[TOPF] Logwatch for h2361197.stratoserver.net (Linux)

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Fri Jan 11 04:42:04 2019 Date Range Processed: yesterday ( 2019-Jan-10 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 13:12 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 5 sites probed the server 125.212.217.215 185.10.68.145 5.188.210.50 66.240.192.138 66.240.205.34 Requests with error response codes 400 Bad Request null: 17 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 2 Time(s) /css/font-awesome.min.css: 1 Time(s) /css/font-merriweather.css: 1 Time(s) /css/highlight/default.css: 1 Time(s) /css/style.css: 1 Time(s) http://5.188.210.50/echo.php: 1 Time(s) 404 Not Found /berlin/apple-touch-icon.png: 8 Time(s) /wp-login.php: 7 Time(s) /berlin//apple-touch-icon.png: 2 Time(s) /favicon.ico: 2 Time(s) /sites/all/libraries/plupload/examples/upload.php: 2 Time(s) //blog/: 1 Time(s) /berichte/WiSe14/Bericht_WiSe14-Bremen.pdf: 1 Time(s) /berlin/anreise/apple-touch-icon.png: 1 Time(s) /berlin/helfika/apple-touch-icon.png: 1 Time(s) /berlin/newsletter/apple-touch-icon.png: 1 Time(s) /berlin/orientierung/apple-touch-icon.png: 1 Time(s) /berlin/team/apple-touch-icon.png: 1 Time(s) /berlin/unterstuetzer/apple-touch-icon.png: 1 Time(s) /berlin/zapf/apple-touch-icon.png: 1 Time(s) /berlin/zeitplan/apple-touch-icon.png: 1 Time(s) /reader/1989-wi-berlin.pdf: 1 Time(s) /reader/1993-so-reader_do93.pdf: 1 Time(s) /reader/1993-wi-reader_st93.pdf: 1 Time(s) /reader/1994-wi-reader_hb94.pdf: 1 Time(s) /reader/1995-so-reader_ha95.pdf: 1 Time(s) /reader/1995-wi-reader_bn95.pdf: 1 Time(s) /reader/1998-so-reader_ro98.pdf: 1 Time(s) /sites/default/files/2009_WiSe_M%C3%BCnchen.pdf: 1 Time(s) /zapf/berichte/zapf-wise-2010: 1 Time(s) 500 Internal Server Error /robots.txt: 13 Time(s) /: 10 Time(s) /.well-known/security.txt: 1 Time(s) /favicon.ico: 1 Time(s) /sitemap.xml: 1 Time(s) 502 Bad Gateway /: 25 Time(s) /robots.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (124.89.176.204): 6 Time(s) root (135-23-135-53.cpe.pppoe.ca): 6 Time(s) root (171.15.95.58): 6 Time(s) root (218.48.59.189): 6 Time(s) root (5.167.14.19): 6 Time(s) root (65.171.50.60.kbu01-home.tm.net.my): 6 Time(s) root (78.188.77.44): 6 Time(s) root (broadband-77-37-136-40.ip.moscow.rt.ru): 6 Time(s) unknown (103.77.229.93): 6 Time(s) unknown (175.211.69.50): 6 Time(s) unknown (194.50.144.206): 6 Time(s) unknown (ool-2f145984.dyn.optonline.net): 6 Time(s) unknown (88.214.26.49): 3 Time(s) unknown (186.37.67.190): 2 Time(s) unknown (209.141.52.115): 2 Time(s) root (101.236.42.219): 1 Time(s) root (124.193.236.138): 1 Time(s) root (139.199.105.66): 1 Time(s) root (180.157.156.208): 1 Time(s) root (209.141.52.115): 1 Time(s) root (217.96.70.250): 1 Time(s) root (220.174.236.220): 1 Time(s) root (60.219.169.112): 1 Time(s) root (71.227.197.35.bc.googleusercontent.com): 1 Time(s) root (c-98-235-163-133.hsd1.pa.comcast.net): 1 Time(s) unknown (106.51.126.35): 1 Time(s) unknown (113.135.113.150): 1 Time(s) unknown (140.143.205.227): 1 Time(s) unknown (181.48.184.206): 1 Time(s) unknown (185.244.25.105): 1 Time(s) unknown (203.122.23.126): 1 Time(s) unknown (221.228.197.146): 1 Time(s) unknown (58.42.226.103): 1 Time(s) unknown (mx-ll-183.89.169-8.dynamic.3bb.co.th): 1 Time(s) unknown (oc-129-144-146-14.compute.oraclecloud.com): 1 Time(s) unknown (v3.avtosteklov.ru): 1 Time(s) Invalid Users: Unknown Account: 46 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 8 Miscellaneous warnings 5.869K Bytes accepted 6,010 5.869K Bytes sent via SMTP 6,010 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 4 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 4 Total 4xx Rejects 100.00% ======== ================================================== 81 Connections 3 Connections lost (inbound) 81 Disconnections 1 Removed from queue 1 Sent via SMTP ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 4 Time(s) root : 8 Time(s) Failed logins from: 5.167.14.19 (5x167x14x19.dynamic.irkutsk.ertelecom.ru): 6 times 35.197.227.71 (71.227.197.35.bc.googleusercontent.com): 1 time 60.50.171.65 (65.171.50.60.kbu01-home.tm.net.my): 6 times 60.219.169.112: 1 time 77.37.136.40 (broadband-77-37-136-40.ip.moscow.rt.ru): 6 times 78.188.77.44 (78.188.77.44.static.ttnet.com.tr): 6 times 98.235.163.133 (c-98-235-163-133.hsd1.pa.comcast.net): 1 time 101.236.42.219: 1 time 124.89.176.204: 6 times 124.193.236.138: 1 time 135.23.135.53 (135-23-135-53.cpe.pppoe.ca): 6 times 139.199.105.66: 1 time 171.15.95.58: 6 times 180.157.156.208: 1 time 209.141.52.115 (stark.musicatechnica.me): 1 time 217.96.70.250: 1 time 218.48.59.189: 6 times 220.174.236.220: 1 time Illegal users from: undef: 12 times 47.20.89.132 (ool-2f145984.dyn.optonline.net): 6 times 58.42.226.103: 1 time 88.214.26.49: 3 times 103.77.229.93: 6 times 106.51.126.35 (broadband.actcorp.in): 1 time 113.135.113.150: 5 times 129.144.146.14 (oc-129-144-146-14.compute.oraclecloud.com): 1 time 139.162.122.110 (scan-8.security.ipip.net): 1 time 140.143.205.227: 1 time 175.211.69.50: 6 times 181.48.184.206: 1 time 183.89.169.8 (mx-ll-183.89.169-8.dynamic.3bb.co.th): 1 time 185.244.25.105 (Dedi08.customers.kvsolutions.nl): 1 time 186.37.67.190 (client-186-37-67-190.imovil.entelpcs.cl): 2 times 188.225.77.171 (v3.avtosteklov.ru): 1 time 194.50.144.206 (206.144.kulinichi.net.ua): 6 times 203.122.23.126 (203.122.23.126.reverse.spectranet.in): 1 time 209.141.52.115 (stark.musicatechnica.me): 2 times 221.228.197.146: 1 time ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################