04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sun Dec 8 04:42:04 2019
Date Range Processed: yesterday
( 2019-Dec-07 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [275:274]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 1 sites probed the server
61.219.11.153
Requests with error response codes
400 Bad Request
/setup.cgi?next_file=netgear.cfg&todo=sysc ... ntsetting.htm=1: 3 Time(s)
mstshash=Administr: 2 Time(s)
null: 2 Time(s)
/shell?busybox: 1 Time(s)
404 Not Found
/robots.txt: 24 Time(s)
/berlin/apple-touch-icon.png: 8 Time(s)
/protokolle/Protokoll_MV_FFM_21.11.2015.pdf: 2 Time(s)
/.bitcoin/backup.dat: 1 Time(s)
/.bitcoin/bitcoin.dat: 1 Time(s)
/.bitcoin/wallet.dat: 1 Time(s)
/ads.txt: 1 Time(s)
/backup.dat: 1 Time(s)
/backup/backup.dat: 1 Time(s)
/backup/bitcoin.dat: 1 Time(s)
/backup/wallet.dat: 1 Time(s)
/berlin2017: 1 Time(s)
/bitcoin.dat: 1 Time(s)
/blog/: 1 Time(s)
/home/verein: 1 Time(s)
/new/: 1 Time(s)
/old/: 1 Time(s)
/reader/SoSe14_AK_Pr%C3%BCfungssystem_Sammlung.pdf: 1 Time(s)
/reader/SoSe15_AK_Studienf%C3%BChrer.pdf: 1 Time(s)
/reader/WiSe14_AK_GO_und_Satzungs%C3%A4nderung.pdf: 1 Time(s)
/resolutionen/wise15/Transparenz_in_der_: 1 Time(s)
/resolutionen/wise19/lernraume/Lernr%C3%A4ume.pdf: 1 Time(s)
/test/: 1 Time(s)
/wallet.dat: 1 Time(s)
/wordpress/: 1 Time(s)
/wp-login.php: 1 Time(s)
/wp/: 1 Time(s)
/xmlrpc.php: 1 Time(s)
499 (undefined)
/apple-touch-icon.png: 11 Time(s)
/build/emojify.js/dist/css/basic/emojify.min.css: 8 Time(s)
/favicon.png: 6 Time(s)
/build/index-styles-pack.2c73dce02b1eaa3a3b4e.css: 4 Time(s)
/build/MathJax/config/TeX-AMS-MML_HTMLorMML.js: 3 Time(s)
/build/MathJax/jax/output/HTML-CSS/fonts/T ... data.js?V=2.7.1: 3 Time(s)
/build/MathJax/jax/output/HTML-CSS/jax.js?V=2.7.1: 3 Time(s)
/build/font-pack.2c73dce02b1eaa3a3b4e.css: 3 Time(s)
/build/MathJax/MathJax.js: 2 Time(s)
/build/MathJax/jax/output/HTML-CSS/fonts/S ... data.js?V=2.7.1: 2 Time(s)
/js/mathjax-config-extra.js: 2 Time(s)
/StAPF18:Klausurtagung01?both: 1 Time(s)
/build/260ef443edb4dfd026d82e2b21a4c75c.woff: 1 Time(s)
/build/emojify.js/dist/images/basic/smile.png: 1 Time(s)
/build/index-styles.2c73dce02b1eaa3a3b4e.css: 1 Time(s)
/favicon.ico: 1 Time(s)
/fonts/SourceCodePro-Regular.woff: 1 Time(s)
/fonts/SourceSansPro-Italic.woff: 1 Time(s)
/fonts/SourceSansPro-Regular.woff: 1 Time(s)
500 Internal Server Error
/: 84 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (222.186.173.180): 54 Time(s)
root (222.186.180.9): 54 Time(s)
root (218.92.0.182): 48 Time(s)
root (222.186.175.154): 48 Time(s)
root (222.186.175.216): 48 Time(s)
root (222.186.175.217): 48 Time(s)
root (222.186.173.154): 47 Time(s)
root (222.186.175.148): 42 Time(s)
root (222.186.190.2): 42 Time(s)
root (222.186.180.41): 40 Time(s)
root (222.186.180.147): 39 Time(s)
root (218.92.0.135): 36 Time(s)
root (222.186.180.17): 36 Time(s)
root (222.186.190.92): 36 Time(s)
root (222.186.42.4): 36 Time(s)
root (222.186.175.151): 32 Time(s)
root (112.85.42.174): 30 Time(s)
root (218.92.0.139): 30 Time(s)
root (222.186.173.226): 30 Time(s)
root (222.186.175.220): 30 Time(s)
root (222.186.180.223): 30 Time(s)
root (222.186.180.8): 30 Time(s)
root (218.92.0.179): 29 Time(s)
root (222.186.175.183): 29 Time(s)
root (112.85.42.179): 28 Time(s)
root (222.186.175.181): 28 Time(s)
root (112.85.42.176): 27 Time(s)
root (218.92.0.145): 26 Time(s)
root (112.85.42.175): 24 Time(s)
root (112.85.42.177): 24 Time(s)
root (218.92.0.158): 24 Time(s)
root (218.92.0.212): 24 Time(s)
root (222.186.175.147): 24 Time(s)
root (222.186.175.150): 24 Time(s)
root (222.186.175.182): 24 Time(s)
root (222.186.175.202): 24 Time(s)
root (218.92.0.141): 23 Time(s)
root (222.186.169.192): 23 Time(s)
root (49.88.112.55): 23 Time(s)
root (112.85.42.173): 21 Time(s)
root (112.85.42.178): 18 Time(s)
root (218.92.0.175): 18 Time(s)
root (222.186.173.238): 18 Time(s)
root (222.186.175.140): 18 Time(s)
root (222.186.175.167): 18 Time(s)
root (222.186.175.169): 18 Time(s)
root (222.186.175.215): 18 Time(s)
root (222.186.180.6): 18 Time(s)
root (49.88.112.58): 18 Time(s)
root (61.177.172.128): 18 Time(s)
root (218.92.0.148): 17 Time(s)
root (222.186.173.183): 16 Time(s)
root (218.92.0.134): 15 Time(s)
root (222.186.173.142): 15 Time(s)
unknown (v22015031646824096.yourvserver.net): 15 Time(s)
root (112.85.42.180): 12 Time(s)
root (218.92.0.131): 12 Time(s)
root (218.92.0.170): 12 Time(s)
root (218.92.0.176): 12 Time(s)
root (218.92.0.178): 12 Time(s)
root (218.92.0.181): 12 Time(s)
root (218.92.0.193): 12 Time(s)
root (222.186.169.194): 12 Time(s)
root (222.186.175.155): 12 Time(s)
root (222.186.175.163): 12 Time(s)
root (112.85.42.182): 6 Time(s)
root (218.92.0.155): 6 Time(s)
root (222.186.173.215): 6 Time(s)
root (222.186.175.212): 6 Time(s)
unknown (125.189.53.5): 4 Time(s)
root (175.6.5.233): 2 Time(s)
root (pc-202-124-74-200.cm.vtr.net): 2 Time(s)
unknown (92.63.194.26): 2 Time(s)
unknown (lfbn-str-1-93-109.w92-140.abo.wanadoo.fr): 2 Time(s)
root (109.110.52.77): 1 Time(s)
root (113.142.64.237): 1 Time(s)
root (139.59.180.53): 1 Time(s)
root (14.116.187.107): 1 Time(s)
root (175.205.139.30): 1 Time(s)
root (178.128.81.125): 1 Time(s)
root (182.191.113.14): 1 Time(s)
root (182.61.43.223): 1 Time(s)
root (188.120.239.34): 1 Time(s)
root (194.182.71.205): 1 Time(s)
root (200.69.250.253): 1 Time(s)
root (218.146.168.239): 1 Time(s)
root (221.160.100.14): 1 Time(s)
root (23.192.241.35.bc.googleusercontent.com): 1 Time(s)
root (255.red-2-139-215.staticip.rima-tde.net): 1 Time(s)
root (27.34.108.242): 1 Time(s)
root (41.32.63.138): 1 Time(s)
root (42.116.255.216): 1 Time(s)
root (93.84.86.69): 1 Time(s)
root (ec2-13-228-107-58.ap-southeast-1.compute.amazonaws.com): 1 Time(s)
unknown (117.50.1.12): 1 Time(s)
unknown (122.174.82.222): 1 Time(s)
unknown (130.61.122.5): 1 Time(s)
unknown (14.225.3.47): 1 Time(s)
unknown (14.226.228.61): 1 Time(s)
unknown (14.231.32.22): 1 Time(s)
unknown (167.99.75.174): 1 Time(s)
unknown (183.2.168.102): 1 Time(s)
unknown (188.120.239.34): 1 Time(s)
unknown (195.244.25.131): 1 Time(s)
unknown (197.247.49.82): 1 Time(s)
unknown (202.169.56.98): 1 Time(s)
unknown (206.189.136.160): 1 Time(s)
unknown (213.190.4.130): 1 Time(s)
unknown (218.146.168.239): 1 Time(s)
unknown (218.199.68.118): 1 Time(s)
unknown (221.239.86.19): 1 Time(s)
unknown (27.155.99.173): 1 Time(s)
unknown (36.66.149.211): 1 Time(s)
unknown (36.71.232.128): 1 Time(s)
unknown (36.85.67.199): 1 Time(s)
unknown (37.76.196.66): 1 Time(s)
unknown (66.42.59.105): 1 Time(s)
unknown (82.131.25.190.cable.starman.ee): 1 Time(s)
unknown (96.57.82.166): 1 Time(s)
unknown (host142.190-226-48.telecom.net.ar): 1 Time(s)
unknown (mail6.keltron.in): 1 Time(s)
unknown (ns388423.ip-176-31-253.eu): 1 Time(s)
unknown (pyrumas.com): 1 Time(s)
unknown (s17783852.onlinehome-server.info): 1 Time(s)
unknown (srv.actu-spatial.tk): 1 Time(s)
Invalid Users:
Unknown Account: 54 Time(s)
systemd-user:
Unknown Entries:
session closed for user root: 1 Time(s)
session opened for user root by (uid=0): 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
6 Miscellaneous warnings
13.835K Bytes accepted 14,167
13.835K Bytes sent via SMTP 14,167
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
2 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
2 Total 4xx Rejects 100.00%
======== ==================================================
29 Connections
24 Connections lost (inbound)
29 Disconnections
1 Removed from queue
1 Sent via SMTP
8 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 282 Time(s)
Failed logins from:
2.139.215.255 (255.red-2-139-215.staticip.rima-tde.net): 1 time
13.228.107.58 (ec2-13-228-107-58.ap-southeast-1.compute.amazonaws.com): 1 time
14.116.187.107: 1 time
27.34.108.242: 1 time
35.241.192.23 (23.192.241.35.bc.googleusercontent.com): 1 time
41.32.63.138 (host-41.32.63.138-static.tedata.net): 1 time
42.116.255.216: 1 time
49.88.112.55: 23 times
49.88.112.58: 18 times
61.177.172.128: 18 times
93.84.86.69 (static14.byfly.gomel.by): 1 time
109.110.52.77: 1 time
112.85.42.173: 21 times
112.85.42.174: 30 times
112.85.42.175: 24 times
112.85.42.176: 29 times
112.85.42.177: 24 times
112.85.42.178: 18 times
112.85.42.179: 28 times
112.85.42.180: 12 times
112.85.42.182: 6 times
113.142.64.237: 1 time
139.59.180.53: 1 time
175.6.5.233: 2 times
175.205.139.30: 1 time
178.128.81.125: 1 time
182.61.43.223: 1 time
182.191.113.14: 1 time
188.120.239.34 (fanam-cinema.fvds.ru): 1 time
194.182.71.205 (host205-71-182-194.serverdedicati.aruba.it): 1 time
200.69.250.253 (customer-static-250-253.iplannetworks.net): 1 time
200.74.124.202 (pc-202-124-74-200.cm.vtr.net): 2 times
218.92.0.131: 12 times
218.92.0.134: 18 times
218.92.0.135: 36 times
218.92.0.139: 30 times
218.92.0.141: 23 times
218.92.0.145: 26 times
218.92.0.148: 17 times
218.92.0.155: 6 times
218.92.0.158: 24 times
218.92.0.170: 12 times
218.92.0.175: 18 times
218.92.0.176: 12 times
218.92.0.178: 12 times
218.92.0.179: 29 times
218.92.0.181: 12 times
218.92.0.182: 48 times
218.92.0.193: 12 times
218.92.0.212: 24 times
218.146.168.239 (wymm91.com): 1 time
221.160.100.14: 1 time
222.186.42.4: 36 times
222.186.169.192: 23 times
222.186.169.194: 12 times
222.186.173.142: 18 times
222.186.173.154: 47 times
222.186.173.180: 54 times
222.186.173.183: 16 times
222.186.173.215: 6 times
222.186.173.226: 32 times
222.186.173.238: 18 times
222.186.175.140: 18 times
222.186.175.147: 24 times
222.186.175.148: 42 times
222.186.175.150: 24 times
222.186.175.151: 35 times
222.186.175.154: 48 times
222.186.175.155: 12 times
222.186.175.163: 12 times
222.186.175.167: 18 times
222.186.175.169: 18 times
222.186.175.181: 30 times
222.186.175.182: 24 times
222.186.175.183: 29 times
222.186.175.202: 24 times
222.186.175.212: 6 times
222.186.175.215: 18 times
222.186.175.216: 48 times
222.186.175.217: 48 times
222.186.175.220: 30 times
222.186.180.6: 18 times
222.186.180.8: 30 times
222.186.180.9: 54 times
222.186.180.17: 36 times
222.186.180.41: 41 times
222.186.180.147: 42 times
222.186.180.223: 30 times
222.186.190.2: 42 times
222.186.190.92: 36 times
Illegal users from:
undef: 22 times
14.225.3.47: 1 time
14.226.228.61 (static.vnpt.vn): 1 time
14.231.32.22 (static.vnpt.vn): 1 time
27.155.99.173: 1 time
36.66.149.211: 1 time
36.71.232.128: 1 time
36.85.67.199: 1 time
37.76.196.66 (ADSL-37.76.196.66.mada.ps): 1 time
37.120.177.39 (v22015031646824096.yourvserver.net): 15 times
66.42.59.105 (66.42.59.105.vultr.com): 1 time
82.131.25.190 (82.131.25.190.cable.starman.ee): 1 time
82.165.35.17 (s17783852.onlinehome-server.info): 1 time
92.63.194.26: 2 times
92.140.220.109 (lfbn-str-1-93-109.w92-140.abo.wanadoo.fr): 2 times
96.57.82.166 (ool-603952a6.static.optonline.net): 1 time
103.10.168.8 (mail6.keltron.in): 1 time
117.50.1.12: 1 time
122.174.82.222 (abts-tn-dynamic-222.82.174.122.airtelbroadband.in): 1 time
125.189.53.5: 4 times
130.61.122.5: 1 time
139.59.34.17 (pyrumas.com): 1 time
139.162.122.110 (scan-8.security.ipip.net): 1 time
167.99.75.174: 1 time
176.31.253.204 (ns388423.ip-176-31-253.eu): 1 time
183.2.168.102: 1 time
188.120.239.34 (fanam-cinema.fvds.ru): 1 time
188.213.143.107 (srv.actu-spatial.tk): 1 time
190.226.48.142 (host142.190-226-48.telecom.net.ar): 1 time
195.244.25.131: 1 time
197.247.49.82: 1 time
202.169.56.98: 1 time
206.189.136.160: 1 time
213.190.4.130: 1 time
218.146.168.239 (wymm91.com): 1 time
218.199.68.118: 1 time
221.239.86.19 (19.86.239.221.broad.tj.tj.dynamic.163data.com.cn): 1 time
Users logging in through sshd:
root:
139.30.220.110: 1 time
**Unmatched Entries**
fatal: no matching cipher found: client
aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none
server
aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
[preauth] : 4 time(s)
error: Received disconnect from 141.98.10.39: 2: Handshake failed [preauth] : 1 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 241G 160G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
2142
days inactive
2142
days old
0 comments
1 participants
participants (1)
-
root@zapf.in