[TOPF] Logwatch for h2361197.stratoserver.net (Linux)

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sun Jun 2 04:42:08 2019 Date Range Processed: yesterday ( 2019-Jun-01 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [502:499] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 5 sites probed the server 142.93.102.38 164.52.24.184 172.104.242.173 185.10.68.189 61.219.11.153 Requests with error response codes 400 Bad Request null: 8 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 2 Time(s) 403 Forbidden /resolutionen/: 1 Time(s) 404 Not Found /robots.txt: 34 Time(s) /wp-login.php: 4 Time(s) /berlin/helfika/apple-touch-icon.png: 1 Time(s) /download/zapfev_satzung.pdf: 1 Time(s) /index.php?l=page_view&p=advanced_search: 1 Time(s) /neuigkeiten/einladung-mgv-ss2011: 1 Time(s) /node: 1 Time(s) /reader/2016_sose_konstanz_lang.pdf: 1 Time(s) /reader/Deutsche%20Mathematiker-Vereinigun ... Unterrichts.pdf: 1 Time(s) /resolutionen/wise12/Reso_WiSe12_Zivilgesellschaftliches: 1 Time(s) /shop/index.php?l=page_view&p=advanced_search: 1 Time(s) /sites/default/files/2011_SoSe_Dresden.pdf: 1 Time(s) /ss/index.php?l=page_view&p=advanced_search: 1 Time(s) /sunshop/index.php?l=page_view&p=advanced_search: 1 Time(s) /wp-admin/css/colors/blue/theme.php: 1 Time(s) /zapf/resolutionen/%7D%7Bwww.zapfev.de/zapf/resolutionen%7D: 1 Time(s) 500 Internal Server Error /: 24 Time(s) /admin//config.php: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (103.99.13.26): 58 Time(s) unknown (203.237.211.167): 57 Time(s) unknown (111.231.87.233): 53 Time(s) unknown (134.175.191.248): 53 Time(s) unknown (118.24.112.64): 51 Time(s) unknown (129.211.12.205): 51 Time(s) unknown (2.184.50.9): 51 Time(s) unknown (42-200-198-53.static.imsbiz.com): 51 Time(s) unknown (59.145.221.103): 51 Time(s) unknown (61.42.20.22): 51 Time(s) unknown (118.222.146.186): 50 Time(s) unknown (159.203.141.208): 50 Time(s) unknown (202.28.64.1): 50 Time(s) unknown (209.53.254.34): 50 Time(s) unknown (106.12.36.21): 49 Time(s) unknown (129.211.116.170): 49 Time(s) unknown (161.ip-193-70-36.eu): 49 Time(s) unknown (128.199.96.234): 48 Time(s) unknown (159.89.182.5): 48 Time(s) unknown (ns303460.ip-94-23-208.eu): 46 Time(s) unknown (200.164.82.26): 45 Time(s) unknown (86.104.220.181): 44 Time(s) unknown (ns2.cablebox.co): 44 Time(s) unknown (104.248.237.238): 42 Time(s) unknown (104.236.175.127): 40 Time(s) unknown (49.249.248.34): 37 Time(s) unknown (144-155-255-130.dynamic.t-mont.net.pl): 36 Time(s) unknown (117.131.51.157): 34 Time(s) unknown (139.59.228.147): 31 Time(s) unknown (179.228.196.232): 24 Time(s) unknown (62.ip-145-239-82.eu): 23 Time(s) unknown (106.12.16.140): 22 Time(s) unknown (host-109-88-224-139.dynamic.voo.be): 22 Time(s) unknown (89.106.108.29.unicsbg.net): 21 Time(s) unknown (118.89.40.174): 19 Time(s) unknown (122.192.51.202): 18 Time(s) unknown (216.7.159.250): 16 Time(s) unknown (cpe-24-160-6-156.sw.res.rr.com): 15 Time(s) unknown (pool-108-30-0-18.nycmny.fios.verizon.net): 10 Time(s) unknown (198.199.69.22): 9 Time(s) unknown (206.189.165.94): 8 Time(s) unknown (197.46.125.202): 7 Time(s) root (1.196.123.46): 6 Time(s) root (113.193.239.7): 6 Time(s) root (119.185.77.126): 6 Time(s) unknown (39.red-213-97-245.staticip.rima-tde.net): 6 Time(s) unknown (idb-web1.idbgroup.net): 6 Time(s) unknown (197.45.155.12): 5 Time(s) unknown (148.70.166.52): 4 Time(s) mysql (159.203.141.208): 2 Time(s) temp (118.222.146.186): 2 Time(s) unknown (1.232.77.181): 2 Time(s) unknown (194.179.101.4): 2 Time(s) unknown (197.135.6.41): 2 Time(s) unknown (ip-46-28-248-87.eidsiva.net): 2 Time(s) backup (106.12.16.140): 1 Time(s) backup (128.199.96.234): 1 Time(s) backup (129.211.12.205): 1 Time(s) daemon (202.28.64.1): 1 Time(s) daemon (206.189.165.94): 1 Time(s) games (2.184.50.9): 1 Time(s) games (49.249.248.34): 1 Time(s) gnats (62.ip-145-239-82.eu): 1 Time(s) irc (203.237.211.167): 1 Time(s) list (159.89.182.5): 1 Time(s) list (200.164.82.26): 1 Time(s) list (ns303460.ip-94-23-208.eu): 1 Time(s) mail (49.249.248.34): 1 Time(s) mailman (ns303460.ip-94-23-208.eu): 1 Time(s) man (104.248.237.238): 1 Time(s) man (111.231.87.233): 1 Time(s) man (118.24.112.64): 1 Time(s) man (202.28.64.1): 1 Time(s) mysql (134.175.191.248): 1 Time(s) news (104.248.237.238): 1 Time(s) news (129.211.12.205): 1 Time(s) news (86.104.220.181): 1 Time(s) nobody (104.236.175.127): 1 Time(s) postfix (106.12.16.140): 1 Time(s) postfix (42-200-198-53.static.imsbiz.com): 1 Time(s) postgres (111.231.87.233): 1 Time(s) postgres (159.89.182.5): 1 Time(s) postgres (202.28.64.1): 1 Time(s) postgres (39.red-213-97-245.staticip.rima-tde.net): 1 Time(s) postgres (89.106.108.29.unicsbg.net): 1 Time(s) postgres (ns303460.ip-94-23-208.eu): 1 Time(s) proxy (117.131.51.157): 1 Time(s) proxy (118.24.112.64): 1 Time(s) root (175.116.66.110): 1 Time(s) root (194.179.101.4): 1 Time(s) root (194.179.101.6): 1 Time(s) root (lfbn-bay-1-362-net.w90-54.abo.wanadoo.fr): 1 Time(s) smmsp (209.53.254.34): 1 Time(s) sshd (49.249.248.34): 1 Time(s) sync (104.248.237.238): 1 Time(s) sync (117.131.51.157): 1 Time(s) temp (129.211.116.170): 1 Time(s) temp (216.7.159.250): 1 Time(s) temp (host-109-88-224-139.dynamic.voo.be): 1 Time(s) unknown (101.99.65.72): 1 Time(s) unknown (116.96.243.130): 1 Time(s) unknown (14.33.133.188): 1 Time(s) unknown (189.121.28.17): 1 Time(s) unknown (82.209.209.32): 1 Time(s) unknown (oict-135-80-73-105.inwitelecom.com): 1 Time(s) uucp (209.53.254.34): 1 Time(s) www-data (111.231.87.233): 1 Time(s) www-data (118.222.146.186): 1 Time(s) www-data (118.89.40.174): 1 Time(s) www-data (134.175.191.248): 1 Time(s) Invalid Users: Unknown Account: 1622 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 1 Miscellaneous warnings 13.385K Bytes accepted 13,706 13.385K Bytes sent via SMTP 13,706 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 5 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 5 Total 4xx Rejects 100.00% ======== ================================================== 211 Connections 175 Connections lost (inbound) 211 Disconnections 1 Removed from queue 1 Sent via SMTP 12 Timeouts (inbound) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 1 Time(s) root : 3 Time(s) Failed logins from: 1.196.123.46: 6 times 2.184.50.9: 1 time 42.200.198.53 (42-200-198-53.static.imsbiz.com): 1 time 49.249.248.34 (static-34.248.249.49-tataidc.co.in): 3 times 86.104.220.181 (wbca.odyssetwork.com): 1 time 89.106.108.29 (89.106.108.29.unicsbg.net): 1 time 90.54.79.0 (lfbn-bay-1-362-net.w90-54.abo.wanadoo.fr): 1 time 94.23.208.211 (ns303460.ip-94-23-208.eu): 3 times 104.236.175.127: 1 time 104.248.237.238: 3 times 106.12.16.140: 2 times 109.88.224.139 (host-109-88-224-139.dynamic.voo.be): 1 time 111.231.87.233: 3 times 113.193.239.7: 6 times 117.131.51.157 (.): 2 times 118.24.112.64: 2 times 118.89.40.174: 1 time 118.222.146.186: 3 times 119.185.77.126: 6 times 128.199.96.234: 1 time 129.211.12.205: 2 times 129.211.116.170: 1 time 134.175.191.248: 2 times 145.239.82.62 (62.ip-145-239-82.eu): 1 time 159.89.182.5: 2 times 159.203.141.208 (datacenter.coinmint): 2 times 175.116.66.110: 1 time 194.179.101.4 (4.red-194-179-101.customer.static.ccgg.telefonica.net): 1 time 194.179.101.6 (6.red-194-179-101.customer.static.ccgg.telefonica.net): 1 time 200.164.82.26: 1 time 202.28.64.1: 3 times 203.237.211.167: 1 time 206.189.165.94: 1 time 209.53.254.34 (webmail.bccable.net): 2 times 213.97.245.39 (39.red-213-97-245.staticip.rima-tde.net): 1 time 216.7.159.250 (host-216-7-159-250.mtnsat.com): 1 time Illegal users from: undef: 1166 times 1.232.77.181: 2 times 2.184.50.9: 51 times 14.33.133.188: 5 times 24.160.6.156 (cpe-24-160-6-156.sw.res.rr.com): 15 times 42.200.198.53 (42-200-198-53.static.imsbiz.com): 51 times 49.249.248.34 (static-34.248.249.49-tataidc.co.in): 37 times 59.145.221.103 (www1.jbvnl.co.in): 51 times 61.42.20.22: 51 times 82.209.209.32 (82.209.209.32.ripe.vitebsk.by): 1 time 86.104.220.181 (wbca.odyssetwork.com): 44 times 87.248.28.46 (ip-46-28-248-87.eidsiva.net): 2 times 89.106.108.29 (89.106.108.29.unicsbg.net): 21 times 94.23.208.211 (ns303460.ip-94-23-208.eu): 46 times 101.99.65.72: 1 time 103.99.13.26: 58 times 104.236.175.127: 40 times 104.248.237.238: 42 times 105.73.80.135 (oict-135-80-73-105.inwitelecom.com): 1 time 106.12.16.140: 22 times 106.12.36.21: 49 times 108.30.0.18 (pool-108-30-0-18.nycmny.fios.verizon.net): 10 times 109.88.224.139 (host-109-88-224-139.dynamic.voo.be): 22 times 111.231.87.233: 53 times 116.96.243.130: 1 time 117.131.51.157 (.): 34 times 118.24.112.64: 51 times 118.89.40.174: 19 times 118.222.146.186: 50 times 122.192.51.202: 18 times 128.199.96.234: 48 times 129.211.12.205: 51 times 129.211.116.170: 49 times 130.255.155.144 (144-155-255-130.dynamic.t-mont.net.pl): 36 times 134.175.191.248: 53 times 139.59.228.147: 31 times 144.217.79.233 (ns2.cablebox.co): 44 times 145.239.82.62 (62.ip-145-239-82.eu): 23 times 148.70.166.52: 4 times 159.89.182.5: 48 times 159.203.141.208 (datacenter.coinmint): 50 times 179.228.196.232 (179-228-196-232.user.vivozap.com.br): 24 times 189.121.28.17 (bd791c11.virtua.com.br): 1 time 193.70.36.161 (161.ip-193-70-36.eu): 49 times 194.179.101.4 (4.red-194-179-101.customer.static.ccgg.telefonica.net): 2 times 197.45.155.12 (host-197.45.155.12.tedata.net): 5 times 197.46.125.202 (host-197.46.125.202.tedata.net): 7 times 197.135.6.41: 2 times 198.199.69.22: 9 times 200.164.82.26: 45 times 202.28.64.1: 50 times 203.237.211.167: 57 times 206.189.165.94: 8 times 209.53.254.34 (webmail.bccable.net): 50 times 213.97.245.39 (39.red-213-97-245.staticip.rima-tde.net): 6 times 216.7.159.250 (host-216-7-159-250.mtnsat.com): 16 times 217.14.208.84 (idb-web1.idbgroup.net): 6 times **Unmatched Entries** error: Received disconnect from 180.149.125.167: 7: Service not available [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################