chello.pl): 1 Time(s)
unknown (92.63.194.26): 1 Time(s)
unknown (96.57.82.166): 1 Time(s)
unknown (bfay1.pndsl.co.uk): 1 Time(s)
unknown (host81-149-211-134.in-addr.btopenworld.com): 1 Time(s)
unknown (kch-106-33.tm.net.my): 1 Time(s)
unknown (s.nixc.us): 1 Time(s)
Invalid Users:
Unknown Account: 1124 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
25 Miscellaneous warnings
19.687K Bytes accepted 20,159
19.687K Bytes sent via SMTP 20,159
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
3 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
3 Total 4xx Rejects 100.00%
======== ==================================================
62 Connections
49 Connections lost (inbound)
62 Disconnections
1 Removed from queue
1 Sent via SMTP
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 2 Time(s)
Failed logins from:
5.39.77.117 (ns3262586.ip-5-39-77.eu): 28 times
27.254.130.69: 28 times
37.187.117.187 (ns329837.ip-37-187-117.eu): 22 times
37.195.105.57 (l37-195-105-57.novotelecom.ru): 66 times
45.55.210.248: 1 time
45.55.224.209: 10 times
45.114.244.56: 1 time
46.101.43.224: 29 times
46.105.122.62 (ns3045583.ip-46-105-122.eu): 1 time
49.235.35.12: 99 times
50.250.231.41 (50-250-231-41-static.hfc.comcastbusiness.net): 24 times
51.254.248.18: 2 times
59.108.143.83: 60 times
61.161.125.1: 66 times
68.183.110.49: 73 times
69.245.220.97 (c-69-245-220-97.hsd1.il.comcast.net): 32 times
80.82.64.125: 1 time
87.81.169.74 (5751a94a.skybroadband.com): 1 time
89.216.47.154: 19 times
92.188.124.228 (228.124.188.92.dynamic.ftth.abo.nordnet.fr): 55 times
95.105.237.69 (95-105-237-69.dynamic.orange.sk): 35 times
102.152.33.164: 6 times
103.85.4.2: 41 times
103.101.52.48 (48.52.101.103.in-addr.arpa.semarangkota.go.id): 1 time
106.12.74.238: 38 times
106.12.80.204: 37 times
106.12.90.45: 15 times
109.110.52.77: 1 time
110.47.218.84: 15 times
110.164.205.133 (mx-ll-110.164.205-133.static.3bb.co.th): 1 time
111.43.70.254: 22 times
112.85.42.180: 6 times
114.67.98.243: 30 times
115.68.77.68: 31 times
117.139.166.203: 50 times
118.24.121.240: 42 times
118.69.32.167: 8 times
123.30.174.85 (static.vnpt.vn): 17 times
125.162.37.129 (129.subnet125-162-37.speedy.telkom.net.id): 63 times
128.199.212.82 (94123-73017.cloudwaysapps.com): 26 times
128.199.235.18: 89 times
129.28.142.81: 62 times
129.204.77.45: 3 times
134.175.189.153: 19 times
138.94.160.57 (57-160-94-138.turbonetburitis.com.br): 68 times
138.197.152.113: 67 times
139.59.78.236: 1 time
139.59.180.53: 1 time
139.162.201.67 (li1364-67.members.linode.com): 5 times
142.93.163.125: 89 times
148.245.172.242 (na-172-242.static.avantel.net.mx): 7 times
151.80.254.78: 76 times
157.230.113.218: 36 times
159.224.194.240 (240.194.224.159.triolan.net): 1 time
171.221.217.145: 98 times
173.239.37.159: 3 times
178.128.202.35: 16 times
181.49.153.74: 13 times
181.63.245.127 (static-ip-cr18163245127.cable.net.co): 1 time
182.61.175.71: 74 times
182.73.123.118: 32 times
183.146.209.68: 1 time
185.187.74.235: 37 times
185.211.245.202 (ping.diverseenvironment.com): 1 time
186.153.138.2 (host2.186-153-138.telecom.net.ar): 9 times
188.166.246.46 (komutodev.aptmi.com): 94 times
190.113.142.197 (190-113-142-197.supercanal.com.ar): 1 time
190.186.170.83 (static-ip-adsl-190.186.170.83.cotas.com.bo): 8 times
193.70.8.163 (ns3055979.ip-193-70-8.eu): 22 times
195.29.105.125: 1 time
195.223.59.201: 2 times
197.248.205.53 (197-248-205-53.safaricombusiness.co.ke): 18 times
198.199.107.41: 1 time
200.149.231.50: 100 times
202.127.26.219: 46 times
202.131.126.142: 73 times
203.121.116.11: 4 times
211.75.136.208 (211-75-136-208.HINET-IP.hinet.net): 16 times
213.128.67.212 (server-213.128.67.212.as42926.net): 3 times
219.93.20.155: 11 times
219.93.106.33 (kch-106-33.tm.net.my): 1 time
221.162.255.82: 1 time
221.224.194.83: 92 times
223.197.175.171 (223-197-175-171.static.imsbiz.com): 1 time
Illegal users from:
undef: 931 times
5.39.77.117 (ns3262586.ip-5-39-77.eu): 6 times
5.39.85.175 (s.nixc.us): 1 time
27.254.130.69: 14 times
36.66.149.211: 2 times
37.139.13.105: 1 time
37.187.117.187 (ns329837.ip-37-187-117.eu): 14 times
37.195.105.57 (l37-195-105-57.novotelecom.ru): 21 times
43.252.36.98 (snugglation.com): 1 time
45.182.159.193 (45-182-159-193.biosnet.com.br): 1 time
46.101.43.224: 34 times
47.22.130.82 (ool-2f168252.static.optonline.net): 3 times
49.235.35.12: 2 times
51.68.230.54 (54.ip-51-68-230.eu): 1 time
58.215.12.226: 1 time
59.25.197.150: 1 time
59.108.143.83: 15 times
61.161.125.1: 18 times
68.183.110.49: 19 times
69.245.220.97 (c-69-245-220-97.hsd1.il.comcast.net): 44 times
80.82.64.125: 3 times
80.229.253.212 (bfay1.pndsl.co.uk): 1 time
81.139.60.251: 1 time
81.149.211.134 (host81-149-211-134.in-addr.btopenworld.com): 1 time
83.25.25.222 (83.25.25.222.ipv4.supernova.orange.pl): 1 time
89.71.114.153 (89-71-114-153.dynamic.chello.pl): 1 time
92.63.194.26: 1 time
92.188.124.228 (228.124.188.92.dynamic.ftth.abo.nordnet.fr): 31 times
95.105.237.69 (95-105-237-69.dynamic.orange.sk): 41 times
96.57.82.166 (ool-603952a6.static.optonline.net): 1 time
103.85.4.2: 38 times
106.12.74.238: 14 times
106.12.80.204: 35 times
106.12.90.45: 52 times
111.69.81.8 (8.81.69.111.dynamic.snap.net.nz): 1 time
111.85.11.22: 1 time
113.190.145.250 (static.vnpt.vn): 1 time
115.68.77.68: 42 times
116.110.117.42: 3 times
117.139.166.203: 9 times
118.24.121.240: 28 times
118.69.32.167: 6 times
121.141.5.199: 1 time
123.30.174.85 (static.vnpt.vn): 2 times
124.133.246.162: 1 time
125.162.37.129 (129.subnet125-162-37.speedy.telkom.net.id): 24 times
128.106.195.126 (bb128-106-195-126.singnet.com.sg): 1 time
128.199.212.82 (94123-73017.cloudwaysapps.com): 31 times
128.199.235.18: 8 times
129.28.142.81: 25 times
129.204.77.45: 12 times
134.175.189.153: 38 times
138.197.152.113: 20 times
139.59.180.53: 1 time
142.93.39.29: 2 times
142.93.81.77: 1 time
142.93.163.125: 8 times
148.245.172.242 (na-172-242.static.avantel.net.mx): 16 times
151.80.254.78: 15 times
157.230.113.218: 32 times
159.65.149.131 (187449.cloudwaysapps.com): 1 time
159.203.77.51: 1 time
171.235.84.8 (dynamic-ip-adsl.viettel.vn): 3 times
173.239.37.159: 22 times
178.208.255.70 (s70.metronv.ru): 2 times
181.49.153.74: 38 times
182.61.175.71: 6 times
182.73.123.118: 11 times
183.146.209.68: 8 times
183.191.179.151 (151.179.191.183.adsl-pool.sx.cn): 3 times
185.187.74.235: 39 times
188.166.246.46 (komutodev.aptmi.com): 5 times
189.10.195.130 (189-10-195.smace300.ipd.brasiltelecom.net.br): 1 time
190.85.203.254: 1 time
190.113.142.197 (190-113-142-197.supercanal.com.ar): 12 times
190.186.170.83 (static-ip-adsl-190.186.170.83.cotas.com.bo): 41 times
193.32.163.182 (hosting-by.cloud-home.me): 3 times
193.70.8.163 (ns3055979.ip-193-70-8.eu): 11 times
196.32.194.90: 1 time
197.248.205.53 (197-248-205-53.safaricombusiness.co.ke): 22 times
202.127.26.219: 29 times
202.131.126.142: 19 times
206.189.137.113: 1 time
210.183.236.30: 1 time
211.75.136.208 (211-75-136-208.HINET-IP.hinet.net): 6 times
213.128.67.212 (server-213.128.67.212.as42926.net): 33 times
219.93.20.155: 54 times
219.93.106.33 (kch-106-33.tm.net.my): 1 time
221.162.255.82: 1 time
**Unmatched Entries**
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 3 time(s)
fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 7 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 241G 160G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
6 Jahre
- 1
- 0
Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Wed Oct 9 04:42:05 2019
Date Range Processed: yesterday
( 2019-Oct-08 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [341:346]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 3 sites probed the server
125.64.94.220
183.129.160.229
66.240.205.34
Requests with error response codes
400 Bad Request
mstshash=Administr: 4 Time(s)
null: 3 Time(s)
/setup.cgi?next_file=netgear.cfg&todo=sysc ... ntsetting.htm=1: 1 Time(s)
404 Not Found
/robots.txt: 27 Time(s)
/berlin/apple-touch-icon.png: 4 Time(s)
/wp-login.php: 3 Time(s)
/berlin/helfika/apple-touch-icon.png: 1 Time(s)
/protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s)
/reader/commit/f296a13ca2c01c535b80f726f1d0e62f3620d14e: 1 Time(s)
/resolutionen/sose17/studiengebuehren/stud ... _D3EC20zJOs\x22: 1 Time(s)
/sites/default/files/1999_SoSe_Karlsruhe.pdf: 1 Time(s)
/verein%7C: 1 Time(s)
500 Internal Server Error
/: 110 Time(s)
/a2billing/admin/Public/index.php: 1 Time(s)
/admin/assets/js/views/login.js: 1 Time(s)
/admin/config.php: 1 Time(s)
/admin/i18n/readme.txt: 1 Time(s)
/favicon.ico: 1 Time(s)
/recordings/theme/main.css: 1 Time(s)
/version: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (134.209.16.36): 100 Time(s)
root (178.62.189.46): 100 Time(s)
root (76.72.8.136): 98 Time(s)
root (114.118.91.64): 96 Time(s)
root (139.59.80.65): 89 Time(s)
root (94.191.50.114): 89 Time(s)
root (192.144.148.163): 85 Time(s)
root (182.116.56.228): 84 Time(s)
root (178.128.202.35): 80 Time(s)
root (103.92.85.202): 76 Time(s)
root (178.128.39.92): 74 Time(s)
root (89.36.217.142): 74 Time(s)
root (cpc69977-sand12-2-0-cust226.16-1.cable.virginm.net): 66 Time(s)
root (cpe-66-108-165-215.nyc.res.rr.com): 64 Time(s)
root (185.250.221.220): 61 Time(s)
root (50-250-231-41-static.hfc.comcastbusiness.net): 59 Time(s)
root (113.31.102.157): 58 Time(s)
root (142.93.47.125): 56 Time(s)
root (51.254.248.18): 56 Time(s)
root (75.60.67.34.bc.googleusercontent.com): 56 Time(s)
unknown (213.33.244.187): 54 Time(s)
root (119.29.62.104): 52 Time(s)
root (140.143.183.71): 52 Time(s)
root (188.254.0.182): 50 Time(s)
root (122.224.175.218): 48 Time(s)
root (115.238.236.74): 47 Time(s)
root (203.55.73.34.bc.googleusercontent.com): 46 Time(s)
root (213.33.244.187): 46 Time(s)
root (ns3262586.ip-5-39-77.eu): 46 Time(s)
unknown (128.199.107.252): 46 Time(s)
unknown (182.61.175.71): 46 Time(s)
root (106.75.210.147): 44 Time(s)
root (89.216.47.154): 44 Time(s)
unknown (161.117.195.97): 44 Time(s)
unknown (bake.isdeveloping.com): 44 Time(s)
unknown (106.52.174.139): 43 Time(s)
root (121.15.2.178): 41 Time(s)
unknown (216.213.198.180): 41 Time(s)
unknown (72.2.6.128): 40 Time(s)
unknown (182.18.208.27): 39 Time(s)
unknown (54.39.191.188): 39 Time(s)
unknown (190.113.142.197): 37 Time(s)
root (36.111.36.83): 36 Time(s)
root (72.2.6.128): 36 Time(s)
unknown (106.75.210.147): 35 Time(s)
unknown (138.197.176.130): 35 Time(s)
unknown (smartspace.wenet.my): 35 Time(s)
unknown (122.224.175.218): 34 Time(s)
root (211-75-136-208.hinet-ip.hinet.net): 32 Time(s)
root (smartspace.wenet.my): 32 Time(s)
unknown (119.29.62.104): 32 Time(s)
root (188.166.1.95): 31 Time(s)
root (161.117.195.97): 30 Time(s)
unknown (150.ip-51-79-86.net): 30 Time(s)
unknown (ip168.ip-149-56-251.net): 30 Time(s)
root (bake.isdeveloping.com): 29 Time(s)
unknown (113.31.102.157): 29 Time(s)
unknown (142.93.47.125): 29 Time(s)
unknown (75.60.67.34.bc.googleusercontent.com): 29 Time(s)
root (182.61.175.71): 28 Time(s)
unknown (115.238.236.74): 28 Time(s)
unknown (211-75-136-208.hinet-ip.hinet.net): 28 Time(s)
unknown (51.254.248.18): 28 Time(s)
unknown (140.143.183.71): 27 Time(s)
root (128.199.212.82): 26 Time(s)
root (134.175.189.153): 26 Time(s)
unknown (162.243.50.8): 25 Time(s)
unknown (185.250.221.220): 25 Time(s)
unknown (89.216.47.154): 25 Time(s)
root (219.93.20.155): 24 Time(s)
root (54.39.191.188): 24 Time(s)
root (178.62.79.227): 23 Time(s)
root (ip79.ip-142-44-184.net): 23 Time(s)
root (ns329837.ip-37-187-117.eu): 23 Time(s)
unknown (cpe-66-108-165-215.nyc.res.rr.com): 23 Time(s)
root (216.213.198.180): 22 Time(s)
unknown (cpc69977-sand12-2-0-cust226.16-1.cable.virginm.net): 22 Time(s)
unknown (124.243.245.3): 21 Time(s)
unknown (ns329837.ip-37-187-117.eu): 20 Time(s)
root (182.18.208.27): 19 Time(s)
unknown (121.15.11.13): 18 Time(s)
unknown (213.128.67.212): 18 Time(s)
root (157.230.113.218): 17 Time(s)
root (162.243.50.8): 17 Time(s)
unknown (178.128.39.92): 17 Time(s)
unknown (mourgos.di.uoa.gr): 17 Time(s)
unknown (ip79.ip-142-44-184.net): 16 Time(s)
unknown (103.92.85.202): 15 Time(s)
unknown (ns3262586.ip-5-39-77.eu): 14 Time(s)
root (213.128.67.212): 13 Time(s)
unknown (50-250-231-41-static.hfc.comcastbusiness.net): 13 Time(s)
root (138.68.82.220): 12 Time(s)
root (adityarama-dc.com): 12 Time(s)
unknown (ip5f5a8e37.dynamic.kabel-deutschland.de): 12 Time(s)
unknown (182.116.56.228): 10 Time(s)
unknown (192.144.148.163): 9 Time(s)
unknown (121.15.2.178): 8 Time(s)
unknown (139.59.80.65): 8 Time(s)
unknown (94.191.50.114): 8 Time(s)
unknown (203.55.73.34.bc.googleusercontent.com): 7 Time(s)
root (059148043097.ctinets.com): 6 Time(s)
root (112.85.42.173): 6 Time(s)
root (190.113.142.197): 6 Time(s)
root (218.92.0.181): 6 Time(s)
unknown (adityarama-dc.com): 6 Time(s)
unknown (mail2.bergschneider.de): 6 Time(s)
root (77.81.230.143): 4 Time(s)
root (server.multixservices.net): 4 Time(s)
unknown (102.165.35.137): 4 Time(s)
unknown (112.186.77.78): 4 Time(s)
unknown (188.254.0.182): 4 Time(s)
unknown (193.32.163.182): 4 Time(s)
root (121.15.11.13): 3 Time(s)
unknown (178.128.202.35): 3 Time(s)
unknown (222.120.192.106): 3 Time(s)
unknown (76.72.8.136): 3 Time(s)
root (106.52.174.139): 2 Time(s)
root (138.197.176.130): 2 Time(s)
unknown (112.186.77.102): 2 Time(s)
unknown (114.118.91.64): 2 Time(s)
unknown (121.139.146.162): 2 Time(s)
unknown (188.4.5.183.dsl.dyn.forthnet.gr): 2 Time(s)
unknown (220.92.16.86): 2 Time(s)
unknown (220.94.205.218): 2 Time(s)
unknown (39.64.193.37): 2 Time(s)
unknown (59.25.197.150): 2 Time(s)
unknown (89.36.217.142): 2 Time(s)
unknown (ool-2f168252.static.optonline.net): 2 Time(s)
unknown (ool-2f168746.static.optonline.net): 2 Time(s)
mysql (118-163-193-82.hinet-ip.hinet.net): 1 Time(s)
mysql (190.113.142.197): 1 Time(s)
postgres (212.147.15.213): 1 Time(s)
postgres (220.92.16.86): 1 Time(s)
postgres (pool-108-36-110-110.phlapa.fios.verizon.net): 1 Time(s)
root (107.13.186.21): 1 Time(s)
root (117.158.15.171): 1 Time(s)
root (195.56.253.49): 1 Time(s)
root (202.131.126.142): 1 Time(s)
root (220.92.16.86): 1 Time(s)
root (5.195.233.41): 1 Time(s)
root (61.161.125.1): 1 Time(s)
root (92.188.124.228): 1 Time(s)
root (mail2.bergschneider.de): 1 Time(s)
root (ns301667.ip-94-23-50.eu): 1 Time(s)
unknown (1.238.117.37): 1 Time(s)
unknown (118-163-178-146.hinet-ip.hinet.net): 1 Time(s)
unknown (139.59.78.236): 1 Time(s)
unknown (156.212.127.151): 1 Time(s)
unknown (162.ip-54-37-205.eu): 1 Time(s)
unknown (189.254.33.157): 1 Time(s)
unknown (191.98.205.37): 1 Time(s)
unknown (206.189.166.172): 1 Time(s)
unknown (222.252.25.241): 1 Time(s)
unknown (41.46.82.151): 1 Time(s)
unknown (42.116.255.216): 1 Time(s)
unknown (45.117.83.36): 1 Time(s)
unknown (81.12.159.146): 1 Time(s)
unknown (91.195.122.91): 1 Time(s)
unknown (92.63.194.26): 1 Time(s)
unknown (93-51-186-90.ip268.fastwebnet.it): 1 Time(s)
unknown (correo.administradoraintegral.com): 1 Time(s)
unknown (fixed-187-189-65-79.totalplay.net): 1 Time(s)
unknown (host81-130-161-44.in-addr.btopenworld.com): 1 Time(s)
unknown (ip-132-148-129-180.ip.secureserver.net): 1 Time(s)
unknown (server.multixservices.net): 1 Time(s)
Invalid Users:
Unknown Account: 1333 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
14 Miscellaneous warnings
18.970K Bytes accepted 19,425
18.970K Bytes sent via SMTP 19,425
======== ==================================================
2 Accepted 100.00%
-------- --------------------------------------------------
2 Total 100.00%
======== ==================================================
1 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
1 Total 4xx Rejects 100.00%
======== ==================================================
131 Connections
120 Connections lost (inbound)
131 Disconnections
2 Removed from queue
2 Sent via SMTP
2 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 3 Time(s)
Failed logins from:
5.39.77.117 (ns3262586.ip-5-39-77.eu): 46 times
5.195.233.41: 1 time
34.67.60.75 (75.60.67.34.bc.googleusercontent.com): 56 times
34.73.55.203 (203.55.73.34.bc.googleusercontent.com): 46 times
36.111.36.83: 36 times
37.187.117.187 (ns329837.ip-37-187-117.eu): 23 times
50.250.231.41 (50-250-231-41-static.hfc.comcastbusiness.net): 59 times
51.254.248.18: 56 times
54.39.191.188: 24 times
59.148.43.97 (059148043097.ctinets.com): 6 times
61.161.125.1: 1 time
66.108.165.215 (cpe-66-108-165-215.nyc.res.rr.com): 64 times
72.2.6.128 (h72-2-6-128.bigpipeinc.com): 36 times
76.72.8.136 (76-72-8-136.swr.dyn.lusfiber.net): 98 times
77.81.230.143 (host143-230-81-77.serverdedicati.aruba.it): 4 times
77.103.0.227 (cpc69977-sand12-2-0-cust226.16-1.cable.virginm.net): 66 times
82.149.162.78 (mail2.bergschneider.de): 1 time
89.36.217.142 (host142-217-36-89.serverdedicati.aruba.it): 74 times
89.216.47.154: 44 times
92.188.124.228 (228.124.188.92.dynamic.ftth.abo.nordnet.fr): 1 time
94.23.50.194 (ns301667.ip-94-23-50.eu): 1 time
94.191.50.114: 89 times
103.92.85.202: 76 times
106.52.174.139: 2 times
106.75.210.147: 44 times
107.13.186.21 (mta-107-13-186-21.nc.rr.com): 1 time
108.36.110.110 (pool-108-36-110-110.phlapa.fios.verizon.net): 1 time
112.85.42.173: 6 times
113.31.102.157: 58 times
114.118.91.64: 96 times
115.238.236.74: 47 times
117.158.15.171: 1 time
118.163.193.82 (118-163-193-82.HINET-IP.hinet.net): 1 time
119.29.62.104: 52 times
121.15.2.178: 41 times
121.15.11.13: 3 times
122.224.175.218: 48 times
128.199.202.206 (adityarama-dc.com): 12 times
128.199.212.82 (94123-73017.cloudwaysapps.com): 26 times
134.175.189.153: 26 times
134.209.16.36: 100 times
138.68.82.220: 12 times
138.68.86.55 (bake.isdeveloping.com): 29 times
138.197.176.130: 2 times
139.59.80.65: 89 times
140.143.183.71: 52 times
142.44.184.79 (ip79.ip-142-44-184.net): 23 times
142.93.47.125 (voucher.tusass.lab): 56 times
157.230.113.218: 17 times
161.117.195.97: 30 times
162.241.178.219 (server.multixservices.net): 4 times
162.243.50.8 (dev.rcms.io): 17 times
178.62.79.227: 23 times
178.62.189.46: 100 times
178.128.39.92 (188227.cloudwaysapps.com): 74 times
178.128.202.35: 80 times
182.18.208.27: 19 times
182.61.175.71: 28 times
182.116.56.228 (hn.kd.ny.adsl): 84 times
185.250.221.220: 61 times
188.166.1.95: 31 times
188.254.0.182: 50 times
190.113.142.197 (190-113-142-197.supercanal.com.ar): 7 times
192.144.148.163: 85 times
195.56.253.49: 1 time
202.73.9.76 (smartspace.wenet.my): 32 times
202.131.126.142: 1 time
211.75.136.208 (211-75-136-208.HINET-IP.hinet.net): 32 times
212.147.15.213 (mail.willemin-macodel.com): 1 time
213.33.244.187 (213-33-244-187-gld.tecom.ru): 46 times
213.128.67.212 (server-213.128.67.212.as42926.net): 13 times
216.213.198.180: 22 times
218.92.0.181: 6 times
219.93.20.155: 24 times
220.92.16.86: 2 times
Illegal users from:
undef: 1061 times
1.238.117.37: 1 time
5.39.77.117 (ns3262586.ip-5-39-77.eu): 14 times
34.67.60.75 (75.60.67.34.bc.googleusercontent.com): 29 times
34.73.55.203 (203.55.73.34.bc.googleusercontent.com): 7 times
37.187.117.187 (ns329837.ip-37-187-117.eu): 20 times
39.64.193.37: 2 times
41.46.82.151 (host-41.46.82.151.tedata.net): 1 time
42.116.255.216: 1 time
45.117.83.36: 1 time
47.22.130.82 (ool-2f168252.static.optonline.net): 2 times
47.22.135.70 (ool-2f168746.static.optonline.net): 2 times
50.250.231.41 (50-250-231-41-static.hfc.comcastbusiness.net): 13 times
51.79.86.150 (150.ip-51-79-86.net): 30 times
51.254.248.18: 28 times
54.37.205.162 (162.ip-54-37-205.eu): 1 time
54.39.191.188: 39 times
59.25.197.150: 2 times
66.108.165.215 (cpe-66-108-165-215.nyc.res.rr.com): 23 times
72.2.6.128 (h72-2-6-128.bigpipeinc.com): 40 times
76.72.8.136 (76-72-8-136.swr.dyn.lusfiber.net): 3 times
77.103.0.227 (cpc69977-sand12-2-0-cust226.16-1.cable.virginm.net): 22 times
81.12.159.146: 1 time
81.130.161.44 (host81-130-161-44.in-addr.btopenworld.com): 1 time
82.149.162.78 (mail2.bergschneider.de): 6 times
89.36.217.142 (host142-217-36-89.serverdedicati.aruba.it): 2 times
89.216.47.154: 25 times
91.195.122.91: 1 time
92.63.194.26: 1 time
93.51.186.90 (93-51-186-90.ip268.fastwebnet.it): 1 time
94.191.50.114: 8 times
95.90.142.55 (ip5f5a8e37.dynamic.kabel-deutschland.de): 12 times
102.165.35.137: 4 times
103.92.85.202: 15 times
106.52.174.139: 43 times
106.75.210.147: 35 times
112.186.77.78: 4 times
112.186.77.102: 2 times
113.31.102.157: 29 times
114.118.91.64: 2 times
115.238.236.74: 28 times
118.163.178.146 (118-163-178-146.HINET-IP.hinet.net): 1 time
119.29.62.104: 32 times
121.15.2.178: 8 times
121.15.11.13: 18 times
121.139.146.162: 2 times
122.224.175.218: 34 times
124.243.245.3: 21 times
128.199.107.252: 46 times
128.199.202.206 (adityarama-dc.com): 6 times
132.148.129.180 (ip-132-148-129-180.ip.secureserver.net): 1 time
138.68.86.55 (bake.isdeveloping.com): 44 times
138.197.176.130: 35 times
139.59.78.236: 1 time
139.59.80.65: 8 times
140.143.183.71: 27 times
142.44.184.79 (ip79.ip-142-44-184.net): 16 times
142.93.47.125 (voucher.tusass.lab): 29 times
149.56.251.168 (ip168.ip-149-56-251.net): 30 times
156.212.127.151 (host-156.212.151.127-static.tedata.net): 1 time
161.117.195.97: 44 times
162.241.178.219 (server.multixservices.net): 1 time
162.243.50.8 (dev.rcms.io): 25 times
178.128.39.92 (188227.cloudwaysapps.com): 17 times
178.128.202.35: 3 times
182.18.208.27: 39 times
182.61.175.71: 46 times
182.116.56.228 (hn.kd.ny.adsl): 10 times
185.250.221.220: 25 times
187.189.65.79 (fixed-187-189-65-79.totalplay.net): 1 time
188.4.5.183 (188.4.5.183.dsl.dyn.forthnet.gr): 2 times
188.254.0.182: 4 times
189.254.33.157 (customer-189-254-33-157-sta.uninet-ide.com.mx): 1 time
190.113.142.197 (190-113-142-197.supercanal.com.ar): 37 times
191.98.205.37: 1 time
192.144.148.163: 9 times
193.32.163.182 (hosting-by.cloud-home.me): 4 times
195.134.67.70 (mourgos.di.uoa.gr): 17 times
200.11.150.238 (correo.administradoraintegral.com): 1 time
202.73.9.76 (smartspace.wenet.my): 35 times
206.189.166.172: 1 time
211.75.136.208 (211-75-136-208.HINET-IP.hinet.net): 28 times
213.33.244.187 (213-33-244-187-gld.tecom.ru): 54 times
213.128.67.212 (server-213.128.67.212.as42926.net): 18 times
216.213.198.180: 41 times
220.92.16.86: 2 times
220.94.205.218: 2 times
222.120.192.106: 3 times
222.252.25.241 (static.vnpt-hanoi.com.vn): 1 time
**Unmatched Entries**
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 3 time(s)
fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 5 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 241G 160G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
6 Jahre
- 1
- 0
High danger. Your account was attacked.
by topf@zapf.in
Hello!
I have very bad news for you.
17/07/2019 - on this day I hacked your OS and got full access to your account topf(a)zapf.in.
You can check it - I sent this message from your account.
So, you can change the password, yes.. But my malware intercepts it every time.
How I made it:
In the software of the router, through which you went online, was a vulnerability.
I just hacked this router and placed my malicious code on it.
When you went online, my trojan was installed on the OS of your device.
After that, I made a full dump of your disk (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).
A month ago, I wanted to lock your device and ask for a not big amount of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
I'm talk you about sites for adults.
I want to say - you are a BIG pervert. Your fantasy is shifted far away from the normal course!
And I got an idea....
I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
Turned out amazing! You are so spectacular!
I'm know that you would not like to show these screenshots to your friends, relatives or colleagues.
I think $960 is a very, very small amount for my silence.
Besides, I have been spying on you for so long, having spent a lot of time!
Pay ONLY in Bitcoins!
My BTC wallet: 15yF8WkUg8PRjJehYW4tGdqcyzc4z7dScM
You do not know how to use bitcoins?
Enter a query in any search engine: "how to replenish btc wallet".
It's extremely easy
For this payment I give you two days (48 hours).
As soon as this letter is opened, the timer will work.
After payment, my virus and dirty screenshots with your enjoys will be self-destruct automatically.
If I do not receive from you the specified amount, then your device will be locked, and all your contacts will receive a screenshots with your "enjoys".
I hope you understand your situation.
- Do not try to find and destroy my virus! (All your data, files and screenshots is already uploaded to a remote server)
- Do not try to contact me (you yourself will see that this is impossible, I sent you an email from your account)
- Various security services will not help you; formatting a disk or destroying a device will not help, since your data is already on a remote server.
P.S. You are not my single victim. so, I guarantee you that I will not disturb you again after payment!
This is the word of honor hacker.
I also ask you to regularly update your antiviruses in the future. This way you will no longer fall into a similar situation.
Do not hold evil! I just do my job.
Good luck.
6 Jahre
- 1
- 0
Einladung zur StAPF-Sitzung am 15.10. um 19.00 Uhr
by Chantal Beck
Liebe Zapfika,
die ZaPF in Freiburg rückt immer näher. Deswegen möchten wir euch ganz
herzlich zur nächsten StAPF-Sitzung einladen, welche nächste Woche
Dienstag, am 15.10. um 19.00 s.t. stattfinden wird. Die geplante
Tagesordnung findet ihr im Wiki [1], genau wie das Protokoll der letzten
Sitzung [2]. Wie immer nutzen wir Mumble [3].
Liebe Grüße
Chantal
[1] https://zapf.wiki/StAPF17,6:Sitzung07
[2] https://zapf.wiki/StAPF17,6:Sitzung06
[3] https://zapf.wiki/Mumble_Voice-Chat
6 Jahre
- 1
- 0
Cron <root@h2361197> /srv/sommer17-webseite/update.sh
by root@zapf.in
fatal: unable to access 'https://github.com/zapf-berlin/sommer17-webseite.git/': Failed to connect to github.com port 443: Connection timed out
6 Jahre
- 1
- 0
Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Tue Oct 8 04:42:07 2019
Date Range Processed: yesterday
( 2019-Oct-07 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [299:297]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 2 sites probed the server
157.245.66.20
183.129.160.229
Requests with error response codes
400 Bad Request
mstshash=Administr: 4 Time(s)
../../mnt/custom/ProductDefinition: 3 Time(s)
/Pages/login.htm: 2 Time(s)
null: 2 Time(s)
/robots.txt: 1 Time(s)
/setup.cgi?next_file=netgear.cfg&todo=sysc ... ntsetting.htm=1: 1 Time(s)
404 Not Found
/robots.txt: 39 Time(s)
/berlin/apple-touch-icon.png: 6 Time(s)
/wp-login.php: 4 Time(s)
/home/zapf: 1 Time(s)
/reader/2016_sose_konstanz_lang.pdf: 1 Time(s)
/reader/2017_SoSe_Berlin_lang.pdf: 1 Time(s)
/reader/WiSe14_AK_GO_und_Satzungs%C3%A4nderung.pdf: 1 Time(s)
/resolutionen/wise17/Akkreditierung_PosPap/Pospap_: 1 Time(s)
/sites/default/files/Empfehlungen_der_ZaPF ... Fach_Physik.pdf: 1 Time(s)
413 Request Entity Too Large
/msdn.cpp: 1 Time(s)
500 Internal Server Error
/: 14 Time(s)
/remote/login: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (12.38.141.34): 100 Time(s)
root (177.134.159.164): 100 Time(s)
root (218.3.139.85): 99 Time(s)
root (ns380620.ip-188-165-250.eu): 98 Time(s)
root (203.195.152.247): 96 Time(s)
root (188.128.43.28): 94 Time(s)
root (101.89.91.175): 93 Time(s)
root (206.189.119.73): 82 Time(s)
root (79.110.201.195): 82 Time(s)
root (142.93.218.11): 80 Time(s)
root (159.89.29.189): 80 Time(s)
root (163-172-13-168.rev.poneytelecom.eu): 80 Time(s)
root (202.28.64.1): 79 Time(s)
root (189.112.109.185): 77 Time(s)
root (202.131.126.142): 75 Time(s)
root (51.15.190.180): 75 Time(s)
root (103.48.193.7): 74 Time(s)
root (71.254.73.34.bc.googleusercontent.com): 67 Time(s)
root (181.48.116.50): 64 Time(s)
root (36.111.36.83): 64 Time(s)
root (165.227.53.241): 63 Time(s)
root (178.62.79.227): 61 Time(s)
root (37.139.2.218): 60 Time(s)
root (46.101.11.213): 57 Time(s)
unknown (123.31.47.20): 57 Time(s)
unknown (128.199.95.163): 56 Time(s)
root (180.76.100.178): 54 Time(s)
root (ip233.ip-164-132-62.eu): 54 Time(s)
unknown (106.54.160.59): 53 Time(s)
unknown (115.238.236.74): 50 Time(s)
root (106.13.135.235): 48 Time(s)
root (124.207.193.119): 46 Time(s)
root (181.49.117.130): 46 Time(s)
root (250.120.103.87.rev.vodafone.pt): 45 Time(s)
root (162.243.50.8): 43 Time(s)
root (138.68.82.220): 42 Time(s)
unknown (139.199.209.89): 42 Time(s)
root (121.15.11.13): 41 Time(s)
root (128.199.95.163): 40 Time(s)
root (17.ip-54-39-97.net): 39 Time(s)
unknown (17.ip-54-39-97.net): 39 Time(s)
unknown (46.101.11.213): 39 Time(s)
root (128.199.107.252): 38 Time(s)
unknown (164-251-47-212.rev.cloud.scaleway.com): 38 Time(s)
unknown (89.254.148.26): 38 Time(s)
root (124.243.245.3): 37 Time(s)
root (43.227.64.249): 36 Time(s)
unknown (222.175.126.74): 36 Time(s)
unknown (250.120.103.87.rev.vodafone.pt): 36 Time(s)
unknown (cultadv.cloud): 36 Time(s)
unknown (www.gogoski.fr): 36 Time(s)
root (115.238.236.74): 34 Time(s)
root (222.175.126.74): 34 Time(s)
unknown (124.207.193.119): 34 Time(s)
root (adityarama-dc.com): 33 Time(s)
root (139.199.209.89): 32 Time(s)
unknown (58.201-140-111.bestelclientes.com.mx): 30 Time(s)
unknown (ip233.ip-164-132-62.eu): 30 Time(s)
unknown (138.68.82.220): 29 Time(s)
unknown (180.76.100.178): 29 Time(s)
unknown (adityarama-dc.com): 28 Time(s)
unknown (103.48.193.7): 27 Time(s)
unknown (181.49.117.130): 27 Time(s)
root (201.149.22.37): 26 Time(s)
unknown (37.139.2.218): 26 Time(s)
unknown (51.15.190.180): 26 Time(s)
root (203.55.73.34.bc.googleusercontent.com): 25 Time(s)
root (244.45.185.35.bc.googleusercontent.com): 25 Time(s)
root (89.36.217.142): 25 Time(s)
root (mourgos.di.uoa.gr): 25 Time(s)
unknown (106.13.135.235): 24 Time(s)
unknown (165.227.53.241): 24 Time(s)
root (ip79.ip-142-44-184.net): 22 Time(s)
unknown (71.254.73.34.bc.googleusercontent.com): 21 Time(s)
unknown (121.15.11.13): 20 Time(s)
unknown (121.15.2.178): 20 Time(s)
unknown (189.112.109.185): 19 Time(s)
unknown (ip79.ip-142-44-184.net): 19 Time(s)
root (61.19.145.135): 17 Time(s)
unknown (181.48.116.50): 17 Time(s)
unknown (mourgos.di.uoa.gr): 17 Time(s)
root (109.194.54.130): 16 Time(s)
root (123.31.47.20): 16 Time(s)
root (cultadv.cloud): 16 Time(s)
unknown (202.131.126.142): 16 Time(s)
root (106.54.160.59): 15 Time(s)
root (116.196.90.181): 14 Time(s)
root (187.64.1.64): 14 Time(s)
root (94.191.47.240): 14 Time(s)
unknown (202.28.64.1): 14 Time(s)
unknown (206.189.119.73): 14 Time(s)
unknown (79.110.201.195): 14 Time(s)
unknown (142.93.218.11): 13 Time(s)
unknown (163-172-13-168.rev.poneytelecom.eu): 13 Time(s)
unknown (192.207.205.98): 13 Time(s)
root (188.166.1.95): 12 Time(s)
root (49.88.112.55): 12 Time(s)
root (ip168.ip-149-56-251.net): 12 Time(s)
unknown (106.13.10.159): 12 Time(s)
unknown (203.55.73.34.bc.googleusercontent.com): 12 Time(s)
unknown (178.62.79.227): 11 Time(s)
unknown (ip168.ip-149-56-251.net): 10 Time(s)
unknown (124.243.245.3): 9 Time(s)
root (106.13.10.159): 8 Time(s)
root (smartspace.wenet.my): 8 Time(s)
root (115.156.34.4): 7 Time(s)
root (139.59.83.239): 7 Time(s)
unknown (139.59.83.239): 7 Time(s)
root (112.85.42.173): 6 Time(s)
root (121.46.93.230): 6 Time(s)
root (164-251-47-212.rev.cloud.scaleway.com): 6 Time(s)
root (218.92.0.134): 6 Time(s)
root (218.92.0.139): 6 Time(s)
root (218.92.0.167): 6 Time(s)
root (68.234.115.188): 6 Time(s)
root (cpe-74-132-16-221.kya.res.rr.com): 6 Time(s)
unknown (101.89.91.175): 5 Time(s)
unknown (188.128.43.28): 5 Time(s)
unknown (244.45.185.35.bc.googleusercontent.com): 5 Time(s)
unknown (61.19.145.135): 5 Time(s)
root (121.15.2.178): 4 Time(s)
root (213.33.244.187): 3 Time(s)
root (58.201-140-111.bestelclientes.com.mx): 3 Time(s)
unknown (102.165.35.137): 3 Time(s)
unknown (193.32.163.182): 3 Time(s)
unknown (ip130.ip-139-99-37.net): 3 Time(s)
unknown (128.199.107.252): 2 Time(s)
unknown (175.149.23.109.rev.sfr.net): 2 Time(s)
unknown (203.195.152.247): 2 Time(s)
unknown (45.169.110.199): 2 Time(s)
unknown (ns380620.ip-188-165-250.eu): 2 Time(s)
postgres (182.61.43.223): 1 Time(s)
root (117.81.170.118): 1 Time(s)
root (118-163-178-146.hinet-ip.hinet.net): 1 Time(s)
root (118.192.66.91): 1 Time(s)
root (122.154.59.66): 1 Time(s)
root (124.204.36.138): 1 Time(s)
root (www.gogoski.fr): 1 Time(s)
unknown (103.132.171.18): 1 Time(s)
unknown (112-135-58-66.gci.net): 1 Time(s)
unknown (115.156.34.4): 1 Time(s)
unknown (116.196.118.104): 1 Time(s)
unknown (118.48.211.197): 1 Time(s)
unknown (140.143.206.71): 1 Time(s)
unknown (192.241.99.154): 1 Time(s)
unknown (203186158178.ctinets.com): 1 Time(s)
unknown (92.63.194.26): 1 Time(s)
unknown (93-51-186-90.ip268.fastwebnet.it): 1 Time(s)
unknown (correo.administradoraintegral.com): 1 Time(s)
unknown (cpe149182c71446-cm00fc8d3aa430.cpe.net.cable.rogers.com): 1 Time(s)
unknown (smartspace.wenet.my): 1 Time(s)
unknown (static-100-37-253-46.nycmny.fios.verizon.net): 1 Time(s)
Invalid Users:
Unknown Account: 1234 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
21 Miscellaneous warnings
21.435K Bytes accepted 21,949
21.435K Bytes sent via SMTP 21,949
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
1 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
1 Total 4xx Rejects 100.00%
======== ==================================================
31 Connections
23 Connections lost (inbound)
31 Disconnections
1 Removed from queue
1 Sent via SMTP
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 9 Time(s)
Failed logins from:
12.38.141.34: 100 times
34.73.55.203 (203.55.73.34.bc.googleusercontent.com): 25 times
34.73.254.71 (71.254.73.34.bc.googleusercontent.com): 67 times
35.185.45.244 (244.45.185.35.bc.googleusercontent.com): 25 times
36.111.36.83: 64 times
37.139.2.218 (pplmx.com): 60 times
43.227.64.249: 36 times
46.101.11.213: 57 times
49.88.112.55: 12 times
51.15.190.180 (51-15-190-180.rev.poneytelecom.eu): 75 times
51.254.37.192 (www.gogoski.fr): 1 time
54.39.97.17 (17.ip-54-39-97.net): 39 times
61.19.145.135: 17 times
68.234.115.188 (68-234-115-188.dsl.bluevalley.net): 6 times
74.132.16.221 (cpe-74-132-16-221.kya.res.rr.com): 6 times
79.110.201.195 (charlot.static.korbank.pl): 82 times
80.211.133.238 (cultadv.cloud): 16 times
87.103.120.250 (250.120.103.87.rev.vodafone.pt): 45 times
89.36.217.142 (host142-217-36-89.serverdedicati.aruba.it): 25 times
94.191.47.240: 14 times
101.89.91.175: 93 times
103.48.193.7: 74 times
106.13.10.159: 8 times
106.13.135.235: 48 times
106.54.160.59: 15 times
109.194.54.130 (109x194x54x130.static-business.kursk.ertelecom.ru): 16 times
112.85.42.173: 6 times
115.156.34.4: 7 times
115.238.236.74: 34 times
116.196.90.181: 14 times
117.81.170.118 (118.170.81.117.broad.sz.js.dynamic.163data.com.cn): 1 time
118.163.178.146 (118-163-178-146.HINET-IP.hinet.net): 1 time
118.192.66.91: 1 time
121.15.2.178: 4 times
121.15.11.13: 41 times
121.46.93.230: 6 times
122.154.59.66: 1 time
123.31.47.20 (static.vnpt.vn): 16 times
124.204.36.138: 1 time
124.207.193.119: 46 times
124.243.245.3: 37 times
128.199.95.163: 40 times
128.199.107.252: 38 times
128.199.202.206 (adityarama-dc.com): 33 times
138.68.82.220: 42 times
139.59.83.239: 7 times
139.199.209.89: 32 times
142.44.184.79 (ip79.ip-142-44-184.net): 22 times
142.93.218.11: 80 times
149.56.251.168 (ip168.ip-149-56-251.net): 12 times
159.89.29.189: 80 times
162.243.50.8 (dev.rcms.io): 43 times
163.172.13.168 (163-172-13-168.rev.poneytelecom.eu): 80 times
164.132.62.233 (ip233.ip-164-132-62.eu): 54 times
165.227.53.241 (268019.cloudwaysapps.com): 63 times
177.134.159.164 (177.134.159.164.dynamic.adsl.gvt.net.br): 100 times
178.62.79.227: 61 times
180.76.100.178: 54 times
181.48.116.50: 64 times
181.49.117.130: 46 times
182.61.43.223: 1 time
187.64.1.64 (bb400140.virtua.com.br): 14 times
188.128.43.28: 94 times
188.165.250.228 (ns380620.ip-188-165-250.eu): 98 times
188.166.1.95: 12 times
189.112.109.185 (189-112-109-185.static.ctbctelecom.com.br): 77 times
195.134.67.70 (mourgos.di.uoa.gr): 25 times
201.140.111.58 (58.201-140-111.bestelclientes.com.mx): 3 times
201.149.22.37 (37.22.149.201.in-addr.arpa): 26 times
202.28.64.1: 79 times
202.73.9.76 (smartspace.wenet.my): 8 times
202.131.126.142: 75 times
203.195.152.247: 96 times
206.189.119.73: 82 times
212.47.251.164 (164-251-47-212.rev.cloud.scaleway.com): 6 times
213.33.244.187 (213-33-244-187-gld.tecom.ru): 3 times
218.3.139.85: 99 times
218.92.0.134: 6 times
218.92.0.139: 6 times
218.92.0.167: 6 times
222.175.126.74: 34 times
Illegal users from:
undef: 1024 times
34.73.55.203 (203.55.73.34.bc.googleusercontent.com): 12 times
34.73.254.71 (71.254.73.34.bc.googleusercontent.com): 21 times
35.185.45.244 (244.45.185.35.bc.googleusercontent.com): 5 times
37.139.2.218 (pplmx.com): 26 times
45.169.110.199 (45-169-110-199.linkspeed.com.br): 2 times
46.101.11.213: 39 times
51.15.190.180 (51-15-190-180.rev.poneytelecom.eu): 26 times
51.254.37.192 (www.gogoski.fr): 36 times
54.39.97.17 (17.ip-54-39-97.net): 39 times
61.19.145.135: 5 times
66.58.135.112 (112-135-58-66.gci.net): 1 time
79.110.201.195 (charlot.static.korbank.pl): 14 times
80.211.133.238 (cultadv.cloud): 36 times
87.103.120.250 (250.120.103.87.rev.vodafone.pt): 36 times
89.254.148.26 (host.ostkom.lv): 38 times
92.63.194.26: 1 time
93.51.186.90 (93-51-186-90.ip268.fastwebnet.it): 1 time
100.37.253.46 (static-100-37-253-46.nycmny.fios.verizon.net): 1 time
101.89.91.175: 5 times
102.165.35.137: 3 times
103.48.193.7: 27 times
103.132.171.18: 1 time
106.13.10.159: 12 times
106.13.135.235: 24 times
106.54.160.59: 53 times
109.23.149.175 (175.149.23.109.rev.sfr.net): 2 times
115.156.34.4: 1 time
115.238.236.74: 50 times
116.196.118.104: 1 time
118.48.211.197: 1 time
121.15.2.178: 20 times
121.15.11.13: 20 times
123.31.47.20 (static.vnpt.vn): 57 times
124.207.193.119: 34 times
124.243.245.3: 9 times
128.199.95.163: 56 times
128.199.107.252: 2 times
128.199.202.206 (adityarama-dc.com): 28 times
138.68.82.220: 29 times
139.59.83.239: 7 times
139.99.37.130 (ip130.ip-139-99-37.net): 3 times
139.199.209.89: 42 times
140.143.206.71: 1 time
142.44.184.79 (ip79.ip-142-44-184.net): 19 times
142.93.218.11: 13 times
149.56.251.168 (ip168.ip-149-56-251.net): 10 times
163.172.13.168 (163-172-13-168.rev.poneytelecom.eu): 13 times
164.132.62.233 (ip233.ip-164-132-62.eu): 30 times
165.227.53.241 (268019.cloudwaysapps.com): 24 times
174.115.45.16 (CPE149182c71446-CM00fc8d3aa430.cpe.net.cable.rogers.com): 1 time
178.62.79.227: 11 times
180.76.100.178: 29 times
181.48.116.50: 17 times
181.49.117.130: 27 times
188.128.43.28: 5 times
188.165.250.228 (ns380620.ip-188-165-250.eu): 2 times
189.112.109.185 (189-112-109-185.static.ctbctelecom.com.br): 19 times
192.207.205.98 (static-192-207-205-98.alestra.net.mx): 13 times
192.241.99.154: 1 time
193.32.163.182 (hosting-by.cloud-home.me): 3 times
195.134.67.70 (mourgos.di.uoa.gr): 17 times
200.11.150.238 (correo.administradoraintegral.com): 1 time
201.140.111.58 (58.201-140-111.bestelclientes.com.mx): 30 times
202.28.64.1: 14 times
202.73.9.76 (smartspace.wenet.my): 1 time
202.131.126.142: 16 times
203.186.158.178 (203186158178.ctinets.com): 1 time
203.195.152.247: 2 times
206.189.119.73: 14 times
212.47.251.164 (164-251-47-212.rev.cloud.scaleway.com): 38 times
222.175.126.74: 36 times
**Unmatched Entries**
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 3 time(s)
fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 8 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 241G 160G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
6 Jahre
- 1
- 0
[MediaWiki-announce] Security and maintenance release: 1.31.4 / 1.32.4 / 1.33.1
by Sam Reed
I would like to announce the release of MediaWiki 1.33.1, 1.32.4 and 1.31.4!
In a change to normal proceedings, the security patches are already merged
to
the various branches. This was due to the low severity of the patches. This
is
therefore the reason no pre-release announcement was sent.
It is noted that these patches are fairly large in comparison to normal,
this is
due to the splitting of some schema change patches from a single file to
multiple files to attempt to mitigate some migration issues identified in
T227662.
This release also serves as a maintenance release for these branches.
== Security fixes ==
* (T230402, CVE-2019-16738) SECURITY: Add permission check for suppressed
account to Special:Redirect.
== Links to all mentioned tasks ==
* https://phabricator.wikimedia.org/T230402
* https://phabricator.wikimedia.org/T227662
== Release notes ==
Full release notes for 1.31.4:
https://phabricator.wikimedia.org/diffusion/MW/browse/REL1_31/RELEASE-NOT...
https://www.mediawiki.org/wiki/Release_notes/1.31
Full release notes for 1.32.4:
https://phabricator.wikimedia.org/diffusion/MW/browse/REL1_32/RELEASE-NOT...
https://www.mediawiki.org/wiki/Release_notes/1.32
Full release notes for 1.33.1:
https://phabricator.wikimedia.org/diffusion/MW/browse/REL1_33/RELEASE-NOT...
https://www.mediawiki.org/wiki/Release_notes/1.33
For information about how to upgrade, see
<https://www.mediawiki.org/wiki/Manual:Upgrading>
**********************************************************************
Download:
https://releases.wikimedia.org/mediawiki/1.31/mediawiki-1.31.4.tar.gz
Download without bundled extensions:
https://releases.wikimedia.org/mediawiki/1.31/mediawiki-core-1.31.4.tar.gz
Patch to previous version (1.31.3):
https://releases.wikimedia.org/mediawiki/1.31/mediawiki-1.31.4.patch.gz
GPG signatures:
https://releases.wikimedia.org/mediawiki/1.31/mediawiki-core-1.31.4.tar.g...
https://releases.wikimedia.org/mediawiki/1.31/mediawiki-1.31.4.tar.gz.sig
https://releases.wikimedia.org/mediawiki/1.31/mediawiki-1.31.4.patch.gz.sig
Public keys:
https://www.mediawiki.org/keys/keys.html
**********************************************************************
Download:
https://releases.wikimedia.org/mediawiki/1.32/mediawiki-1.32.4.tar.gz
Download without bundled extensions:
https://releases.wikimedia.org/mediawiki/1.32/mediawiki-core-1.32.4.tar.gz
Patch to previous version (1.32.3):
https://releases.wikimedia.org/mediawiki/1.32/mediawiki-1.32.4.patch.gz
GPG signatures:
https://releases.wikimedia.org/mediawiki/1.32/mediawiki-core-1.32.4.tar.g...
https://releases.wikimedia.org/mediawiki/1.32/mediawiki-1.32.4.tar.gz.sig
https://releases.wikimedia.org/mediawiki/1.32/mediawiki-1.32.4.patch.gz.sig
Public keys:
https://www.mediawiki.org/keys/keys.html
**********************************************************************
Download:
https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.1.tar.gz
Download without bundled extensions:
https://releases.wikimedia.org/mediawiki/1.33/mediawiki-core-1.33.1.tar.gz
Patch to previous version (1.33.0):
https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.1.patch.gz
GPG signatures:
https://releases.wikimedia.org/mediawiki/1.33/mediawiki-core-1.33.1.tar.g...
https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.1.tar.gz.sig
https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.1.patch.gz.sig
Public keys:
https://www.mediawiki.org/keys/keys.html
_______________________________________________
MediaWiki announcements mailing list
To unsubscribe, go to:
https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce
6 Jahre
- 1
- 0
Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Mon Oct 7 04:42:07 2019
Date Range Processed: yesterday
( 2019-Oct-06 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [215:216]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 3 sites probed the server
183.129.160.229
185.153.196.219
61.219.11.153
Requests with error response codes
400 Bad Request
null: 4 Time(s)
mstshash=Administr: 3 Time(s)
/: 2 Time(s)
../../mnt/custom/ProductDefinition: 1 Time(s)
/Pages/login.htm: 1 Time(s)
/manager/html: 1 Time(s)
/manager/text/list: 1 Time(s)
404 Not Found
/robots.txt: 29 Time(s)
/berlin/apple-touch-icon.png: 14 Time(s)
/wp-login.php: 5 Time(s)
/protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s)
/resolutionen/sose14/reso_sose14_zusammenarbeitzapf-che.pdf: 1 Time(s)
/resolutionen/sose15/Netzneutralitaet_in_U ... %A4tsnetzen.pdf: 1 Time(s)
/sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
500 Internal Server Error
/: 7 Time(s)
/favicon.ico: 2 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (114-32-153-15.hinet-ip.hinet.net): 100 Time(s)
root (81.ip-92-222-216.eu): 100 Time(s)
root (1.179.185.50): 97 Time(s)
root (ip156.ip-178-33-45.eu): 95 Time(s)
root (148.70.65.131): 81 Time(s)
root (190.85.171.126): 75 Time(s)
unknown (ip130.ip-139-99-37.net): 73 Time(s)
root (rrcs-24-43-83-236.west.biz.rr.com): 72 Time(s)
unknown (125.99.173.162): 72 Time(s)
root (180.100.214.87): 68 Time(s)
root (129.204.38.202): 66 Time(s)
root (ec2-18-140-165-118.ap-southeast-1.compute.amazonaws.com): 65 Time(s)
unknown (106.12.131.132): 65 Time(s)
root (43.227.64.249): 62 Time(s)
unknown (62.28.34.125): 57 Time(s)
root (72.2.6.128): 56 Time(s)
root (177.101.255.28): 51 Time(s)
root (244.45.185.35.bc.googleusercontent.com): 51 Time(s)
root (45.80.64.246): 47 Time(s)
root (118.48.211.197): 45 Time(s)
root (42.ip-193-70-0.eu): 43 Time(s)
root (82.208.162.115): 39 Time(s)
unknown (94.191.47.240): 39 Time(s)
unknown (139.198.4.44): 37 Time(s)
unknown (207.154.234.102): 37 Time(s)
unknown (v150-95-212-72.873a.static.cnode.io): 37 Time(s)
root (ip130.ip-139-99-37.net): 36 Time(s)
unknown (106.13.10.159): 36 Time(s)
unknown (182.139.134.107): 36 Time(s)
unknown (45.80.64.246): 35 Time(s)
unknown (46.218.7.227): 35 Time(s)
root (52.187.17.107): 33 Time(s)
unknown (118.48.211.197): 33 Time(s)
root (139.198.4.44): 32 Time(s)
root (46.218.7.227): 32 Time(s)
root (103.249.52.5): 30 Time(s)
root (125.99.173.162): 29 Time(s)
root (catv-86-101-56-141.catv.broadband.hu): 29 Time(s)
unknown (129.204.38.202): 29 Time(s)
root (122.152.220.161): 28 Time(s)
unknown (52.187.17.107): 28 Time(s)
unknown (119.ip-51-83-76.eu): 27 Time(s)
root (162.ip-37-187-192.eu): 26 Time(s)
root (248.ip-145-239-196.eu): 26 Time(s)
unknown (72.2.6.128): 26 Time(s)
unknown (dev.sygec.mapgears.com): 26 Time(s)
root (59.45.99.99): 25 Time(s)
root (v150-95-212-72.873a.static.cnode.io): 25 Time(s)
unknown (59.45.99.99): 25 Time(s)
unknown (ns3006809.ip-151-80-36.eu): 25 Time(s)
root (94.191.47.240): 24 Time(s)
root (81.30.212.14.static.ufanet.ru): 23 Time(s)
unknown (catv-86-101-56-141.catv.broadband.hu): 23 Time(s)
unknown (177.101.255.28): 22 Time(s)
unknown (ec2-18-140-165-118.ap-southeast-1.compute.amazonaws.com): 21 Time(s)
root (host-41-196-0-189.static.link.com.eg): 20 Time(s)
unknown (180.100.214.87): 20 Time(s)
root (106.12.22.23): 19 Time(s)
root (dev.sygec.mapgears.com): 19 Time(s)
unknown (190.85.171.126): 19 Time(s)
root (80-78-240-76.cloudvps.regruhosting.ru): 18 Time(s)
root (117.73.2.103): 17 Time(s)
root (ns3006809.ip-151-80-36.eu): 15 Time(s)
root (106.13.10.159): 14 Time(s)
unknown (148.70.65.131): 14 Time(s)
root (37.99-67-87.adsl-dyn.isp.belgacom.be): 12 Time(s)
unknown (106.12.22.23): 12 Time(s)
root (62.28.34.125): 11 Time(s)
root (62.ip-51-254-132.eu): 11 Time(s)
root (207.154.234.102): 10 Time(s)
unknown (62.ip-51-254-132.eu): 10 Time(s)
root (106.12.131.132): 9 Time(s)
root (139.255.37.186): 9 Time(s)
root (248.251.199.104.bc.googleusercontent.com): 9 Time(s)
root (89.254.148.26): 9 Time(s)
unknown (103.66.16.18): 9 Time(s)
unknown (182.74.190.198): 9 Time(s)
root (106.13.135.235): 8 Time(s)
root (181.48.116.50): 8 Time(s)
root (182.139.134.107): 8 Time(s)
root (182.74.190.198): 8 Time(s)
unknown (1.6.114.75): 8 Time(s)
unknown (248.251.199.104.bc.googleusercontent.com): 8 Time(s)
unknown (58.201-140-111.bestelclientes.com.mx): 7 Time(s)
unknown (80-78-240-76.cloudvps.regruhosting.ru): 7 Time(s)
unknown (rrcs-24-43-83-236.west.biz.rr.com): 7 Time(s)
root (1.186.45.250): 6 Time(s)
root (218.92.0.167): 6 Time(s)
root (27.210.143.2): 6 Time(s)
root (dsl-246-253.geneseo.net): 6 Time(s)
unknown (181.49.117.130): 6 Time(s)
unknown (244.45.185.35.bc.googleusercontent.com): 6 Time(s)
unknown (82.97.16.22): 6 Time(s)
unknown (h83-209-66-208.cust.a3fiber.se): 6 Time(s)
unknown (x4d0cd38c.dyn.telefonica.de): 6 Time(s)
root (106.12.203.210): 5 Time(s)
unknown (181.48.116.50): 5 Time(s)
unknown (193.201.224.232): 5 Time(s)
unknown (host-41-196-0-189.static.link.com.eg): 5 Time(s)
root (58.201-140-111.bestelclientes.com.mx): 4 Time(s)
unknown (1.179.185.50): 4 Time(s)
unknown (193.32.163.182): 4 Time(s)
unknown (253.ip-164-132-192.eu): 4 Time(s)
unknown (ip156.ip-178-33-45.eu): 4 Time(s)
root (46.178.104.112): 3 Time(s)
unknown (75.60.242.66): 3 Time(s)
unknown (92.63.194.26): 3 Time(s)
root (1.6.114.75): 2 Time(s)
root (124.207.193.119): 2 Time(s)
root (188.131.216.109): 2 Time(s)
unknown (139.59.83.239): 2 Time(s)
unknown (175.211.116.234): 2 Time(s)
unknown (192.207.205.98): 2 Time(s)
unknown (203186158178.ctinets.com): 2 Time(s)
unknown (33.47.30.213.rev.vodafone.pt): 2 Time(s)
mysql (210.178.94.230): 1 Time(s)
root (104.131.93.33): 1 Time(s)
root (104.248.115.231): 1 Time(s)
root (109.110.52.77): 1 Time(s)
root (111.223.73.20): 1 Time(s)
root (115.254.63.52): 1 Time(s)
root (117.232.127.50): 1 Time(s)
root (139.59.56.121): 1 Time(s)
root (139.59.59.187): 1 Time(s)
root (139.59.79.56): 1 Time(s)
root (140.246.191.130): 1 Time(s)
root (167.99.75.174): 1 Time(s)
root (178-116-159-202.access.telenet.be): 1 Time(s)
root (180.250.183.154): 1 Time(s)
root (181.49.117.130): 1 Time(s)
root (182.61.15.70): 1 Time(s)
root (185.58.53.66): 1 Time(s)
root (188.166.237.191): 1 Time(s)
root (196.203.31.154): 1 Time(s)
root (20.ip-46-105-30.eu): 1 Time(s)
root (253.ip-164-132-192.eu): 1 Time(s)
root (36.66.149.211): 1 Time(s)
root (36.66.156.125): 1 Time(s)
root (37.139.9.23): 1 Time(s)
root (45.55.157.147): 1 Time(s)
root (45.59.116.41): 1 Time(s)
root (46.101.101.66): 1 Time(s)
root (5751a94a.skybroadband.com): 1 Time(s)
root (58.175.144.110): 1 Time(s)
root (crushdigital.co.uk): 1 Time(s)
root (host81-142-80-97.in-addr.btopenworld.com): 1 Time(s)
root (ip-132-148-129-180.ip.secureserver.net): 1 Time(s)
root (mail.unioncomm.co.kr): 1 Time(s)
root (ns380620.ip-188-165-250.eu): 1 Time(s)
root (ns388423.ip-176-31-253.eu): 1 Time(s)
root (pool-108-36-110-110.phlapa.fios.verizon.net): 1 Time(s)
root (server.multixservices.net): 1 Time(s)
unknown (106.13.135.235): 1 Time(s)
unknown (119.42.175.200): 1 Time(s)
unknown (123.214.186.186): 1 Time(s)
unknown (159.65.144.233): 1 Time(s)
unknown (182.74.53.250): 1 Time(s)
unknown (186.210.2.78): 1 Time(s)
unknown (206.189.136.160): 1 Time(s)
unknown (206.189.137.113): 1 Time(s)
unknown (210.183.236.30): 1 Time(s)
unknown (213.135.230.147): 1 Time(s)
unknown (41.221.146.138): 1 Time(s)
unknown (89.254.148.26): 1 Time(s)
unknown (96.57.82.166): 1 Time(s)
unknown (cpe149182c71446-cm00fc8d3aa430.cpe.net.cable.rogers.com): 1 Time(s)
unknown (fixed-187-189-65-79.totalplay.net): 1 Time(s)
unknown (ool-2f168252.static.optonline.net): 1 Time(s)
unknown (ool-addccea2.static.optonline.net): 1 Time(s)
unknown (pooladsl-b-8-149.ipcom.comunitel.net): 1 Time(s)
unknown (static-100-37-253-46.nycmny.fios.verizon.net): 1 Time(s)
unknown (xplr-96-63-32-85.xplornet.com): 1 Time(s)
Invalid Users:
Unknown Account: 1071 Time(s)
sudo:
Sessions Opened:
deployment -> root: 1 Time(s)
systemd-user:
Unknown Entries:
session closed for user deployment: 2 Time(s)
session opened for user root by (uid=0): 2 Time(s)
session closed for user root: 1 Time(s)
session opened for user deployment by (uid=0): 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
14 Miscellaneous warnings
24.113K Bytes accepted 24,692
24.113K Bytes sent via SMTP 24,692
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
3 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
3 Total 4xx Rejects 100.00%
======== ==================================================
593 Connections
583 Connections lost (inbound)
593 Disconnections
1 Removed from queue
1 Sent via SMTP
4 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
**Unmatched Entries**
slapd: DIGEST-MD5 common mech free: 1 Time(s)
---------------------- Connections (secure-log) End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 4 Time(s)
root : 3 Time(s)
Failed logins from:
1.6.114.75: 2 times
1.179.185.50: 97 times
1.186.45.250 (1.186.45.250.dvois.com): 6 times
18.140.165.118 (ec2-18-140-165-118.ap-southeast-1.compute.amazonaws.com): 65 times
24.43.83.236 (rrcs-24-43-83-236.west.biz.rr.com): 72 times
27.210.143.2: 6 times
35.185.45.244 (244.45.185.35.bc.googleusercontent.com): 51 times
36.66.149.211: 1 time
36.66.156.125: 1 time
37.139.9.23: 1 time
37.187.192.162 (162.ip-37-187-192.eu): 26 times
41.196.0.189 (host-41-196-0-189.static.link.com.eg): 20 times
43.227.64.249: 62 times
45.55.157.147: 1 time
45.59.116.41: 1 time
45.80.64.246: 47 times
46.101.88.10 (crushdigital.co.uk): 1 time
46.101.101.66: 1 time
46.105.30.20 (20.ip-46-105-30.eu): 1 time
46.178.104.112 (112-104-178-46.mobileinternet.proximus.be): 3 times
46.218.7.227: 32 times
51.254.132.62 (62.ip-51-254-132.eu): 11 times
52.187.17.107: 33 times
58.175.144.110: 1 time
59.45.99.99 (99.99.45.59.broad.yk.ln.dynamic.163data.com.cn): 25 times
62.28.34.125: 11 times
66.70.189.236 (dev.sygec.mapgears.com): 19 times
72.2.6.128 (h72-2-6-128.bigpipeinc.com): 56 times
80.78.240.76 (80-78-240-76.cloudvps.regruhosting.ru): 18 times
81.30.212.14 (81.30.212.14.static.ufanet.ru): 23 times
81.142.80.97 (host81-142-80-97.in-addr.btopenworld.com): 1 time
82.208.162.115 (prv-82-208-162-115.Braila.Astral.Ro): 39 times
86.101.56.141 (catv-86-101-56-141.catv.broadband.hu): 29 times
87.67.99.37 (37.99-67-87.adsl-dyn.isp.belgacom.be): 12 times
87.81.169.74 (5751a94a.skybroadband.com): 1 time
89.254.148.26 (host.ostkom.lv): 9 times
92.222.216.81 (81.ip-92-222-216.eu): 100 times
94.191.47.240: 24 times
103.249.52.5: 30 times
104.131.93.33 (mcp.org.py): 1 time
104.199.251.248 (248.251.199.104.bc.googleusercontent.com): 9 times
104.248.115.231: 1 time
106.12.22.23: 19 times
106.12.131.132: 9 times
106.12.203.210: 5 times
106.13.10.159: 14 times
106.13.135.235: 8 times
108.36.110.110 (pool-108-36-110-110.phlapa.fios.verizon.net): 1 time
109.110.52.77: 1 time
111.223.73.20: 1 time
114.32.153.15 (114-32-153-15.HINET-IP.hinet.net): 100 times
115.254.63.52: 1 time
117.73.2.103: 17 times
117.232.127.50: 1 time
118.48.211.197: 45 times
122.152.220.161: 28 times
124.207.193.119: 2 times
125.99.173.162: 29 times
129.204.38.202: 66 times
132.148.129.180 (ip-132-148-129-180.ip.secureserver.net): 1 time
139.59.56.121: 1 time
139.59.59.187: 1 time
139.59.79.56: 1 time
139.99.37.130 (ip130.ip-139-99-37.net): 36 times
139.198.4.44: 32 times
139.255.37.186 (ln-static-139-255-37-186.link.net.id): 9 times
140.246.191.130: 1 time
145.239.196.248 (248.ip-145-239-196.eu): 26 times
148.70.65.131: 81 times
150.95.212.72 (v150-95-212-72.873a.static.cnode.io): 25 times
151.80.36.188 (ns3006809.ip-151-80-36.eu): 15 times
162.241.178.219 (server.multixservices.net): 1 time
164.132.192.253 (253.ip-164-132-192.eu): 1 time
167.99.75.174: 1 time
176.31.253.204 (ns388423.ip-176-31-253.eu): 1 time
177.101.255.28 (177-101-255-28.static.stech.net.br): 51 times
178.33.45.156 (ip156.ip-178-33-45.eu): 95 times
178.116.159.202 (178-116-159-202.access.telenet.be): 1 time
180.100.214.87: 68 times
180.250.183.154: 1 time
181.48.116.50: 8 times
181.49.117.130: 1 time
182.61.15.70: 1 time
182.74.190.198: 8 times
182.139.134.107: 8 times
183.111.166.49 (mail.unioncomm.co.kr): 1 time
185.58.53.66 (185-58-53-66.customers.tirolnet.com): 1 time
188.131.216.109: 3 times
188.165.250.228 (ns380620.ip-188-165-250.eu): 1 time
188.166.237.191: 1 time
190.85.171.126: 75 times
193.70.0.42 (42.ip-193-70-0.eu): 43 times
196.203.31.154: 1 time
201.140.111.58 (58.201-140-111.bestelclientes.com.mx): 4 times
207.154.234.102: 10 times
208.123.246.253 (dsl-246-253.geneseo.net): 6 times
210.178.94.230: 1 time
218.92.0.167: 6 times
Illegal users from:
undef: 823 times
1.6.114.75: 8 times
1.179.185.50: 4 times
18.140.165.118 (ec2-18-140-165-118.ap-southeast-1.compute.amazonaws.com): 21 times
24.43.83.236 (rrcs-24-43-83-236.west.biz.rr.com): 7 times
35.185.45.244 (244.45.185.35.bc.googleusercontent.com): 6 times
41.196.0.189 (host-41-196-0-189.static.link.com.eg): 5 times
41.221.146.138: 1 time
45.80.64.246: 35 times
46.218.7.227: 35 times
47.22.130.82 (ool-2f168252.static.optonline.net): 1 time
51.83.76.119 (119.ip-51-83-76.eu): 27 times
51.254.132.62 (62.ip-51-254-132.eu): 10 times
52.187.17.107: 28 times
59.45.99.99 (99.99.45.59.broad.yk.ln.dynamic.163data.com.cn): 25 times
62.28.34.125: 57 times
66.70.189.236 (dev.sygec.mapgears.com): 26 times
72.2.6.128 (h72-2-6-128.bigpipeinc.com): 26 times
75.60.242.66: 3 times
77.12.211.140 (x4d0cd38c.dyn.telefonica.de): 6 times
80.78.240.76 (80-78-240-76.cloudvps.regruhosting.ru): 7 times
82.97.16.22 (webv2.qcnscruise.com): 6 times
83.209.66.208 (h83-209-66-208.cust.a3fiber.se): 6 times
86.101.56.141 (catv-86-101-56-141.catv.broadband.hu): 23 times
89.254.148.26 (host.ostkom.lv): 1 time
92.63.194.26: 3 times
94.191.47.240: 39 times
96.57.82.166 (ool-603952a6.static.optonline.net): 1 time
96.63.32.85 (xplr-96-63-32-85.xplornet.com): 1 time
100.37.253.46 (static-100-37-253-46.nycmny.fios.verizon.net): 1 time
103.66.16.18: 9 times
104.199.251.248 (248.251.199.104.bc.googleusercontent.com): 8 times
106.12.22.23: 12 times
106.12.131.132: 65 times
106.13.10.159: 36 times
106.13.135.235: 1 time
118.48.211.197: 33 times
119.42.175.200: 1 time
123.214.186.186: 1 time
125.99.173.162: 72 times
129.204.38.202: 29 times
139.59.83.239: 2 times
139.99.37.130 (ip130.ip-139-99-37.net): 73 times
139.198.4.44: 37 times
148.70.65.131: 14 times
150.95.212.72 (v150-95-212-72.873a.static.cnode.io): 37 times
151.80.36.188 (ns3006809.ip-151-80-36.eu): 25 times
159.65.144.233: 1 time
164.132.192.253 (253.ip-164-132-192.eu): 4 times
173.220.206.162 (ool-addccea2.static.optonline.net): 1 time
174.115.45.16 (CPE149182c71446-CM00fc8d3aa430.cpe.net.cable.rogers.com): 1 time
175.211.116.234: 2 times
177.101.255.28 (177-101-255-28.static.stech.net.br): 22 times
178.33.45.156 (ip156.ip-178-33-45.eu): 4 times
180.100.214.87: 20 times
181.48.116.50: 5 times
181.49.117.130: 6 times
182.74.53.250: 1 time
182.74.190.198: 9 times
182.139.134.107: 36 times
186.210.2.78 (186-210-002-78.xd-dynamic.algarnetsuper.com.br): 1 time
187.189.65.79 (fixed-187-189-65-79.totalplay.net): 1 time
190.85.171.126: 19 times
192.207.205.98 (static-192-207-205-98.alestra.net.mx): 2 times
193.32.163.182 (hosting-by.cloud-home.me): 4 times
193.201.224.232: 6 times
201.140.111.58 (58.201-140-111.bestelclientes.com.mx): 7 times
203.186.158.178 (203186158178.ctinets.com): 2 times
206.189.136.160: 1 time
206.189.137.113: 1 time
207.154.234.102: 37 times
210.183.236.30: 1 time
212.145.231.149 (pooladsl-b-8-149.ipcom.comunitel.net): 1 time
213.30.47.33 (33.47.30.213.rev.vodafone.pt): 2 times
213.135.230.147 (ip-213-135-230-147.static.luxdsl.pt.lu): 1 time
Users logging in through sshd:
deployment:
141.23.137.49 (client-141-23-137-49.wlan.tu-berlin.de): 2 times
root:
194.95.94.56 (wlangw.udk-berlin.de): 2 times
**Unmatched Entries**
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 4 time(s)
fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 4 time(s)
---------------------- SSHD End -------------------------
--------------------- Sudo (secure-log) Begin ------------------------
deployment => root
------------------
/bin/bash - 1 Time(s).
---------------------- Sudo (secure-log) End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 241G 160G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
6 Jahre
- 1
- 0
Let's Encrypt certificate expiration notice for domain "hetzner.zapf.in"
by Let's Encrypt Expiry Bot
Hello,
Your certificate (or certificates) for the names listed below will expire in 19 days (on 26 Oct 19 21:05 +0000). Please make sure to renew your certificate before then, or visitors to your website will encounter errors.
We recommend renewing certificates automatically when they have a third of their
total lifetime left. For Let's Encrypt's current 90-day certificates, that means
renewing 30 days before expiration. See
https://letsencrypt.org/docs/integration-guide/ for details.
hetzner.zapf.in
For any questions or support, please visit https://community.letsencrypt.org/. Unfortunately, we can't provide support by email.
For details about when we send these emails, please visit https://letsencrypt.org/docs/expiration-emails/. In particular, note that this reminder email is still sent if you've obtained a slightly different certificate by adding or removing names. If you've replaced this certificate with a newer one that covers more or fewer names than the list above, you may be able to ignore this message.
If you are receiving this email in error, unsubscribe at http://mandrillapp.com/track/unsub.php?u=30850198&id=423eb74775a64aecb5d2...
Regards,
The Let's Encrypt Team
6 Jahre
- 1
- 0
Logwatch for h2361197.stratoserver.net (Linux)
by root@zapf.in
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sun Oct 6 04:42:11 2019
Date Range Processed: yesterday
( 2019-Oct-05 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [233:229]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 3 sites probed the server
172.104.242.173
176.58.124.134
185.31.163.237
Requests with error response codes
400 Bad Request
/Pages/login.htm: 4 Time(s)
null: 3 Time(s)
../../mnt/custom/ProductDefinition: 1 Time(s)
/: 1 Time(s)
/shell?busybox: 1 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 1 Time(s)
7: 1 Time(s)
mstshash=Administr: 1 Time(s)
404 Not Found
/robots.txt: 35 Time(s)
/berlin/apple-touch-icon.png: 4 Time(s)
/.well-known/openpgpkey/hu/qs1j67f594iidts ... qm5t?l=vorstand: 1 Time(s)
/berlin/orientierung/apple-touch-icon.png: 1 Time(s)
/neuigkeiten/einladung-mgv-ss2011: 1 Time(s)
/neuigkeiten/einladung-mgv-ws2011: 1 Time(s)
/reader/2016_sose_konstanz_lang.pdf: 1 Time(s)
/wp-login.php: 1 Time(s)
500 Internal Server Error
/: 87 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (112.73.74.89): 100 Time(s)
root (220.ip-149-56-46.net): 100 Time(s)
root (s01068438356d8a69.rd.shawcable.net): 100 Time(s)
root (118.126.105.120): 99 Time(s)
root (129.226.56.22): 99 Time(s)
root (219.149.108.195): 87 Time(s)
root (ip130.ip-139-99-37.net): 79 Time(s)
root (253.ip-164-132-192.eu): 76 Time(s)
root (117.73.2.103): 74 Time(s)
root (155.94.254.46): 71 Time(s)
root (ip139.ip-51-254-95.eu): 71 Time(s)
unknown (vmd6669.contaboserver.net): 69 Time(s)
root (188.131.154.248): 67 Time(s)
root (ns303460.ip-94-23-208.eu): 67 Time(s)
root (210.14.77.102): 66 Time(s)
root (94.191.50.57): 66 Time(s)
unknown (179.233.31.10): 58 Time(s)
unknown (195.9.32.22): 58 Time(s)
root (36.103.228.38): 56 Time(s)
root (202.5.18.84): 54 Time(s)
root (182.61.130.121): 53 Time(s)
root (dev.geronimo-dev.ovh): 53 Time(s)
unknown (host81-130-234-235.in-addr.btopenworld.com): 51 Time(s)
unknown (36.103.228.38): 45 Time(s)
root (182.93.48.21): 42 Time(s)
root (103.66.16.18): 41 Time(s)
root (103.249.52.5): 40 Time(s)
root (111.198.29.223): 40 Time(s)
root (ns3006809.ip-151-80-36.eu): 40 Time(s)
unknown (218.155.189.208): 40 Time(s)
unknown (114.98.232.165): 38 Time(s)
root (177.8.244.38): 37 Time(s)
unknown (182.61.18.254): 37 Time(s)
unknown (201.91.132.170): 37 Time(s)
root (vmd6669.contaboserver.net): 36 Time(s)
root (catv-86-101-56-141.catv.broadband.hu): 35 Time(s)
unknown (214.ip-51-38-237.eu): 35 Time(s)
unknown (45.80.64.246): 35 Time(s)
unknown (177.8.244.38): 34 Time(s)
unknown (248.251.199.104.bc.googleusercontent.com): 33 Time(s)
unknown (202.5.18.84): 32 Time(s)
unknown (dev.geronimo-dev.ovh): 31 Time(s)
unknown (111.198.29.223): 29 Time(s)
unknown (94.191.50.57): 29 Time(s)
root (248.251.199.104.bc.googleusercontent.com): 28 Time(s)
unknown (191.36.246.167): 28 Time(s)
unknown (178.62.244.194): 27 Time(s)
unknown (62.ip-51-254-132.eu): 27 Time(s)
root (49.234.28.54): 26 Time(s)
unknown (103.66.16.18): 26 Time(s)
unknown (188.131.154.248): 25 Time(s)
root (218.155.189.208): 24 Time(s)
root (114.98.232.165): 22 Time(s)
unknown (ns303460.ip-94-23-208.eu): 22 Time(s)
unknown (ip139.ip-51-254-95.eu): 21 Time(s)
unknown (182.93.48.21): 20 Time(s)
root (214.ip-51-38-237.eu): 19 Time(s)
root (191.235.91.156): 18 Time(s)
unknown (155.94.254.46): 18 Time(s)
root (host81-130-234-235.in-addr.btopenworld.com): 17 Time(s)
unknown (191.235.91.156): 17 Time(s)
root (119.ip-51-83-76.eu): 16 Time(s)
root (177.101.255.28): 15 Time(s)
unknown (b2b-37-24-118-239.unitymedia.biz): 15 Time(s)
unknown (179.184.36.34.static.gvt.net.br): 14 Time(s)
unknown (253.ip-164-132-192.eu): 13 Time(s)
unknown (ip130.ip-139-99-37.net): 13 Time(s)
root (195.9.32.22): 12 Time(s)
root (179.184.36.34.static.gvt.net.br): 11 Time(s)
unknown (52.187.17.107): 11 Time(s)
root (52.187.17.107): 10 Time(s)
unknown (219.149.108.195): 10 Time(s)
root (45.80.64.246): 8 Time(s)
root (62.ip-51-254-132.eu): 8 Time(s)
root (201.91.132.170): 7 Time(s)
unknown (0007.seedbox.com.ar): 7 Time(s)
unknown (117.73.2.103): 7 Time(s)
unknown (119.ip-51-83-76.eu): 7 Time(s)
root (112.85.42.171): 6 Time(s)
root (112.85.42.174): 6 Time(s)
root (114.228.74.92): 6 Time(s)
root (178.62.244.194): 6 Time(s)
root (47-114-54-37.pool.ukrtel.net): 6 Time(s)
root (5.238.255.6): 6 Time(s)
root (broadband-37-110-104-187.ip.moscow.rt.ru): 6 Time(s)
unknown (188.165.232.211): 6 Time(s)
unknown (189.232.26.187): 6 Time(s)
unknown (80.82.64.125): 6 Time(s)
root (hwsrv-574169.hostwindsdns.com): 5 Time(s)
unknown (159.65.202.125): 5 Time(s)
root (179.233.31.10): 4 Time(s)
unknown (130.255.99.197): 4 Time(s)
unknown (182.61.130.121): 4 Time(s)
unknown (193.32.163.182): 4 Time(s)
unknown (77.77.50.222): 4 Time(s)
unknown (80.211.83.105): 4 Time(s)
unknown (80.211.87.47): 4 Time(s)
unknown (91-137-136-249.opticon.hu): 4 Time(s)
unknown (ns3006809.ip-151-80-36.eu): 4 Time(s)
unknown (104.248.42.94): 3 Time(s)
unknown (77.173.40.55): 3 Time(s)
unknown (host-80-81-16-70.static.customer.m-online.net): 3 Time(s)
unknown (vmanager5274.premium-vserver.net): 3 Time(s)
root (104.248.42.94): 2 Time(s)
root (120.92.92.149): 2 Time(s)
root (188.131.216.109): 2 Time(s)
root (191.36.246.167): 2 Time(s)
root (196.ip-164-132-97.eu): 2 Time(s)
root (80.82.64.125): 2 Time(s)
root (94.177.186.180): 2 Time(s)
root (ns207979.ovh.net): 2 Time(s)
unknown (118.126.105.120): 2 Time(s)
unknown (128.ip-51-255-32.eu): 2 Time(s)
unknown (217.79.34.202): 2 Time(s)
unknown (51.15.55.90): 2 Time(s)
unknown (84.39.179.119): 2 Time(s)
unknown (aldebaran.e-ducation.it): 2 Time(s)
unknown (ns207979.ovh.net): 2 Time(s)
unknown (ool-2f168252.static.optonline.net): 2 Time(s)
unknown (ool-addccea2.static.optonline.net): 2 Time(s)
mysql (proxy.elasticweb.org): 1 Time(s)
postgres (ns207979.ovh.net): 1 Time(s)
root (103.101.52.48): 1 Time(s)
root (104.131.113.106): 1 Time(s)
root (104.236.246.16): 1 Time(s)
root (106.13.12.210): 1 Time(s)
root (112.112.102.79): 1 Time(s)
root (112.166.1.227): 1 Time(s)
root (112.169.255.1): 1 Time(s)
root (116.196.85.71): 1 Time(s)
root (119.196.83.30): 1 Time(s)
root (121.141.5.199): 1 Time(s)
root (125.64.12.254): 1 Time(s)
root (128.106.195.126): 1 Time(s)
root (128.199.242.84): 1 Time(s)
root (138.197.105.79): 1 Time(s)
root (138.68.146.186): 1 Time(s)
root (139.59.14.210): 1 Time(s)
root (139.59.180.53): 1 Time(s)
root (139.59.78.236): 1 Time(s)
root (142.93.39.29): 1 Time(s)
root (146.185.149.245): 1 Time(s)
root (159.203.77.51): 1 Time(s)
root (159.224.194.240): 1 Time(s)
root (162.ip-54-37-205.eu): 1 Time(s)
root (165.227.49.242): 1 Time(s)
root (170.231.81.165): 1 Time(s)
root (174.138.56.93): 1 Time(s)
root (181.111.224.34): 1 Time(s)
root (181.63.245.127): 1 Time(s)
root (188.165.232.211): 1 Time(s)
root (189.10.195.130): 1 Time(s)
root (189.254.33.157): 1 Time(s)
root (196.32.194.90): 1 Time(s)
root (202.88.241.107): 1 Time(s)
root (211.110.140.200): 1 Time(s)
root (215.ip-51-255-174.eu): 1 Time(s)
root (218.153.253.182): 1 Time(s)
root (219.84.203.57): 1 Time(s)
root (221.160.100.14): 1 Time(s)
root (223.197.175.171): 1 Time(s)
root (37.139.21.75): 1 Time(s)
root (43.242.125.185): 1 Time(s)
root (43.252.36.98): 1 Time(s)
root (45.114.244.56): 1 Time(s)
root (45.117.83.36): 1 Time(s)
root (49.205.181.100): 1 Time(s)
root (59.1.116.20): 1 Time(s)
root (59.13.176.105): 1 Time(s)
root (62-2-136-87.static.cablecom.ch): 1 Time(s)
root (83-94-206-60-cable.dk.customer.tdc.net): 1 Time(s)
root (83.12.198.38): 1 Time(s)
root (95.9.123.151): 1 Time(s)
root (96.76.166.105): 1 Time(s)
root (c-76-27-163-60.hsd1.va.comcast.net): 1 Time(s)
root (callisto.ucc.ie): 1 Time(s)
root (ecs-80-158-16-16.reverse.open-telekom-cloud.com): 1 Time(s)
root (host-80-81-16-70.static.customer.m-online.net): 1 Time(s)
root (kch-106-33.tm.net.my): 1 Time(s)
root (net-5-88-155-130.cust.vodafonedsl.it): 1 Time(s)
root (ns301667.ip-94-23-50.eu): 1 Time(s)
root (ns3045583.ip-46-105-122.eu): 1 Time(s)
root (s.nixc.us): 1 Time(s)
root (server.herojus.lt): 1 Time(s)
root (vmanager5274.premium-vserver.net): 1 Time(s)
sshd (188.165.232.211): 1 Time(s)
unknown (113.162.180.4): 1 Time(s)
unknown (119.196.83.30): 1 Time(s)
unknown (176.31.126.176): 1 Time(s)
unknown (203186158178.ctinets.com): 1 Time(s)
unknown (217.153.246.214): 1 Time(s)
unknown (5.249.154.119): 1 Time(s)
unknown (80.211.88.70): 1 Time(s)
unknown (83.12.198.38): 1 Time(s)
unknown (91-90-190-138.noc.fibertech.net.pl): 1 Time(s)
unknown (92.63.194.26): 1 Time(s)
unknown (94.177.186.180): 1 Time(s)
unknown (host-174-45-10-45.glt-wy.client.bresnan.net): 1 Time(s)
unknown (ns3081142.ip-145-239-8.eu): 1 Time(s)
unknown (ns335893.ip-37-59-17.eu): 1 Time(s)
unknown (ns358598.ip-91-121-153.eu): 1 Time(s)
unknown (ool-2f168746.static.optonline.net): 1 Time(s)
unknown (praxis.pirmadent.de): 1 Time(s)
unknown (proxy.elasticweb.org): 1 Time(s)
unknown (termin.pirmadent.de): 1 Time(s)
Invalid Users:
Unknown Account: 1123 Time(s)
sudo:
Sessions Opened:
deployment -> root: 3 Time(s)
systemd-user:
Unknown Entries:
session opened for user deployment by (uid=0): 3 Time(s)
session closed for user deployment: 2 Time(s)
session closed for user root: 2 Time(s)
session opened for user root by (uid=0): 2 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
17 Miscellaneous warnings
16.354K Bytes accepted 16,746
16.354K Bytes sent via SMTP 16,746
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
2 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
2 Total 4xx Rejects 100.00%
======== ==================================================
43 Connections
33 Connections lost (inbound)
43 Disconnections
1 Removed from queue
1 Sent via SMTP
2 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 1 Time(s)
root : 6 Time(s)
Failed logins from:
5.39.85.175 (s.nixc.us): 1 time
5.88.155.130 (net-5-88-155-130.cust.vodafonedsl.it): 1 time
5.189.129.189 (vmd6669.contaboserver.net): 36 times
5.238.255.6: 6 times
36.103.228.38: 56 times
37.54.114.47 (47-114-54-37.pool.ukrtel.net): 6 times
37.110.104.187 (broadband-37-110-104-187.ip.moscow.rt.ru): 6 times
37.139.21.75: 1 time
43.242.125.185 (static-43-242-125-185.ctrls.in): 1 time
43.252.36.98 (snugglation.com): 1 time
45.80.64.246: 8 times
45.114.244.56: 1 time
45.117.83.36: 1 time
46.101.163.220 (server.herojus.lt): 1 time
46.105.122.62 (ns3045583.ip-46-105-122.eu): 1 time
49.205.181.100 (broadband.actcorp.in): 1 time
49.234.28.54: 26 times
51.38.237.214 (214.ip-51-38-237.eu): 19 times
51.83.76.119 (119.ip-51-83-76.eu): 16 times
51.254.95.139 (ip139.ip-51-254-95.eu): 71 times
51.254.132.62 (62.ip-51-254-132.eu): 8 times
51.255.174.215 (215.ip-51-255-174.eu): 1 time
52.187.17.107: 10 times
54.37.205.162 (162.ip-54-37-205.eu): 1 time
59.1.116.20: 1 time
59.13.176.105: 1 time
62.2.136.87 (62-2-136-87.static.cablecom.ch): 1 time
70.65.21.251 (S01068438356d8a69.rd.shawcable.net): 100 times
76.27.163.60 (c-76-27-163-60.hsd1.va.comcast.net): 1 time
80.81.16.70 (host-80-81-16-70.static.customer.m-online.net): 1 time
80.82.64.125: 2 times
80.158.16.16 (ecs-80-158-16-16.reverse.open-telekom-cloud.com): 1 time
81.130.234.235 (host81-130-234-235.in-addr.btopenworld.com): 17 times
83.12.198.38 (omix.com.pl): 1 time
83.94.206.60 (83-94-206-60-cable.dk.customer.tdc.net): 1 time
86.101.56.141 (catv-86-101-56-141.catv.broadband.hu): 35 times
94.23.50.194 (ns301667.ip-94-23-50.eu): 1 time
94.23.208.211 (ns303460.ip-94-23-208.eu): 67 times
94.23.218.10 (ns207979.ovh.net): 3 times
94.177.186.180 (host180-186-177-94.serverdedicati.aruba.it): 2 times
94.191.50.57: 66 times
95.9.123.151 (95.9.123.151.static.ttnet.com.tr): 1 time
96.76.166.105 (96-76-166-105-static.hfc.comcastbusiness.net): 1 time
103.66.16.18: 41 times
103.101.52.48 (48.52.101.103.in-addr.arpa.semarangkota.go.id): 1 time
103.249.52.5: 40 times
104.131.113.106: 1 time
104.168.199.165 (hwsrv-574169.hostwindsdns.com): 5 times
104.199.251.248 (248.251.199.104.bc.googleusercontent.com): 28 times
104.236.246.16: 1 time
104.248.42.94: 2 times
106.13.12.210: 1 time
111.198.29.223: 40 times
112.73.74.89 (ns2.eflydns.net): 100 times
112.85.42.171: 6 times
112.85.42.174: 6 times
112.112.102.79: 1 time
112.166.1.227: 1 time
112.169.255.1: 1 time
114.98.232.165: 22 times
114.228.74.92: 6 times
116.196.85.71: 1 time
117.73.2.103: 74 times
118.126.105.120: 99 times
119.196.83.30: 1 time
120.92.92.149: 2 times
121.141.5.199: 1 time
125.64.12.254 (254.12.64.125.broad.dy.sc.dynamic.163data.com.cn): 1 time
128.106.195.126 (bb128-106-195-126.singnet.com.sg): 1 time
128.199.242.84: 1 time
129.226.56.22: 99 times
138.68.146.186 (server.fsxapp.xyz): 1 time
138.197.105.79: 1 time
139.59.14.210: 1 time
139.59.78.236: 1 time
139.59.180.53: 1 time
139.99.37.130 (ip130.ip-139-99-37.net): 79 times
142.93.39.29: 1 time
143.239.130.113 (callisto.ucc.ie): 1 time
145.239.93.80 (proxy.elasticweb.org): 1 time
146.185.149.245: 1 time
149.56.46.220 (220.ip-149-56-46.net): 100 times
151.80.36.188 (ns3006809.ip-151-80-36.eu): 40 times
151.80.140.166 (dev.geronimo-dev.ovh): 53 times
155.94.254.46 (mail.fastweightlossdietplans.xyz): 71 times
159.203.77.51: 1 time
159.224.194.240 (240.194.224.159.triolan.net): 1 time
164.132.97.196 (196.ip-164-132-97.eu): 2 times
164.132.192.253 (253.ip-164-132-192.eu): 76 times
165.227.49.242 (184473.cloudwaysapps.com): 1 time
170.231.81.165: 1 time
174.138.56.93: 1 time
177.8.244.38: 37 times
177.101.255.28 (177-101-255-28.static.stech.net.br): 15 times
178.62.244.194: 6 times
179.184.36.34 (179.184.36.34.static.gvt.net.br): 11 times
179.233.31.10 (b3e91f0a.virtua.com.br): 4 times
181.63.245.127 (static-ip-cr18163245127.cable.net.co): 1 time
181.111.224.34 (host34.181-111-224.telecom.net.ar): 1 time
182.61.130.121: 53 times
182.93.48.21 (n18293z48l21.static.ctmip.net): 42 times
185.194.239.38 (vmanager5274.premium-vserver.net): 1 time
188.131.154.248: 67 times
188.131.216.109: 1 time
188.165.232.211 (mail.pressmatic.net): 2 times
189.10.195.130 (189-10-195.smace300.ipd.brasiltelecom.net.br): 1 time
189.254.33.157 (customer-189-254-33-157-sta.uninet-ide.com.mx): 1 time
191.36.246.167: 2 times
191.235.91.156: 18 times
195.9.32.22: 12 times
196.32.194.90: 1 time
201.91.132.170 (201-91-132-170.customer.tdatabrasil.net.br): 7 times
202.5.18.84: 54 times
202.88.241.107 (107.241.88.202.asianet.co.in): 1 time
210.14.77.102: 66 times
211.110.140.200: 1 time
218.153.253.182: 1 time
218.155.189.208: 24 times
219.84.203.57 (zhan-yang.com.tw): 1 time
219.93.106.33 (kch-106-33.tm.net.my): 1 time
219.149.108.195: 87 times
221.160.100.14: 1 time
223.197.175.171 (223-197-175-171.static.imsbiz.com): 1 time
Illegal users from:
undef: 853 times
2.228.78.116 (aldebaran.e-ducation.it): 2 times
5.189.129.189 (vmd6669.contaboserver.net): 69 times
5.196.75.178 (0007.seedbox.com.ar): 7 times
5.249.154.119 (host119-154-249-5.serverdedicati.aruba.it): 1 time
36.103.228.38: 45 times
37.24.118.239 (b2b-37-24-118-239.unitymedia.biz): 15 times
37.59.17.24 (ns335893.ip-37-59-17.eu): 1 time
45.80.64.246: 35 times
47.22.130.82 (ool-2f168252.static.optonline.net): 2 times
47.22.135.70 (ool-2f168746.static.optonline.net): 1 time
51.15.55.90 (90-55-15-51.rev.cloud.scaleway.com): 2 times
51.38.237.214 (214.ip-51-38-237.eu): 35 times
51.83.76.119 (119.ip-51-83-76.eu): 7 times
51.254.95.139 (ip139.ip-51-254-95.eu): 21 times
51.254.132.62 (62.ip-51-254-132.eu): 27 times
51.255.32.128 (128.ip-51-255-32.eu): 2 times
52.187.17.107: 11 times
77.77.50.222: 4 times
77.173.40.55 (static.kpn.net): 3 times
80.23.50.94: 5 times
80.81.16.70 (host-80-81-16-70.static.customer.m-online.net): 3 times
80.82.64.125: 6 times
80.211.83.105 (host105-83-211-80.serverdedicati.aruba.it): 4 times
80.211.87.47 (host47-87-211-80.serverdedicati.aruba.it): 4 times
80.211.88.70 (host70-88-211-80.serverdedicati.aruba.it): 1 time
81.130.234.235 (host81-130-234-235.in-addr.btopenworld.com): 51 times
83.12.198.38 (omix.com.pl): 1 time
84.39.179.119 (static.masmovil.com): 2 times
85.35.109.166: 3 times
87.139.192.210 (termin.pirmadent.de): 2 times
91.90.190.138 (91-90-190-138.noc.fibertech.net.pl): 1 time
91.121.153.26 (ns358598.ip-91-121-153.eu): 1 time
91.137.136.249 (91-137-136-249.opticon.hu): 4 times
92.63.194.26: 1 time
94.23.208.211 (ns303460.ip-94-23-208.eu): 22 times
94.23.218.10 (ns207979.ovh.net): 2 times
94.177.186.180 (host180-186-177-94.serverdedicati.aruba.it): 1 time
94.191.50.57: 29 times
103.66.16.18: 26 times
104.199.251.248 (248.251.199.104.bc.googleusercontent.com): 33 times
104.248.42.94: 3 times
111.198.29.223: 29 times
113.162.180.4 (static.vnpt.vn): 1 time
114.98.232.165: 38 times
117.73.2.103: 7 times
118.126.105.120: 2 times
119.196.83.30: 1 time
130.255.99.197 (terra2-197.alida.it): 4 times
139.99.37.130 (ip130.ip-139-99-37.net): 13 times
145.239.8.65 (ns3081142.ip-145-239-8.eu): 1 time
145.239.93.80 (proxy.elasticweb.org): 1 time
151.80.36.188 (ns3006809.ip-151-80-36.eu): 4 times
151.80.140.166 (dev.geronimo-dev.ovh): 31 times
155.94.254.46 (mail.fastweightlossdietplans.xyz): 18 times
159.65.202.125: 5 times
164.132.192.253 (253.ip-164-132-192.eu): 13 times
173.220.206.162 (ool-addccea2.static.optonline.net): 2 times
174.45.10.45 (host-174-45-10-45.glt-wy.client.bresnan.net): 1 time
176.31.126.176 (s1.dfa-interactive.net): 1 time
177.8.244.38: 34 times
178.62.244.194: 27 times
179.184.36.34 (179.184.36.34.static.gvt.net.br): 14 times
179.233.31.10 (b3e91f0a.virtua.com.br): 58 times
182.61.18.254: 37 times
182.61.130.121: 4 times
182.93.48.21 (n18293z48l21.static.ctmip.net): 20 times
185.194.239.38 (vmanager5274.premium-vserver.net): 3 times
188.131.154.248: 25 times
188.165.232.211 (mail.pressmatic.net): 6 times
189.232.26.187 (dsl-189-232-26-187-dyn.prod-infinitum.com.mx): 6 times
191.36.246.167: 28 times
191.235.91.156: 17 times
193.32.163.182 (hosting-by.cloud-home.me): 4 times
195.9.32.22: 58 times
201.91.132.170 (201-91-132-170.customer.tdatabrasil.net.br): 37 times
202.5.18.84: 32 times
203.186.158.178 (203186158178.ctinets.com): 1 time
217.79.34.202: 2 times
217.153.246.214: 1 time
218.155.189.208: 40 times
219.149.108.195: 10 times
Users logging in through sshd:
deployment:
87.77.234.215 (zead7.pia.fu-berlin.de): 3 times
141.23.137.49 (client-141-23-137-49.wlan.tu-berlin.de): 2 times
root:
194.95.94.56 (wlangw.udk-berlin.de): 2 times
**Unmatched Entries**
fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 4 time(s)
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 4 time(s)
---------------------- SSHD End -------------------------
--------------------- Sudo (secure-log) Begin ------------------------
deployment => root
------------------
/bin/bash - 3 Time(s).
---------------------- Sudo (secure-log) End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 242G 159G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
6 Jahre
- 1
- 0