################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sun Dec 22 04:42:04 2019 Date Range Processed: yesterday ( 2019-Dec-21 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [165:165] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 171.12.10.191 -> zapf.wiki:443: 1 Time(s) 60.191.52.254 -> zapf.wiki:443: 1 Time(s) A total of 2 sites probed the server 158.69.158.101 61.219.11.153 Requests with error response codes 400 Bad Request /: 13 Time(s) mstshash=Administr: 6 Time(s) null: 3 Time(s) zapf.wiki:443: 2 Time(s) /.git/HEAD: 1 Time(s) /favicon.ico: 1 Time(s) /robots.txt: 1 Time(s) 404 Not Found /robots.txt: 25 Time(s) /verei: 12 Time(s) /verein/kontak: 12 Time(s) /berlin/apple-touch-icon.png: 10 Time(s) /zapf/fachschafte: 8 Time(s) /zapf/reade: 8 Time(s) /zapf/resolutione: 8 Time(s) /zapf/studienfuehre: 8 Time(s) /home/zapf: 1 Time(s) /resolutionen/wise17/Akkreditierung_PosPap/Pospap_: 1 Time(s) /sites/all/libraries/elfinder/connectors/php/connector.php: 1 Time(s) /sites/all/libraries/elfinder/elfinder.html: 1 Time(s) /sites/all/libraries/elfinder/src/connecto ... p/connector.php: 1 Time(s) /sites/all/libraries/plupload/examples/upload.php: 1 Time(s) /wp-login.php: 1 Time(s) 500 Internal Server Error /: 100 Time(s) /robots.txt: 2 Time(s) //login_sid.lua: 1 Time(s) /ajax: 1 Time(s) /favicon.ico: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (222.186.175.148): 42 Time(s) root (222.186.175.140): 41 Time(s) root (222.186.175.220): 36 Time(s) root (222.186.180.9): 36 Time(s) root (49.88.112.62): 35 Time(s) root (222.186.173.226): 31 Time(s) root (218.92.0.212): 30 Time(s) root (222.186.175.147): 30 Time(s) root (222.186.175.182): 30 Time(s) root (222.186.175.216): 30 Time(s) root (222.186.169.194): 29 Time(s) root (222.186.175.155): 29 Time(s) root (222.186.173.238): 28 Time(s) root (222.186.175.169): 28 Time(s) root (218.92.0.179): 24 Time(s) root (49.88.112.59): 24 Time(s) root (222.186.173.154): 23 Time(s) root (218.92.0.145): 22 Time(s) root (218.92.0.170): 20 Time(s) root (222.186.175.161): 19 Time(s) root (218.92.0.148): 18 Time(s) root (218.92.0.165): 18 Time(s) root (222.186.169.192): 18 Time(s) root (222.186.173.180): 18 Time(s) root (222.186.175.217): 18 Time(s) root (222.186.173.142): 17 Time(s) root (222.186.175.150): 17 Time(s) root (222.186.175.215): 17 Time(s) unknown (69.158.207.141): 16 Time(s) root (218.92.0.134): 12 Time(s) root (218.92.0.164): 12 Time(s) root (218.92.0.178): 12 Time(s) root (222.186.173.183): 12 Time(s) root (222.186.175.154): 12 Time(s) root (222.186.175.163): 12 Time(s) root (222.186.175.167): 12 Time(s) root (222.186.175.183): 12 Time(s) root (222.186.175.202): 12 Time(s) root (222.186.175.212): 12 Time(s) root (222.186.180.17): 12 Time(s) root (222.186.180.41): 12 Time(s) root (222.186.180.6): 12 Time(s) root (222.186.180.8): 12 Time(s) root (222.186.190.2): 12 Time(s) root (222.186.42.4): 12 Time(s) root (49.88.112.55): 12 Time(s) root (49.88.112.61): 12 Time(s) root (69.158.207.141): 12 Time(s) root (218.92.0.135): 11 Time(s) root (112.85.42.173): 10 Time(s) root (218.92.0.175): 10 Time(s) root (112.85.42.181): 6 Time(s) root (218.92.0.131): 6 Time(s) root (222.186.173.215): 6 Time(s) root (222.186.175.151): 6 Time(s) root (222.186.175.181): 6 Time(s) root (222.186.180.147): 6 Time(s) root (49.88.112.64): 6 Time(s) root (112.85.42.174): 5 Time(s) root (218.92.0.155): 5 Time(s) root (218.92.0.172): 5 Time(s) root (222.186.180.223): 5 Time(s) mysql (69.158.207.141): 4 Time(s) root (61.177.172.128): 3 Time(s) unknown (218.88.164.159): 3 Time(s) unknown (80.82.64.214): 3 Time(s) unknown (24.229.156.211.res-cmts.sm.ptd.net): 2 Time(s) postgres (139.59.180.53): 1 Time(s) postgres (142.93.39.29): 1 Time(s) postgres (196.203.31.154): 1 Time(s) postgres (37.139.9.23): 1 Time(s) postgres (node-62k.pool-182-52.dynamic.totinternet.net): 1 Time(s) root (112.140.185.64): 1 Time(s) root (112.175.114.111): 1 Time(s) root (165.22.103.237): 1 Time(s) root (198.211.123.183): 1 Time(s) root (54.ip-54-39-21.net): 1 Time(s) root (78-57-162-165.static.zebra.lt): 1 Time(s) root (85.209.0.167): 1 Time(s) root (ns3143240.ip-51-77-246.eu): 1 Time(s) unknown (112.111.13.253): 1 Time(s) unknown (118.179.112.206): 1 Time(s) unknown (130.61.122.5): 1 Time(s) unknown (130.61.89.191): 1 Time(s) unknown (131.221.168.102): 1 Time(s) unknown (156.216.156.217): 1 Time(s) unknown (167.99.75.174): 1 Time(s) unknown (176.40.255.156): 1 Time(s) unknown (179.108.126.114): 1 Time(s) unknown (185.66.49.191): 1 Time(s) unknown (187.94.142.253): 1 Time(s) unknown (197.237.26.212): 1 Time(s) unknown (1ny88-1-78-233-121-149.fbx.proxad.net): 1 Time(s) unknown (213.194.139.0): 1 Time(s) unknown (36.66.188.183): 1 Time(s) unknown (54.ip-51-68-230.eu): 1 Time(s) unknown (78-22-13-155.access.telenet.be): 1 Time(s) unknown (93.84.86.69): 1 Time(s) unknown (96.56.82.194): 1 Time(s) unknown (cloud-io.cloud): 1 Time(s) unknown (ip182.ip-51-254-51.eu): 1 Time(s) unknown (s17783852.onlinehome-server.info): 1 Time(s) Invalid Users: Unknown Account: 46 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 19 Miscellaneous warnings 15.999K Bytes accepted 16,383 15.999K Bytes sent via SMTP 16,383 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 80 Connections 28 Connections lost (inbound) 80 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 175 Time(s) Failed logins from: 37.139.9.23: 1 time 49.88.112.55: 12 times 49.88.112.59: 24 times 49.88.112.61: 12 times 49.88.112.62: 35 times 49.88.112.64: 6 times 51.77.246.155 (ns3143240.ip-51-77-246.eu): 1 time 54.39.21.54 (54.ip-54-39-21.net): 1 time 61.177.172.128: 6 times 69.158.207.141: 16 times 78.57.162.165 (78-57-162-165.static.zebra.lt): 1 time 85.209.0.167: 1 time 112.85.42.173: 10 times 112.85.42.174: 5 times 112.85.42.181: 6 times 112.140.185.64: 1 time 112.175.114.111: 1 time 139.59.180.53: 1 time 142.93.39.29: 1 time 165.22.103.237: 1 time 182.52.30.188 (node-62k.pool-182-52.dynamic.totinternet.net): 1 time 196.203.31.154: 1 time 198.211.123.183: 1 time 218.92.0.131: 6 times 218.92.0.134: 12 times 218.92.0.135: 11 times 218.92.0.145: 24 times 218.92.0.148: 18 times 218.92.0.155: 5 times 218.92.0.164: 12 times 218.92.0.165: 18 times 218.92.0.170: 24 times 218.92.0.172: 5 times 218.92.0.175: 10 times 218.92.0.178: 12 times 218.92.0.179: 24 times 218.92.0.212: 30 times 222.186.42.4: 12 times 222.186.169.192: 18 times 222.186.169.194: 29 times 222.186.173.142: 17 times 222.186.173.154: 23 times 222.186.173.180: 18 times 222.186.173.183: 12 times 222.186.173.215: 6 times 222.186.173.226: 31 times 222.186.173.238: 30 times 222.186.175.140: 41 times 222.186.175.147: 30 times 222.186.175.148: 42 times 222.186.175.150: 17 times 222.186.175.151: 6 times 222.186.175.154: 12 times 222.186.175.155: 29 times 222.186.175.161: 19 times 222.186.175.163: 12 times 222.186.175.167: 12 times 222.186.175.169: 28 times 222.186.175.181: 6 times 222.186.175.182: 30 times 222.186.175.183: 12 times 222.186.175.202: 12 times 222.186.175.212: 12 times 222.186.175.215: 17 times 222.186.175.216: 30 times 222.186.175.217: 18 times 222.186.175.220: 36 times 222.186.180.6: 12 times 222.186.180.8: 12 times 222.186.180.9: 36 times 222.186.180.17: 12 times 222.186.180.41: 12 times 222.186.180.147: 6 times 222.186.180.223: 5 times 222.186.190.2: 12 times Illegal users from: undef: 26 times 24.229.156.211 (24.229.156.211.res-cmts.sm.ptd.net): 2 times 36.66.188.183: 1 time 51.68.230.54 (54.ip-51-68-230.eu): 1 time 51.254.51.182 (ip182.ip-51-254-51.eu): 1 time 69.158.207.141: 16 times 78.22.13.155 (78-22-13-155.access.telenet.be): 1 time 78.233.121.149 (1ny88-1-78-233-121-149.fbx.proxad.net): 1 time 80.82.64.214 (no-reverse-dns-configured.com): 3 times 80.211.9.57 (cloud-io.cloud): 1 time 82.165.35.17 (s17783852.onlinehome-server.info): 1 time 93.84.86.69 (static14.byfly.gomel.by): 1 time 96.56.82.194 (ool-603852c2.static.optonline.net): 1 time 112.111.13.253: 1 time 118.179.112.206: 1 time 130.61.89.191: 1 time 130.61.122.5: 1 time 131.221.168.102: 1 time 156.216.156.217 (host-156.216.217.156-static.tedata.net): 1 time 167.99.75.174: 1 time 176.40.255.156 (host-176-40-255-156.reverse.superonline.net): 1 time 179.108.126.114 (static-179-108-126-114.optitel.net.br): 1 time 185.66.49.191: 1 time 187.94.142.253 (187-94-142-253-ebtarm-cf-1.visaonet.com.br): 1 time 197.237.26.212 (197.237.26.212.wananchi.com): 1 time 213.194.139.0: 1 time 218.88.164.159 (159.164.88.218.broad.cd.sc.dynamic.163data.com.cn): 3 times **Unmatched Entries** Protocol major versions differ for 81.169.130.158: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-NmapNSE_1.0 : 1 time(s) fatal: Unable to negotiate a key exchange method [preauth] : 1 time(s) error: Received disconnect from 141.98.10.39: 2: Handshake failed [preauth] : 2 time(s) Protocol major versions differ for 81.169.130.158: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-Nmap-SSH1-Hostkey : 1 time(s) fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 8 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################