[TOPF] Logwatch for h2361197.stratoserver.net (Linux)

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Mon Jan 7 04:42:04 2019 Date Range Processed: yesterday ( 2019-Jan-06 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 12:12 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 185.232.21.197 -> www.msftncsi.com:443: 1 Time(s) 185.232.21.198 -> www.msftncsi.com:443: 1 Time(s) 185.232.21.199 -> www.msftncsi.com:443: 1 Time(s) Requests with error response codes 400 Bad Request www.msftncsi.com:443: 3 Time(s) /: 1 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) /xxbb: 1 Time(s) 404 Not Found /wp-login.php: 5 Time(s) /HNAP1/: 2 Time(s) /PhpMyAdmin-2.6.2-rc1/: 2 Time(s) /PhpMyAdmin-2.6.3/: 2 Time(s) /berlin/apple-touch-icon.png: 2 Time(s) /Admin/: 1 Time(s) /AgSearch/SQlite/main.php: 1 Time(s) /Dbadmin/: 1 Time(s) /Hudson/script: 1 Time(s) /Main.php: 1 Time(s) /Myadmin/: 1 Time(s) /Mysql-admin/: 1 Time(s) /Mysql/: 1 Time(s) /Mysqladmin/: 1 Time(s) /Mysqlmanager/: 1 Time(s) /Openserver/phpmyadmin/: 1 Time(s) /P/m/a/: 1 Time(s) /PMA/: 1 Time(s) /PMA2005/: 1 Time(s) /Php-my-admin/: 1 Time(s) /Php-myadmin/: 1 Time(s) /PhpMyAdmin-2.2.3/: 1 Time(s) /PhpMyAdmin-2.2.6/: 1 Time(s) /PhpMyAdmin-2.5.1/: 1 Time(s) /PhpMyAdmin-2.5.4/: 1 Time(s) /PhpMyAdmin-2.5.5-pl1/: 1 Time(s) /PhpMyAdmin-2.5.5-rc1/: 1 Time(s) /PhpMyAdmin-2.5.5-rc2/: 1 Time(s) /PhpMyAdmin-2.5.5/: 1 Time(s) /PhpMyAdmin-2.5.6-rc1/: 1 Time(s) /PhpMyAdmin-2.5.6-rc2/: 1 Time(s) /PhpMyAdmin-2.5.6/: 1 Time(s) /PhpMyAdmin-2.5.7-pl1/: 1 Time(s) /PhpMyAdmin-2.5.7/: 1 Time(s) /PhpMyAdmin-2.6.0-alpha/: 1 Time(s) /PhpMyAdmin-2.6.0-alpha2/: 1 Time(s) /PhpMyAdmin-2.6.0-beta1/: 1 Time(s) /PhpMyAdmin-2.6.0-beta2/: 1 Time(s) /PhpMyAdmin-2.6.0-pl1/: 1 Time(s) /PhpMyAdmin-2.6.0-pl2/: 1 Time(s) /PhpMyAdmin-2.6.0-pl3/: 1 Time(s) /PhpMyAdmin-2.6.0-rc1/: 1 Time(s) /PhpMyAdmin-2.6.0-rc2/: 1 Time(s) /PhpMyAdmin-2.6.0-rc3/: 1 Time(s) /PhpMyAdmin-2.6.0/: 1 Time(s) /PhpMyAdmin-2.6.1-pl1/: 1 Time(s) /PhpMyAdmin-2.6.1-pl2/: 1 Time(s) /PhpMyAdmin-2.6.1-pl3/: 1 Time(s) /PhpMyAdmin-2.6.1-rc1/: 1 Time(s) /PhpMyAdmin-2.6.1-rc2/: 1 Time(s) /PhpMyAdmin-2.6.1/: 1 Time(s) /PhpMyAdmin-2.6.2-beta1/: 1 Time(s) /PhpMyAdmin-2.6.2-pl1/: 1 Time(s) /PhpMyAdmin-2.6.2/: 1 Time(s) /PhpMyAdmin-2.6.3-pl1/: 1 Time(s) /PhpMyAdmin-2.6.3-rc1/: 1 Time(s) /PhpMyAdmin-2.6.4-pl1/: 1 Time(s) /PhpMyAdmin-2.6.4-pl2/: 1 Time(s) /PhpMyAdmin-2.6.4-pl3/: 1 Time(s) /PhpMyAdmin-2.6.4-pl4/: 1 Time(s) /PhpMyAdmin-2.6.4-rc1/: 1 Time(s) /PhpMyAdmin-2.6.4/: 1 Time(s) /PhpMyAdmin-2.7.0-beta1/: 1 Time(s) /PhpMyAdmin-2.7.0-pl1/: 1 Time(s) /PhpMyAdmin-2.7.0-pl2/: 1 Time(s) /PhpMyAdmin-2.7.0-rc1/: 1 Time(s) /PhpMyAdmin-2.7.0/: 1 Time(s) /PhpMyAdmin-2.8.0-beta1/: 1 Time(s) /PhpMyAdmin-2.8.0-rc1/: 1 Time(s) /PhpMyAdmin-2.8.0-rc2/: 1 Time(s) /PhpMyAdmin-2.8.0.1/: 1 Time(s) /PhpMyAdmin-2.8.0.2/: 1 Time(s) /PhpMyAdmin-2.8.0.3/: 1 Time(s) /PhpMyAdmin-2.8.0.4/: 1 Time(s) /PhpMyAdmin-2.8.0/: 1 Time(s) /PhpMyAdmin-2.8.1-rc1/: 1 Time(s) /PhpMyAdmin-2.8.1/: 1 Time(s) /PhpMyAdmin-2.8.2/: 1 Time(s) /PhpMyAdmin-2/: 1 Time(s) /PhpMyAdmin/: 1 Time(s) /PhpMyAdmin2/: 1 Time(s) /Phpmanager/: 1 Time(s) /Phpmy-admin/: 1 Time(s) /Phpmyadmin/: 1 Time(s) /Phpmyadmin2/: 1 Time(s) /Pma/: 1 Time(s) /Pma2005/: 1 Time(s) /SQLite/main.php: 1 Time(s) /SQLiteManager-1.2.4/main.php: 1 Time(s) /SQLiteManager/main.php: 1 Time(s) /SQlite/main.php: 1 Time(s) /Script: 1 Time(s) /Sqlite/main.php: 1 Time(s) /Sqlitemanager/main.php: 1 Time(s) /Sqlmanager/: 1 Time(s) /Sqlweb/: 1 Time(s) /Test/sqlite/SQLiteManager-1.2.0/SQLiteMan ... -1.2.0/main.php: 1 Time(s) /Webadmin/: 1 Time(s) /Webdb/: 1 Time(s) /Websql/: 1 Time(s) /__media__/js/netsoltrademark.php?d=zkdwqlrq.gq: 1 Time(s) /favicon.ico: 1 Time(s) /home/verein: 1 Time(s) /home/zapf: 1 Time(s) /robots.txt: 1 Time(s) /wp-content/plugins/image-clipboard/readme.txt: 1 Time(s) 499 (undefined) /socket.io/?noteId=qRl9jCmqTyC2xAIuytnpHA& ... kQiqd4hsI_XAAAJ: 1 Time(s) 500 Internal Server Error /: 6 Time(s) //libs/js/iframe.js: 1 Time(s) /robots.txt: 1 Time(s) 502 Bad Gateway /: 24 Time(s) /robots.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (103.98.189.80): 6 Time(s) root (117.168.228.225): 6 Time(s) root (42.56.32.252): 6 Time(s) root (78.188.13.253): 6 Time(s) unknown (118.72.168.148): 6 Time(s) unknown (140.143.134.86): 5 Time(s) unknown (16.154.198.104.bc.googleusercontent.com): 5 Time(s) unknown (178.128.221.237): 5 Time(s) unknown (106.12.14.136): 3 Time(s) unknown (106.2.1.241): 3 Time(s) unknown (139.199.207.31): 3 Time(s) unknown (193.68.185.35.bc.googleusercontent.com): 3 Time(s) unknown (218.60.148.61): 3 Time(s) unknown (41.159.18.20): 3 Time(s) unknown (52.246.254.177): 3 Time(s) unknown (88.214.26.49): 2 Time(s) unknown (aputeaux-652-1-35-227.w83-204.abo.wanadoo.fr): 2 Time(s) unknown (ip4d14ee86.dynamic.kabel-deutschland.de): 2 Time(s) root (113.161.88.235): 1 Time(s) root (217.61.58.21): 1 Time(s) unknown (106.12.6.74): 1 Time(s) unknown (14.184.64.105): 1 Time(s) unknown (168-205-38-206.wantel.net.br): 1 Time(s) unknown (181.27.216.25): 1 Time(s) unknown (211.159.156.188): 1 Time(s) unknown (98.ip-151-80-155.eu): 1 Time(s) unknown (link3.rts.ua): 1 Time(s) unknown (ns3016508.ip-51-254-47.eu): 1 Time(s) Invalid Users: Unknown Account: 60 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 1 Miscellaneous warnings 6.156K Bytes accepted 6,304 6.156K Bytes sent via SMTP 6,304 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 161 Connections 161 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 1 Time(s) root : 4 Time(s) Failed logins from: 42.56.32.252: 6 times 78.188.13.253 (78.188.13.253.static.ttnet.com.tr): 6 times 103.98.189.80: 6 times 113.161.88.235 (static.vnpt.vn): 1 time 117.168.228.225 (localhost): 6 times 217.61.58.21 (host21-58-61-217.serverdedicati.aruba.it): 1 time Illegal users from: undef: 38 times 14.184.64.105 (static.vnpt.vn): 1 time 35.185.68.193 (193.68.185.35.bc.googleusercontent.com): 3 times 41.159.18.20: 3 times 51.254.47.198 (ns3016508.ip-51-254-47.eu): 1 time 52.246.254.177: 3 times 77.20.238.134 (ip4d14ee86.dynamic.kabel-deutschland.de): 2 times 83.204.162.227 (aputeaux-652-1-35-227.w83-204.abo.wanadoo.fr): 2 times 88.214.26.49: 2 times 89.28.205.18 (link3.rts.ua): 1 time 104.198.154.16 (16.154.198.104.bc.googleusercontent.com): 5 times 106.2.1.241: 3 times 106.12.6.74: 1 time 106.12.14.136: 3 times 118.72.168.148 (148.168.72.118.adsl-pool.sx.cn): 6 times 139.199.207.31: 3 times 140.143.134.86: 5 times 151.80.155.98 (98.ip-151-80-155.eu): 1 time 168.205.38.206 (168-205-38-206.wantel.net.br): 1 time 178.128.221.237: 5 times 181.27.216.25 (181-27-216-25.speedy.com.ar): 5 times 211.159.156.188: 1 time 218.60.148.61: 3 times **Unmatched Entries** Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################