################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sat Feb 2 04:42:04 2019 Date Range Processed: yesterday ( 2019-Feb-01 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 12:12 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 125.84.176.135 -> zapf.wiki:443: 1 Time(s) 59.36.132.222 -> www.baidu.com:443: 1 Time(s) A total of 5 sites probed the server 108.178.16.154 142.93.220.32 178.62.225.50 207.154.220.54 98.143.148.107 Requests with error response codes 400 Bad Request null: 491 Time(s) mstshash=Administr: 5 Time(s) /: 2 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) www.baidu.com:443: 1 Time(s) zapf.wiki:443: 1 Time(s) 404 Not Found /robots.txt: 23 Time(s) /wp-login.php: 2 Time(s) //blog/: 1 Time(s) /dbuyzcbli.html: 1 Time(s) /resolutionen/sose15/Netzneutralitaet_in_U ... %A4tsnetzen.pdf: 1 Time(s) /resolutionen/sose18/reso_ablaeufe_akkr.pdf: 1 Time(s) /resolutionen/sose18/reso_laender_akkr.pdf: 1 Time(s) 500 Internal Server Error /: 5 Time(s) /robots.txt: 1 Time(s) 502 Bad Gateway /: 24 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (113.122.46.16): 6 Time(s) root (119.62.27.115): 6 Time(s) root (123.10.31.122): 6 Time(s) root (138.75.251.37): 6 Time(s) root (218.92.1.168): 6 Time(s) root (47.198.230.145): 6 Time(s) root (d515353ae.access.telenet.be): 6 Time(s) unknown (d28-23-42-71.dim.wideopenwest.com): 6 Time(s) unknown (fibhost-66-56-218.fibernet.hu): 6 Time(s) root (ip64.ip-54-36-151.eu): 2 Time(s) unknown (88.214.26.49): 2 Time(s) unknown (ip-50-63-165-214.ip.secureserver.net): 2 Time(s) root (42.61.24.202): 1 Time(s) root (ip-50-63-165-214.ip.secureserver.net): 1 Time(s) root (vmi237746.contaboserver.net): 1 Time(s) unknown (1.0.159.212): 1 Time(s) unknown (110.77.246.242): 1 Time(s) unknown (175.3.33.100): 1 Time(s) unknown (180.160.48.173): 1 Time(s) unknown (182.61.41.30): 1 Time(s) unknown (185.244.25.198): 1 Time(s) unknown (ip64.ip-54-36-151.eu): 1 Time(s) Invalid Users: Unknown Account: 31 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 220 Miscellaneous warnings 7.397K Bytes accepted 7,575 7.397K Bytes sent via SMTP 7,575 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 222 Connections 217 Connections lost (inbound) 222 Disconnections 1 Removed from queue 1 Sent via SMTP 1 SMTP dialog errors ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 1 Time(s) root : 7 Time(s) Failed logins from: 42.61.24.202: 1 time 47.198.230.145: 6 times 50.63.165.214 (ip-50-63-165-214.ip.secureserver.net): 1 time 54.36.151.64 (ip64.ip-54-36-151.eu): 2 times 81.83.83.174 (d515353AE.access.telenet.be): 6 times 113.122.46.16: 6 times 119.62.27.115: 6 times 123.10.31.122 (hn.kd.ny.adsl): 6 times 138.75.251.37 (37.251.75.138.unknown.m1.com.sg): 6 times 207.180.250.15 (vmi237746.contaboserver.net): 1 time 218.92.1.168: 6 times Illegal users from: undef: 11 times 1.0.159.212 (node-6ac.pool-1-0.dynamic.totbroadband.com): 1 time 23.28.71.42 (d28-23-42-71.dim.wideopenwest.com): 6 times 50.63.165.214 (ip-50-63-165-214.ip.secureserver.net): 2 times 54.36.151.64 (ip64.ip-54-36-151.eu): 1 time 85.66.56.218 (fibhost-66-56-218.fibernet.hu): 6 times 88.214.26.49: 2 times 110.77.246.242: 1 time 175.3.33.100: 5 times 180.160.48.173: 5 times 182.61.41.30: 1 time 185.244.25.198: 1 time **Unmatched Entries** error: Received disconnect from 180.149.125.172: 7: Service not available [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################