[TOPF] Logwatch for h2361197.stratoserver.net (Linux)

################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Fri Feb 8 04:42:03 2019 Date Range Processed: yesterday ( 2019-Feb-07 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 7:7 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 3 sites probed the server 54.36.65.80 68.183.69.227 80.82.64.127 Requests with error response codes 400 Bad Request null: 3 Time(s) mstshash=Administr: 2 Time(s) /: 1 Time(s) //: 1 Time(s) 404 Not Found /robots.txt: 31 Time(s) /berlin/apple-touch-icon.png: 12 Time(s) /wp-login.php: 7 Time(s) /%23: 1 Time(s) /.git/config: 1 Time(s) //wp-login.php: 1 Time(s) //xmlrpc.php: 1 Time(s) /ads.txt: 1 Time(s) /sites/default/files/2007_SoSe_Berlin.pdf: 1 Time(s) 500 Internal Server Error /: 5 Time(s) //libs/js/iframe.js: 2 Time(s) /cgi-bin/config.exp: 2 Time(s) //: 1 Time(s) 502 Bad Gateway /: 23 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (119.178.73.164): 6 Time(s) root (201.179.212.95): 6 Time(s) root (45.7.173.121): 6 Time(s) root (87.9.62.238): 6 Time(s) root (96.67.112.219): 6 Time(s) root (ipbcc16b4a.dynamic.kabel-deutschland.de): 6 Time(s) unknown (14.205.201.129): 6 Time(s) unknown (138.68.106.62): 3 Time(s) nobody (93-62-182-104.ip23.fastwebnet.it): 1 Time(s) proxy (122.175.55.196): 1 Time(s) root (118.25.193.234): 1 Time(s) root (138.197.107.255): 1 Time(s) root (hosting3.idknet.com): 1 Time(s) root (www2.hcchurch.org.tw): 1 Time(s) unknown (1.234.79.66): 1 Time(s) unknown (106.12.103.110): 1 Time(s) unknown (106.12.205.171): 1 Time(s) unknown (106.3.44.215): 1 Time(s) unknown (106.51.54.194): 1 Time(s) unknown (109.225.42.135): 1 Time(s) unknown (110.10.129.226): 1 Time(s) unknown (110.79.18.2): 1 Time(s) unknown (122.160.137.37): 1 Time(s) unknown (123.196.123.14): 1 Time(s) unknown (125.212.192.201): 1 Time(s) unknown (132.232.81.218): 1 Time(s) unknown (139.59.15.43): 1 Time(s) unknown (14.164.149.178): 1 Time(s) unknown (165084191236.ctinets.com): 1 Time(s) unknown (177.144.136.133): 1 Time(s) unknown (177.206.128.131): 1 Time(s) unknown (180.142.104.27): 1 Time(s) unknown (189.254.33.157): 1 Time(s) unknown (190.220.31.11): 1 Time(s) unknown (190.55.238.31): 1 Time(s) unknown (193.112.39.37): 1 Time(s) unknown (197.45.13.178): 1 Time(s) unknown (203.190.53.10): 1 Time(s) unknown (211-23-139-122.hinet-ip.hinet.net): 1 Time(s) unknown (27.17.53.238): 1 Time(s) unknown (27.34.245.26): 1 Time(s) unknown (58.210.170.46): 1 Time(s) unknown (61.148.194.162): 1 Time(s) unknown (61.191.55.18): 1 Time(s) unknown (61.8.136.242): 1 Time(s) unknown (68.183.94.65): 1 Time(s) unknown (77-253-203-24.static.ip.netia.com.pl): 1 Time(s) unknown (84.93.153.9): 1 Time(s) unknown (87.236.211.74): 1 Time(s) unknown (88.214.26.49): 1 Time(s) unknown (d1.ajeel.be): 1 Time(s) unknown (ec2-34-216-193-140.us-west-2.compute.amazonaws.com): 1 Time(s) unknown (foodwise.clibisa.cl): 1 Time(s) unknown (host-92-30-90-216.as13285.net): 1 Time(s) unknown (kch-106-33.tm.net.my): 1 Time(s) unknown (mx-ll-171.5.83-192.dynamic.3bb.co.th): 1 Time(s) unknown (oc-129-144-186-99.compute.oraclecloud.com): 1 Time(s) unknown (vm-147.pub1.tdccloud.dk): 1 Time(s) Invalid Users: Unknown Account: 53 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 158 Miscellaneous warnings 10.150K Bytes accepted 10,394 10.150K Bytes sent via SMTP 10,394 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 7 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 7 Total 4xx Rejects 100.00% ======== ================================================== 600 Connections 162 Connections lost (inbound) 600 Disconnections 1 Removed from queue 1 Sent via SMTP 1 SMTP dialog errors ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 1 Time(s) root : 6 Time(s) Failed logins from: 45.7.173.121: 6 times 60.248.187.251 (www2.hcchurch.org.tw): 1 time 87.9.62.238: 6 times 93.62.182.104 (93-62-182-104.ip23.fastwebnet.it): 1 time 96.67.112.219: 6 times 118.25.193.234: 1 time 119.178.73.164: 6 times 122.175.55.196 (abts-ap-static-196.55.175.122.airtelbroadband.in): 1 time 138.197.107.255: 1 time 188.193.107.74 (ipbcc16b4a.dynamic.kabel-deutschland.de): 6 times 201.179.212.95 (201-179-212-95.speedy.com.ar): 6 times 217.19.208.24 (hosting3.idknet.com): 1 time Illegal users from: undef: 32 times 1.234.79.66: 1 time 14.164.149.178 (static.vnpt.vn): 1 time 14.205.201.129: 6 times 14.215.48.215: 1 time 27.17.53.238: 1 time 27.34.245.26 (27.34.245.26.static.belltele.in): 1 time 34.216.193.140 (ec2-34-216-193-140.us-west-2.compute.amazonaws.com): 1 time 58.210.170.46: 1 time 61.8.136.242: 1 time 61.148.194.162: 1 time 61.191.55.18: 1 time 68.183.94.65: 1 time 77.253.203.24 (77-253-203-24.static.ip.netia.com.pl): 1 time 84.93.153.9 (84.93.153.9.plusnet.pte-ag1.dyn.plus.net): 1 time 87.236.211.74: 1 time 88.214.26.49 (hostby.fcloud.biz): 1 time 92.30.90.216 (host-92-30-90-216.as13285.net): 1 time 94.23.212.137 (d1.ajeel.be): 1 time 98.159.216.31 (uptowntireandautoservice.fltg.net): 1 time 106.3.44.215: 1 time 106.12.103.110: 1 time 106.12.205.171: 1 time 106.51.54.194 (broadband.actcorp.in): 1 time 109.225.42.135 (135.net-94.242.42.kaluga.ru): 1 time 110.10.129.226: 1 time 110.79.18.2: 1 time 122.160.137.37 (abts-north-static-037.137.160.122.airtelbroadband.in): 1 time 123.196.123.14: 1 time 125.212.192.201: 1 time 129.144.186.99 (oc-129-144-186-99.compute.oraclecloud.com): 1 time 132.232.81.218: 1 time 138.68.106.62: 3 times 139.59.15.43: 1 time 165.84.191.236 (165084191236.ctinets.com): 1 time 171.5.83.192 (mx-ll-171.5.83-192.dynamic.3bb.co.th): 1 time 177.144.136.133 (mail.spinolamateriais.com.br): 1 time 177.206.128.131 (177.206.128.131.static.gvt.net.br): 1 time 178.23.244.147 (vm-147.pub1.tdccloud.dk): 1 time 180.142.104.27: 1 time 189.254.33.157 (customer-189-254-33-157-sta.uninet-ide.com.mx): 1 time 190.55.238.31 (cpe-190-55-238-31.telecentro-reversos.com.ar): 1 time 190.220.31.11 (host11.190-220-31.telmex.net.ar): 1 time 193.112.39.37: 1 time 197.45.13.178 (host-197.45.13.178.tedata.net): 1 time 200.29.216.141 (reservapabellon.clibisa.cl): 1 time 203.190.53.10: 1 time 211.23.139.122 (211-23-139-122.HINET-IP.hinet.net): 1 time 219.93.106.33 (kch-106-33.tm.net.my): 1 time **Unmatched Entries** fatal: no matching cipher found: client aes128-cbc,blowfish-cbc,3des-cbc server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 1 time(s) Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################