################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Thu Feb 21 04:42:04 2019 Date Range Processed: yesterday ( 2019-Feb-20 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 11:11 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 5 sites probed the server 108.178.16.154 139.162.224.41 176.32.33.80 66.240.205.34 97.74.228.115 Requests with error response codes 400 Bad Request null: 130 Time(s) /: 1 Time(s) /a2billing/customer/templates/default/footer.tpl: 1 Time(s) /moo: 1 Time(s) /recordings/: 1 Time(s) /vtigercrm/vtigerservice.php: 1 Time(s) k\x91\xF9\xB0\xFA\xF8i\xDA\xA1\xF3\xEEu~`\ ... C0$\xC0\x14\xC0: 1 Time(s) 404 Not Found /robots.txt: 24 Time(s) /berlin/apple-touch-icon.png: 14 Time(s) /wp-login.php: 8 Time(s) /admin/images/cal_date_over.gif: 2 Time(s) /admin/login.php: 2 Time(s) /fckeditor/editor/filemanager/connectors/p ... .php?Type=Media: 2 Time(s) /templates/system/css/system.css: 2 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s) /user/register?destination=comment%2Freply ... %23comment-form: 1 Time(s) 500 Internal Server Error /: 3 Time(s) /CHANGELOG.txt: 1 Time(s) /a2billing/customer/templates/default/footer.tpl: 1 Time(s) /recordings/: 1 Time(s) /services/MyICOffice/: 1 Time(s) /vtigercrm/vtigerservice.php: 1 Time(s) 502 Bad Gateway /: 24 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (1.238.209.149): 6 Time(s) root (118.221.29.152): 6 Time(s) root (212.230.156.171): 6 Time(s) root (216.139.159.69): 6 Time(s) root (222.93.231.180): 6 Time(s) root (58.236.98.240): 6 Time(s) root (d51a48241.access.telenet.be): 6 Time(s) root (ool-44c74fd3.dyn.optonline.net): 6 Time(s) unknown (180.95.160.50): 6 Time(s) unknown (31.173.223.98): 6 Time(s) unknown (45.65.173.185): 6 Time(s) unknown (88.214.26.49): 2 Time(s) unknown (91.231.165.197): 2 Time(s) unknown (ecq62-1-78-196-118-157.fbx.proxad.net): 2 Time(s) unknown (modemcable104.167-22-96.mc.videotron.ca): 2 Time(s) postgres (218.90.205.83): 1 Time(s) root (068-158-053-185.ip-addr.innogy-telnet.de): 1 Time(s) root (rtrstjean.thivent.net): 1 Time(s) unknown (171.237.184.195): 1 Time(s) unknown (175.197.206.221): 1 Time(s) unknown (185.244.25.105): 1 Time(s) unknown (195.209.125.58): 1 Time(s) unknown (89-86-44-132.abo.bbox.fr): 1 Time(s) unknown (adsl-89-217-216-20.adslplus.ch): 1 Time(s) unknown (cable-62-117-12-39.cust.telecolumbus.net): 1 Time(s) Invalid Users: Unknown Account: 33 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 12 Miscellaneous warnings 7.529K Bytes accepted 7,710 7.529K Bytes sent via SMTP 7,710 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 3 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 3 Total 4xx Rejects 100.00% ======== ================================================== 892 Connections 307 Connections lost (inbound) 892 Disconnections 1 Removed from queue 1 Sent via SMTP 15 Timeouts (inbound) 1 SMTP dialog errors ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 3 Time(s) root : 8 Time(s) Failed logins from: 1.238.209.149: 6 times 58.236.98.240: 6 times 68.199.79.211 (ool-44c74fd3.dyn.optonline.net): 6 times 81.164.130.65 (d51A48241.access.telenet.be): 6 times 118.221.29.152: 6 times 178.250.214.137 (rtrstjean.thivent.net): 1 time 185.53.158.68 (068-158-053-185.ip-addr.innogy-telnet.de): 1 time 212.230.156.171: 6 times 216.139.159.69: 6 times 218.90.205.83: 1 time 222.93.231.180: 6 times Illegal users from: undef: 7 times 31.173.223.98: 6 times 45.65.173.185 (45-65-173-185.tecnetms.com.br): 6 times 62.117.12.39 (cable-62-117-12-39.cust.telecolumbus.net): 1 time 78.196.118.157 (ecq62-1-78-196-118-157.fbx.proxad.net): 2 times 88.214.26.49: 2 times 89.86.44.132 (89-86-44-132.abo.bbox.fr): 1 time 89.217.216.20 (adsl-89-217-216-20.adslplus.ch): 1 time 91.231.165.197: 2 times 96.22.167.104 (modemcable104.167-22-96.mc.videotron.ca): 2 times 139.162.122.110 (scan-8.security.ipip.net): 1 time 171.237.184.195: 1 time 175.197.206.221: 1 time 180.95.160.50: 6 times 185.244.25.105 (Dedi08.customers.kvsolutions.nl): 1 time 195.209.125.58: 1 time ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################