04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Thu Sep 26 04:42:10 2019
Date Range Processed: yesterday
( 2019-Sep-25 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [345:350]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 1 sites probed the server
66.240.205.34
Requests with error response codes
400 Bad Request
mstshash=Administr: 6 Time(s)
/: 3 Time(s)
../../mnt/custom/ProductDefinition: 1 Time(s)
/robots.txt: 1 Time(s)
/setup.cgi?next_file=netgear.cfg&todo=sysc ... ntsetting.htm=1: 1 Time(s)
/shell?busybox: 1 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 1 Time(s)
null: 1 Time(s)
404 Not Found
/robots.txt: 66 Time(s)
/berlin/apple-touch-icon.png: 10 Time(s)
/backup/wp-login.php: 1 Time(s)
/reader/1995-wi-reader_bn95.pdf: 1 Time(s)
/reader/2016_sose_konstanz_lang.pdf: 1 Time(s)
/sites/default/files/2011_05_Stellungnahme_EQR-DQR_0.pdf: 1 Time(s)
/wp-login.php: 1 Time(s)
499 (undefined)
/build/emojify.js/dist/css/basic/emojify.min.css: 1 Time(s)
/fonts/SourceSansPro-Regular.woff: 1 Time(s)
500 Internal Server Error
/: 62 Time(s)
/robots.txt: 2 Time(s)
502 Bad Gateway
/berlin/newsletter/newsletter-subscribe: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (106.53.69.173): 95 Time(s)
unknown (36.110.50.217): 90 Time(s)
unknown (189.59.119.14.dynamic.adsl.gvt.net.br): 83 Time(s)
unknown (202.162.208.202): 82 Time(s)
unknown (139.ip-213-32-21.eu): 73 Time(s)
unknown (172.81.212.111): 64 Time(s)
unknown (ec2-34-243-20-209.eu-west-1.compute.amazonaws.com): 63 Time(s)
unknown (129.146.149.185): 62 Time(s)
unknown (177.ip-51-75-142.eu): 62 Time(s)
unknown (181.142.251.23.bc.googleusercontent.com): 62 Time(s)
unknown (242.133.224.35.bc.googleusercontent.com): 62 Time(s)
unknown (46.164.155.9): 62 Time(s)
unknown (emr.teravibe.com): 62 Time(s)
unknown (net-31-27-38-242.cust.vodafonedsl.it): 62 Time(s)
unknown (118.25.11.204): 61 Time(s)
unknown (178.128.39.92): 61 Time(s)
unknown (183.ip-51-77-220.eu): 61 Time(s)
unknown (123.31.47.20): 60 Time(s)
unknown (45.80.65.76): 60 Time(s)
unknown (ns557495.ip-54-39-29.net): 52 Time(s)
unknown (123.234.219.226): 50 Time(s)
unknown (185.74.4.189): 49 Time(s)
unknown (140.143.58.46): 45 Time(s)
unknown (113.110.193.155): 43 Time(s)
unknown (146.185.175.132): 40 Time(s)
unknown (106.13.142.212): 37 Time(s)
unknown (ns1.starbroadband.co.in): 37 Time(s)
unknown (106.75.244.62): 35 Time(s)
unknown (ns3004314.ip-151-80-45.eu): 30 Time(s)
unknown (61.133.232.249): 26 Time(s)
unknown (206.81.8.14): 20 Time(s)
unknown (159.65.4.64): 18 Time(s)
unknown (61.133.232.251): 18 Time(s)
unknown (61.133.232.253): 15 Time(s)
unknown (165.227.210.71): 11 Time(s)
unknown (61.133.232.250): 11 Time(s)
unknown (ip5f5a8e37.dynamic.kabel-deutschland.de): 11 Time(s)
unknown (61.133.232.248): 10 Time(s)
unknown (61.76.173.244): 9 Time(s)
root (36.110.50.217): 8 Time(s)
unknown (123.138.18.35): 8 Time(s)
unknown (94.177.163.133): 8 Time(s)
unknown (111.207.105.199): 7 Time(s)
unknown (61.133.232.252): 7 Time(s)
root (112.85.42.178): 6 Time(s)
root (218.92.0.175): 6 Time(s)
root (218.92.0.193): 6 Time(s)
root (222.188.21.36): 6 Time(s)
root (49.69.216.59): 6 Time(s)
unknown (103.45.99.214): 6 Time(s)
unknown (192.144.253.79): 6 Time(s)
unknown (71.165.90.119): 6 Time(s)
unknown (ip-88-153-224-214.hsi04.unitymediagroup.de): 6 Time(s)
unknown (sh5.megahost.kz): 6 Time(s)
root (118.25.11.204): 5 Time(s)
root (177.ip-51-75-142.eu): 5 Time(s)
root (189.59.119.14.dynamic.adsl.gvt.net.br): 5 Time(s)
root (45.80.65.76): 5 Time(s)
root (ec2-34-243-20-209.eu-west-1.compute.amazonaws.com): 5 Time(s)
unknown (vmi114447.contaboserver.net): 5 Time(s)
root (123.234.219.226): 4 Time(s)
root (172.81.212.111): 4 Time(s)
root (emr.teravibe.com): 4 Time(s)
unknown (103.94.5.42): 4 Time(s)
unknown (61.133.232.254): 4 Time(s)
root (139.ip-213-32-21.eu): 3 Time(s)
root (178.128.39.92): 3 Time(s)
root (181.142.251.23.bc.googleusercontent.com): 3 Time(s)
root (46.164.155.9): 3 Time(s)
root (ns1.starbroadband.co.in): 3 Time(s)
root (ns557495.ip-54-39-29.net): 3 Time(s)
postgres (ec2-34-243-20-209.eu-west-1.compute.amazonaws.com): 2 Time(s)
root (106.13.142.212): 2 Time(s)
root (123.31.47.20): 2 Time(s)
root (146.185.175.132): 2 Time(s)
root (185.74.4.189): 2 Time(s)
root (242.133.224.35.bc.googleusercontent.com): 2 Time(s)
root (ns3004314.ip-151-80-45.eu): 2 Time(s)
temp (181.142.251.23.bc.googleusercontent.com): 2 Time(s)
temp (emr.teravibe.com): 2 Time(s)
unknown (106.12.34.56): 2 Time(s)
unknown (121.142.111.106): 2 Time(s)
unknown (165.227.87.32): 2 Time(s)
unknown (193.32.163.182): 2 Time(s)
backup (ns3004314.ip-151-80-45.eu): 1 Time(s)
backup (sul45-1-78-233-37-98.fbx.proxad.net): 1 Time(s)
bind (ns557495.ip-54-39-29.net): 1 Time(s)
daemon (106.53.69.173): 1 Time(s)
daemon (vmi114447.contaboserver.net): 1 Time(s)
games (178.128.39.92): 1 Time(s)
games (ns3004314.ip-151-80-45.eu): 1 Time(s)
gnats (129.146.149.185): 1 Time(s)
lp (61.133.232.248): 1 Time(s)
mail (106.13.142.212): 1 Time(s)
mail (192.144.253.79): 1 Time(s)
mysql (177.ip-51-75-142.eu): 1 Time(s)
news (146.185.175.132): 1 Time(s)
nobody (106.53.69.173): 1 Time(s)
nobody (178.128.39.92): 1 Time(s)
postfix (45.80.65.76): 1 Time(s)
postgres (111.207.105.199): 1 Time(s)
postgres (118.25.11.204): 1 Time(s)
postgres (140.143.58.46): 1 Time(s)
postgres (175.6.77.235): 1 Time(s)
postgres (202.162.208.202): 1 Time(s)
postgres (46.164.155.9): 1 Time(s)
postgres (61.133.232.251): 1 Time(s)
postgres (emr.teravibe.com): 1 Time(s)
postgres (ns1.starbroadband.co.in): 1 Time(s)
proxy (123.234.219.226): 1 Time(s)
proxy (net-31-27-38-242.cust.vodafonedsl.it): 1 Time(s)
root (103.45.99.214): 1 Time(s)
root (106.53.69.173): 1 Time(s)
root (113.110.193.155): 1 Time(s)
root (129.146.149.185): 1 Time(s)
root (140.143.58.46): 1 Time(s)
root (159.65.4.64): 1 Time(s)
root (175.6.77.235): 1 Time(s)
root (183.ip-51-77-220.eu): 1 Time(s)
root (206.81.8.14): 1 Time(s)
root (41.203.76.251): 1 Time(s)
root (61.133.232.249): 1 Time(s)
root (71.165.90.119): 1 Time(s)
root (77.91.207.141): 1 Time(s)
root (82.209.232.150): 1 Time(s)
root (86.57.192.246): 1 Time(s)
root (94.177.163.133): 1 Time(s)
root (i19-les01-t2-31-37-205-112.sfr.lns.abo.bbox.fr): 1 Time(s)
root (ip5f5a8e37.dynamic.kabel-deutschland.de): 1 Time(s)
root (net-31-27-38-242.cust.vodafonedsl.it): 1 Time(s)
root (static62-133-141-142.ostnet.pl): 1 Time(s)
sshd (123.31.47.20): 1 Time(s)
sshd (139.ip-213-32-21.eu): 1 Time(s)
sshd (172.81.212.111): 1 Time(s)
sys (140.143.58.46): 1 Time(s)
temp (123.234.219.226): 1 Time(s)
temp (189.59.119.14.dynamic.adsl.gvt.net.br): 1 Time(s)
temp (45.80.65.76): 1 Time(s)
temp (61.133.232.249): 1 Time(s)
temp (ec2-34-243-20-209.eu-west-1.compute.amazonaws.com): 1 Time(s)
temp (ns3004314.ip-151-80-45.eu): 1 Time(s)
unknown (112.30.185.8): 1 Time(s)
unknown (114.143.139.38): 1 Time(s)
unknown (121.130.93.250): 1 Time(s)
unknown (157.230.129.73): 1 Time(s)
unknown (173.ip-54-37-226.eu): 1 Time(s)
unknown (175.211.116.226): 1 Time(s)
unknown (175.6.77.235): 1 Time(s)
unknown (190.146.40.67): 1 Time(s)
unknown (195.81.85.58): 1 Time(s)
unknown (213-47-38-104.cable.dynamic.surfer.at): 1 Time(s)
unknown (249.ip-46-105-31.eu): 1 Time(s)
unknown (41.38.212.109): 1 Time(s)
unknown (92.63.194.26): 1 Time(s)
unknown (97.ip-51-77-145.eu): 1 Time(s)
unknown (ns341006.ip-176-31-250.eu): 1 Time(s)
uucp (106.75.244.62): 1 Time(s)
uucp (45.80.65.76): 1 Time(s)
Invalid Users:
Unknown Account: 1950 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
4 Miscellaneous warnings
18.777K Bytes accepted 19,228
18.777K Bytes sent via SMTP 19,228
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
3 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
3 Total 4xx Rejects 100.00%
======== ==================================================
56 Connections
9 Connections lost (inbound)
56 Disconnections
1 Removed from queue
1 Sent via SMTP
4 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 2 Time(s)
root : 5 Time(s)
Failed logins from:
5.189.159.33 (vmi114447.contaboserver.net): 1 time
23.251.142.181 (181.142.251.23.bc.googleusercontent.com): 5 times
31.27.38.242 (net-31-27-38-242.cust.vodafonedsl.it): 2 times
31.37.205.112 (i19-les01-t2-31-37-205-112.sfr.lns.abo.bbox.fr): 1 time
34.243.20.209 (ec2-34-243-20-209.eu-west-1.compute.amazonaws.com): 8 times
35.224.133.242 (242.133.224.35.bc.googleusercontent.com): 2 times
36.110.50.217 (217.50.110.36.static.bjtelecom.net): 8 times
41.203.76.251: 1 time
45.80.65.76: 8 times
45.115.99.38 (ns1.starbroadband.co.in): 4 times
46.164.155.9 (46-164-155-9.datagroup.ua): 4 times
49.69.216.59: 6 times
51.75.142.177 (177.ip-51-75-142.eu): 6 times
51.77.220.183 (183.ip-51-77-220.eu): 1 time
54.39.29.105 (ns557495.ip-54-39-29.net): 4 times
61.133.232.248: 1 time
61.133.232.249: 2 times
61.133.232.251: 1 time
62.133.141.142 (static62-133-141-142.ostnet.pl): 1 time
71.165.90.119 (static-71-165-90-119.lsanca.fios.frontiernet.net): 1 time
77.91.207.141 (not-assigned): 1 time
78.233.37.98 (sul45-1-78-233-37-98.fbx.proxad.net): 1 time
82.209.232.150 (mm-150-232-209-82.static.mgts.by): 1 time
86.57.192.246 (246-192-57-86-static.mgts.by): 1 time
94.177.163.133 (host133-163-177-94.serverdedicati.aruba.it): 1 time
95.90.142.55 (ip5f5a8e37.dynamic.kabel-deutschland.de): 1 time
103.45.99.214: 1 time
106.13.142.212: 3 times
106.53.69.173: 3 times
106.75.244.62: 1 time
111.207.105.199: 1 time
112.85.42.178: 6 times
113.110.193.155: 1 time
118.25.11.204: 6 times
123.31.47.20 (static.vnpt.vn): 3 times
123.234.219.226: 6 times
129.146.149.185: 2 times
140.143.58.46: 3 times
146.185.175.132: 3 times
151.80.45.126 (ns3004314.ip-151-80-45.eu): 5 times
159.65.4.64: 1 time
172.81.212.111: 5 times
175.6.77.235: 2 times
178.128.21.38 (emr.teravibe.com): 7 times
178.128.39.92 (188227.cloudwaysapps.com): 5 times
185.74.4.189: 2 times
189.59.119.14 (189.59.119.14.dynamic.adsl.gvt.net.br): 6 times
192.144.253.79: 1 time
202.162.208.202 (202.208.iconpln.net.id): 1 time
206.81.8.14: 1 time
213.32.21.139 (139.ip-213-32-21.eu): 4 times
218.92.0.175: 6 times
218.92.0.193: 6 times
222.188.21.36: 6 times
Illegal users from:
undef: 1424 times
5.189.159.33 (vmi114447.contaboserver.net): 5 times
23.251.142.181 (181.142.251.23.bc.googleusercontent.com): 62 times
31.27.38.242 (net-31-27-38-242.cust.vodafonedsl.it): 62 times
34.243.20.209 (ec2-34-243-20-209.eu-west-1.compute.amazonaws.com): 63 times
35.224.133.242 (242.133.224.35.bc.googleusercontent.com): 62 times
36.110.50.217 (217.50.110.36.static.bjtelecom.net): 90 times
41.38.212.109 (host-41.38.212.109.tedata.net): 1 time
45.80.65.76: 60 times
45.115.99.38 (ns1.starbroadband.co.in): 37 times
46.105.31.249 (249.ip-46-105-31.eu): 1 time
46.164.155.9 (46-164-155-9.datagroup.ua): 62 times
51.75.142.177 (177.ip-51-75-142.eu): 62 times
51.77.145.97 (97.ip-51-77-145.eu): 1 time
51.77.220.183 (183.ip-51-77-220.eu): 61 times
54.37.226.173 (173.ip-54-37-226.eu): 1 time
54.39.29.105 (ns557495.ip-54-39-29.net): 52 times
61.76.173.244: 9 times
61.133.232.248: 10 times
61.133.232.249: 26 times
61.133.232.250: 11 times
61.133.232.251: 18 times
61.133.232.252: 7 times
61.133.232.253: 15 times
61.133.232.254: 4 times
71.165.90.119 (static-71-165-90-119.lsanca.fios.frontiernet.net): 6 times
88.153.224.214 (ip-88-153-224-214.hsi04.unitymediagroup.de): 6 times
92.63.194.26: 1 time
93.185.67.178 (sh5.megahost.kz): 6 times
94.177.163.133 (host133-163-177-94.serverdedicati.aruba.it): 8 times
95.90.142.55 (ip5f5a8e37.dynamic.kabel-deutschland.de): 11 times
103.45.99.214: 6 times
103.94.5.42: 4 times
106.12.34.56: 2 times
106.13.142.212: 37 times
106.53.69.173: 95 times
106.75.244.62: 35 times
111.207.105.199: 7 times
112.30.185.8: 1 time
113.110.193.155: 43 times
114.143.139.38 (static-38.139.143.114-tataidc.co.in): 1 time
118.25.11.204: 61 times
121.130.93.250: 1 time
121.142.111.106: 2 times
123.31.47.20 (static.vnpt.vn): 60 times
123.138.18.35: 8 times
123.234.219.226: 50 times
129.146.149.185: 62 times
140.143.58.46: 45 times
146.185.175.132: 40 times
151.80.45.126 (ns3004314.ip-151-80-45.eu): 30 times
157.230.129.73 (257095.cloudwaysapps.com): 1 time
159.65.4.64: 18 times
165.227.87.32: 3 times
165.227.210.71: 11 times
172.81.212.111: 64 times
175.6.77.235: 1 time
175.211.116.226: 1 time
176.31.250.160 (ns341006.ip-176-31-250.eu): 1 time
178.128.21.38 (emr.teravibe.com): 62 times
178.128.39.92 (188227.cloudwaysapps.com): 61 times
185.74.4.189: 49 times
189.59.119.14 (189.59.119.14.dynamic.adsl.gvt.net.br): 83 times
190.146.40.67 (static-ip-1901464067.cable.net.co): 1 time
192.144.253.79: 6 times
193.32.163.182 (hosting-by.cloud-home.me): 2 times
195.81.85.58: 1 time
202.162.208.202 (202.208.iconpln.net.id): 82 times
206.81.8.14: 20 times
213.32.21.139 (139.ip-213-32-21.eu): 73 times
213.47.38.104 (213-47-38-104.cable.dynamic.surfer.at): 1 time
**Unmatched Entries**
fatal: no matching cipher found: client
aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none
server
aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
[preauth] : 5 time(s)
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) ->
(user,ssh-connection) [preauth] : 2 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 242G 159G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
2216
days inactive
2216
days old
0 comments
1 participants
participants (1)
-
root@zapf.in