[TOPF] Logwatch for h2361197.stratoserver.net (Linux)

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sat Dec 14 04:42:03 2019 Date Range Processed: yesterday ( 2019-Dec-13 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [192:190] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Requests with error response codes 400 Bad Request mstshash=Administr: 3 Time(s) /: 1 Time(s) 404 Not Found /robots.txt: 47 Time(s) /berlin/apple-touch-icon.png: 6 Time(s) /protokolle/Protokoll_MV_12.11.2016.pdf: 2 Time(s) /wp-login.php: 2 Time(s) /.bitcoin/backup.dat: 1 Time(s) /.bitcoin/bitcoin.dat: 1 Time(s) /.bitcoin/wallet.dat: 1 Time(s) /backup.dat: 1 Time(s) /backup/backup.dat: 1 Time(s) /backup/bitcoin.dat: 1 Time(s) /backup/wallet.dat: 1 Time(s) /bitcoin.dat: 1 Time(s) /reader/2016_sose_konstanz_lang.pdf: 1 Time(s) /reader/SoSe14_AK_Zivilklausel.pdf: 1 Time(s) /reader/WiSe12_AK_Schule-Studium.pdf: 1 Time(s) /reader/commit/da0fd0463ced8baff84cce5549ee7c76a5e7ca05: 1 Time(s) /reader/commit/f296a13ca2c01c535b80f726f1d0e62f3620d14e: 1 Time(s) /resolutionen/sose14/reso_sose14_zusammenarbeitzapf-che.pdf: 1 Time(s) /resolutionen/sose17/gesellschaftlich_vera ... wantwortung.pdf: 1 Time(s) /wallet.dat: 1 Time(s) /zapf/berichte/ausgestaltung-studiengaenge ... _zapf-sose-2010: 1 Time(s) /zapf/geschaeftsordnung: 1 Time(s) /zapf/reader/%7CTagungsreader: 1 Time(s) /zapf/resolutionen/%7D%7Bwww.zapfev.de/zapf/resolutionen%7D: 1 Time(s) 500 Internal Server Error /: 149 Time(s) /admin/: 15 Time(s) /pub/errors/503.php: 15 Time(s) /magento/: 3 Time(s) /magento/admin/: 3 Time(s) /magento/pub/errors/503.php: 3 Time(s) /magento2/: 3 Time(s) /magento2/admin/: 3 Time(s) /magento2/pub/errors/503.php: 3 Time(s) /shop/: 3 Time(s) /shop/admin/: 3 Time(s) /shop/pub/errors/503.php: 3 Time(s) /store/: 3 Time(s) /store/admin/: 3 Time(s) /store/pub/errors/503.php: 3 Time(s) /.well-known/security.txt: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (222.186.173.238): 42 Time(s) root (222.186.175.154): 42 Time(s) root (49.88.112.59): 42 Time(s) root (222.186.180.6): 41 Time(s) root (222.186.42.4): 40 Time(s) root (222.186.173.183): 36 Time(s) root (222.186.175.155): 36 Time(s) root (222.186.175.216): 36 Time(s) root (218.92.0.178): 30 Time(s) root (222.186.175.148): 30 Time(s) root (222.186.175.151): 30 Time(s) root (222.186.175.183): 30 Time(s) root (222.186.190.92): 30 Time(s) root (222.186.175.182): 29 Time(s) root (222.186.175.202): 29 Time(s) root (222.186.175.161): 27 Time(s) root (222.186.175.150): 26 Time(s) root (222.186.180.9): 25 Time(s) root (222.186.173.142): 24 Time(s) root (222.186.173.226): 24 Time(s) root (222.186.175.167): 24 Time(s) root (222.186.175.169): 24 Time(s) root (222.186.180.17): 24 Time(s) root (218.92.0.175): 23 Time(s) root (218.92.0.172): 22 Time(s) root (222.186.180.147): 22 Time(s) root (112.85.42.175): 18 Time(s) root (218.92.0.148): 18 Time(s) root (218.92.0.164): 18 Time(s) root (222.186.169.192): 18 Time(s) root (222.186.173.154): 18 Time(s) root (222.186.175.140): 18 Time(s) root (222.186.175.147): 18 Time(s) root (222.186.175.181): 18 Time(s) root (222.186.175.217): 18 Time(s) root (222.186.180.8): 18 Time(s) root (49.88.112.55): 18 Time(s) root (218.92.0.145): 17 Time(s) root (218.92.0.155): 17 Time(s) root (222.186.175.163): 17 Time(s) root (222.186.175.220): 17 Time(s) root (112.85.42.172): 15 Time(s) root (222.186.180.41): 14 Time(s) root (218.92.0.158): 12 Time(s) root (222.186.169.194): 12 Time(s) root (222.186.180.223): 12 Time(s) root (49.88.112.61): 12 Time(s) root (49.88.112.64): 12 Time(s) root (218.92.0.170): 11 Time(s) root (222.186.173.180): 11 Time(s) root (222.186.190.2): 11 Time(s) root (49.88.112.62): 11 Time(s) root (61.177.172.128): 11 Time(s) root (218.92.0.134): 6 Time(s) root (218.92.0.141): 6 Time(s) root (218.92.0.165): 6 Time(s) root (218.92.0.179): 6 Time(s) root (218.92.0.212): 6 Time(s) root (222.186.175.212): 6 Time(s) root (112.85.42.171): 5 Time(s) root (112.85.42.173): 5 Time(s) root (112.85.42.174): 5 Time(s) root (112.85.42.178): 5 Time(s) root (218.92.0.131): 5 Time(s) unknown (d51a5d0dd.access.telenet.be): 2 Time(s) postgres (123.214.185.80.rev.sfr.net): 1 Time(s) root (183.230.93.137): 1 Time(s) root (190.233.206.253): 1 Time(s) root (89.211.96.197): 1 Time(s) root (90.220.55.200): 1 Time(s) root (91.212.150.145): 1 Time(s) unknown (103.5.127.97): 1 Time(s) unknown (110.137.162.153): 1 Time(s) unknown (113.59.213.30): 1 Time(s) unknown (115.84.91.202): 1 Time(s) unknown (118.25.156.20): 1 Time(s) unknown (122.49.35.37): 1 Time(s) unknown (14.186.133.16): 1 Time(s) unknown (157.34.100.4): 1 Time(s) unknown (159.203.77.51): 1 Time(s) unknown (174.138.56.93): 1 Time(s) unknown (180.100.212.73): 1 Time(s) unknown (190.246.45.81): 1 Time(s) unknown (203.163.231.41): 1 Time(s) unknown (218.58.124.42): 1 Time(s) unknown (219.141.176.186): 1 Time(s) unknown (37.130.107.67): 1 Time(s) unknown (49.235.111.49): 1 Time(s) unknown (91.212.150.146): 1 Time(s) unknown (91.212.150.147): 1 Time(s) unknown (92.63.194.26): 1 Time(s) unknown (94.191.18.67): 1 Time(s) unknown (host81-136-255-20.in-addr.btopenworld.com): 1 Time(s) unknown (svr3.geekcloud.net): 1 Time(s) Invalid Users: Unknown Account: 25 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 1 Miscellaneous warnings 13.335K Bytes accepted 13,655 13.335K Bytes sent via SMTP 13,655 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 256 Connections 5 Connections lost (inbound) 256 Disconnections 1 Removed from queue 1 Sent via SMTP 1 SMTP dialog errors 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 208 Time(s) Failed logins from: 49.88.112.55: 18 times 49.88.112.59: 42 times 49.88.112.61: 12 times 49.88.112.62: 11 times 49.88.112.64: 12 times 61.177.172.128: 11 times 80.185.214.123 (123.214.185.80.rev.sfr.net): 1 time 89.211.96.197: 1 time 90.220.55.200 (5adc37c8.bb.sky.com): 1 time 91.212.150.145 (vgh.webleads.chat): 1 time 112.85.42.171: 5 times 112.85.42.172: 15 times 112.85.42.173: 5 times 112.85.42.174: 5 times 112.85.42.175: 18 times 112.85.42.178: 5 times 183.230.93.137: 1 time 190.233.206.253: 1 time 218.92.0.131: 5 times 218.92.0.134: 6 times 218.92.0.141: 6 times 218.92.0.145: 17 times 218.92.0.148: 18 times 218.92.0.155: 17 times 218.92.0.158: 12 times 218.92.0.164: 18 times 218.92.0.165: 6 times 218.92.0.170: 11 times 218.92.0.172: 22 times 218.92.0.175: 23 times 218.92.0.178: 30 times 218.92.0.179: 6 times 218.92.0.212: 6 times 222.186.42.4: 42 times 222.186.169.192: 18 times 222.186.169.194: 12 times 222.186.173.142: 24 times 222.186.173.154: 18 times 222.186.173.180: 11 times 222.186.173.183: 36 times 222.186.173.226: 24 times 222.186.173.238: 42 times 222.186.175.140: 18 times 222.186.175.147: 18 times 222.186.175.148: 30 times 222.186.175.150: 30 times 222.186.175.151: 30 times 222.186.175.154: 42 times 222.186.175.155: 36 times 222.186.175.161: 29 times 222.186.175.163: 17 times 222.186.175.167: 24 times 222.186.175.169: 24 times 222.186.175.181: 18 times 222.186.175.182: 29 times 222.186.175.183: 30 times 222.186.175.202: 29 times 222.186.175.212: 6 times 222.186.175.216: 36 times 222.186.175.217: 18 times 222.186.175.220: 17 times 222.186.180.6: 41 times 222.186.180.8: 18 times 222.186.180.9: 26 times 222.186.180.17: 24 times 222.186.180.41: 18 times 222.186.180.147: 24 times 222.186.180.223: 12 times 222.186.190.2: 11 times 222.186.190.92: 30 times Illegal users from: undef: 16 times 14.186.133.16 (static.vnpt.vn): 1 time 37.130.107.67: 1 time 49.235.111.49: 1 time 81.136.255.20 (host81-136-255-20.in-addr.btopenworld.com): 1 time 81.165.208.221 (d51A5D0DD.access.telenet.be): 2 times 91.212.150.146 (fghmz.webleads.chat): 1 time 91.212.150.147 (red.webinsight360.com): 1 time 92.63.194.26: 1 time 94.191.18.67: 1 time 103.5.127.97: 1 time 110.137.162.153 (153.subnet110-137-162.speedy.telkom.net.id): 1 time 113.59.213.30 (113-59-213-30.cgnat.lankabell.com): 1 time 115.84.91.202: 1 time 118.25.156.20: 1 time 122.49.35.37: 1 time 139.162.122.110 (scan-8.security.ipip.net): 1 time 157.34.100.4: 1 time 158.69.220.178 (svr3.geekcloud.net): 1 time 159.203.77.51: 1 time 174.138.56.93: 1 time 180.100.212.73: 1 time 190.246.45.81 (81-45-246-190.fibertel.com.ar): 1 time 203.163.231.41: 1 time 218.58.124.42: 1 time 219.141.176.186: 1 time **Unmatched Entries** fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 5 time(s) error: Received disconnect from 141.98.10.39: 2: Handshake failed [preauth] : 2 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################