04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Fri Sep 13 04:42:08 2019
Date Range Processed: yesterday
( 2019-Sep-12 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [104:105]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 4 sites probed the server
130.61.122.5
172.104.242.173
175.184.167.168
66.240.205.34
Requests with error response codes
400 Bad Request
../../mnt/custom/ProductDefinition: 3 Time(s)
null: 3 Time(s)
mstshash=Administr: 2 Time(s)
mstshash=Test: 2 Time(s)
/setup.cgi?next_file=netgear.cfg&todo=sysc ... ntsetting.htm=1: 1 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 1 Time(s)
403 Forbidden
/resolutionen/wise16/: 1 Time(s)
404 Not Found
/robots.txt: 35 Time(s)
/berlin/apple-touch-icon.png: 10 Time(s)
///readme.html: 2 Time(s)
///CHANGELOG.txt: 1 Time(s)
///README.txt: 1 Time(s)
///license.txt: 1 Time(s)
/lodjwdei: 1 Time(s)
/reader/1993-wi-reader_st93.pdf: 1 Time(s)
/reader/1995-so-reader_ha95.pdf: 1 Time(s)
/reader/commit/09360d9fceaee264132be600f2762d7b2827fd01: 1 Time(s)
/sites/default/files/2009_WiSe_M%C3%BCnchen.pdf: 1 Time(s)
/sites/default/files/2014_SoSe_Duesseldorf.pdf: 1 Time(s)
/sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
499 (undefined)
/apple-touch-icon.png: 1 Time(s)
/build/font-pack.2c73dce02b1eaa3a3b4e.css: 1 Time(s)
/build/index-styles-pack.2c73dce02b1eaa3a3b4e.css: 1 Time(s)
/fonts/SourceCodePro-Regular.woff: 1 Time(s)
/fonts/SourceSansPro-Regular.woff: 1 Time(s)
500 Internal Server Error
/: 7 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (51.255.30.22): 122 Time(s)
unknown (ns3306296.ip-178-32-219.eu): 122 Time(s)
unknown (159.203.190.189): 120 Time(s)
unknown (181.237.189.35.bc.googleusercontent.com): 115 Time(s)
unknown (209.235.67.48): 113 Time(s)
unknown (183.82.99.107): 110 Time(s)
unknown (206.189.222.38): 109 Time(s)
unknown (ns349510.ip-91-121-116.eu): 109 Time(s)
unknown (66.ip-54-37-68.eu): 107 Time(s)
unknown (106.12.120.79): 105 Time(s)
unknown (123.207.167.233): 102 Time(s)
unknown (124.156.140.219): 99 Time(s)
unknown (106.75.122.81): 98 Time(s)
unknown (82.196.4.46): 96 Time(s)
unknown (178.128.211.157): 95 Time(s)
unknown (212.156.136.114): 94 Time(s)
unknown (106.243.162.3): 90 Time(s)
unknown (118.121.206.66): 90 Time(s)
unknown (140.246.229.195): 87 Time(s)
unknown (200.150.87.131): 83 Time(s)
unknown (201.182.33.193): 82 Time(s)
unknown (118.25.177.241): 80 Time(s)
unknown (132.232.118.214): 79 Time(s)
unknown (106.53.71.176): 65 Time(s)
unknown (116.196.90.254): 65 Time(s)
unknown (209.94.195.212): 65 Time(s)
unknown (mail.hluchak.cz): 63 Time(s)
unknown (server.etaaleem.com): 63 Time(s)
unknown (8n607612d0.main.ad.rit.edu): 61 Time(s)
unknown (116.228.58.93): 58 Time(s)
unknown (189.115.92.79): 52 Time(s)
unknown (139.ip-167-114-152.net): 49 Time(s)
unknown (180.66.207.67): 43 Time(s)
unknown (201.41.148.228): 42 Time(s)
unknown (94.191.21.35): 41 Time(s)
unknown (211.ip-51-77-137.eu): 39 Time(s)
unknown (220.247.174.14): 36 Time(s)
unknown (58.240.52.75): 25 Time(s)
unknown (147.139.132.146): 24 Time(s)
unknown (138.68.74.107): 18 Time(s)
unknown (178.128.76.6): 18 Time(s)
unknown (178.128.22.249): 15 Time(s)
unknown (103.27.237.67): 13 Time(s)
root (180.117.116.184): 6 Time(s)
root (218.92.0.155): 6 Time(s)
root (218.92.0.181): 6 Time(s)
root (49.88.112.55): 6 Time(s)
root (94-226-255-121.access.telenet.be): 6 Time(s)
unknown (123.175.52.251): 6 Time(s)
unknown (180.126.227.23): 6 Time(s)
unknown (219.156.197.209): 6 Time(s)
postgres (106.12.120.79): 5 Time(s)
root (209.235.67.48): 5 Time(s)
root (94.191.21.35): 5 Time(s)
unknown (78.194.214.19): 5 Time(s)
postgres (106.243.162.3): 4 Time(s)
postgres (159.203.190.189): 4 Time(s)
postgres (209.235.67.48): 4 Time(s)
postgres (212.156.136.114): 4 Time(s)
root (106.12.120.79): 4 Time(s)
unknown (193.32.163.182): 4 Time(s)
mysql (118.121.206.66): 3 Time(s)
mysql (140.246.229.195): 3 Time(s)
postgres (106.75.122.81): 3 Time(s)
postgres (116.196.90.254): 3 Time(s)
postgres (118.121.206.66): 3 Time(s)
postgres (140.246.229.195): 3 Time(s)
postgres (183.82.99.107): 3 Time(s)
postgres (200.150.87.131): 3 Time(s)
postgres (201.182.33.193): 3 Time(s)
postgres (206.189.222.38): 3 Time(s)
postgres (209.94.195.212): 3 Time(s)
postgres (211.ip-51-77-137.eu): 3 Time(s)
postgres (66.ip-54-37-68.eu): 3 Time(s)
postgres (82.196.4.46): 3 Time(s)
postgres (8n607612d0.main.ad.rit.edu): 3 Time(s)
root (118.25.177.241): 3 Time(s)
root (124.156.140.219): 3 Time(s)
root (159.203.190.189): 3 Time(s)
root (201.182.33.193): 3 Time(s)
root (212.156.136.114): 3 Time(s)
root (66.ip-54-37-68.eu): 3 Time(s)
root (ns349510.ip-91-121-116.eu): 3 Time(s)
temp (ns349510.ip-91-121-116.eu): 3 Time(s)
unknown (92.63.194.26): 3 Time(s)
www-data (201.182.33.193): 3 Time(s)
mysql (106.243.162.3): 2 Time(s)
mysql (209.235.67.48): 2 Time(s)
mysql (212.156.136.114): 2 Time(s)
mysql (ns349510.ip-91-121-116.eu): 2 Time(s)
postgres (124.156.140.219): 2 Time(s)
postgres (189.115.92.79): 2 Time(s)
postgres (220.247.174.14): 2 Time(s)
postgres (ns349510.ip-91-121-116.eu): 2 Time(s)
root (106.75.122.81): 2 Time(s)
root (118.121.206.66): 2 Time(s)
root (178.128.211.157): 2 Time(s)
root (180.126.34.80): 2 Time(s)
root (181.237.189.35.bc.googleusercontent.com): 2 Time(s)
root (200.150.87.131): 2 Time(s)
root (211.ip-51-77-137.eu): 2 Time(s)
root (ns3306296.ip-178-32-219.eu): 2 Time(s)
root (server.etaaleem.com): 2 Time(s)
temp (116.196.90.254): 2 Time(s)
temp (178.128.211.157): 2 Time(s)
temp (82.196.4.46): 2 Time(s)
temp (8n607612d0.main.ad.rit.edu): 2 Time(s)
unknown (1.232.77.64): 2 Time(s)
unknown (119.149.141.191): 2 Time(s)
unknown (176.red-81-38-63.dynamicip.rima-tde.net): 2 Time(s)
unknown (athedsl-361123.home.otenet.gr): 2 Time(s)
www-data (140.246.229.195): 2 Time(s)
mysql (106.12.120.79): 1 Time(s)
mysql (106.53.71.176): 1 Time(s)
mysql (116.196.90.254): 1 Time(s)
mysql (124.156.140.219): 1 Time(s)
mysql (147.139.132.146): 1 Time(s)
mysql (181.237.189.35.bc.googleusercontent.com): 1 Time(s)
mysql (183.82.99.107): 1 Time(s)
mysql (220.247.174.14): 1 Time(s)
mysql (51.255.30.22): 1 Time(s)
mysql (82.196.4.46): 1 Time(s)
mysql (8n607612d0.main.ad.rit.edu): 1 Time(s)
mysql (94.191.21.35): 1 Time(s)
mysql (mail.hluchak.cz): 1 Time(s)
mysql (server.etaaleem.com): 1 Time(s)
postgres (106.53.71.176): 1 Time(s)
postgres (118.25.177.241): 1 Time(s)
postgres (132.232.118.214): 1 Time(s)
postgres (138.68.74.107): 1 Time(s)
postgres (178.128.76.6): 1 Time(s)
postgres (server.etaaleem.com): 1 Time(s)
root (116.196.90.254): 1 Time(s)
root (123.207.167.233): 1 Time(s)
root (140.246.229.195): 1 Time(s)
root (147.139.132.146): 1 Time(s)
root (178.128.76.6): 1 Time(s)
root (183.82.99.107): 1 Time(s)
root (189.115.92.79): 1 Time(s)
root (206.189.222.38): 1 Time(s)
root (209.94.195.212): 1 Time(s)
root (220.247.174.14): 1 Time(s)
root (40.73.29.153): 1 Time(s)
root (51.255.30.22): 1 Time(s)
root (58.240.52.75): 1 Time(s)
root (82.196.4.46): 1 Time(s)
root (8n607612d0.main.ad.rit.edu): 1 Time(s)
temp (106.75.122.81): 1 Time(s)
temp (118.121.206.66): 1 Time(s)
temp (118.25.177.241): 1 Time(s)
temp (124.156.140.219): 1 Time(s)
temp (180.66.207.67): 1 Time(s)
temp (181.237.189.35.bc.googleusercontent.com): 1 Time(s)
temp (201.182.33.193): 1 Time(s)
temp (209.94.195.212): 1 Time(s)
temp (66.ip-54-37-68.eu): 1 Time(s)
temp (server.etaaleem.com): 1 Time(s)
unknown (103.136.43.108): 1 Time(s)
unknown (109.252.240.202): 1 Time(s)
unknown (113.215.221.141): 1 Time(s)
unknown (121.122.13.83): 1 Time(s)
unknown (124.207.187.139): 1 Time(s)
unknown (129.213.117.53): 1 Time(s)
unknown (134.19.187.77): 1 Time(s)
unknown (167.71.172.174): 1 Time(s)
unknown (180.126.34.80): 1 Time(s)
unknown (181.223.213.28): 1 Time(s)
unknown (197.46.174.103): 1 Time(s)
unknown (27.210.143.2): 1 Time(s)
unknown (36.26.115.133): 1 Time(s)
unknown (40.74.120.190): 1 Time(s)
unknown (49.69.200.89): 1 Time(s)
unknown (62.231.168.109): 1 Time(s)
www-data (106.53.71.176): 1 Time(s)
www-data (116.196.90.254): 1 Time(s)
www-data (159.203.190.189): 1 Time(s)
www-data (183.82.99.107): 1 Time(s)
www-data (206.189.222.38): 1 Time(s)
www-data (211.ip-51-77-137.eu): 1 Time(s)
www-data (212.156.136.114): 1 Time(s)
www-data (66.ip-54-37-68.eu): 1 Time(s)
www-data (8n607612d0.main.ad.rit.edu): 1 Time(s)
www-data (94.191.21.35): 1 Time(s)
www-data (ns3306296.ip-178-32-219.eu): 1 Time(s)
Invalid Users:
Unknown Account: 3234 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
2 Miscellaneous warnings
21.731K Bytes accepted 22,253
21.731K Bytes sent via SMTP 22,253
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
295 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
295 Total 4xx Rejects 100.00%
======== ==================================================
367 Connections
298 Connections lost (inbound)
367 Disconnections
1 Removed from queue
1 Sent via SMTP
2 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 3 Time(s)
root : 5 Time(s)
Failed logins from:
35.189.237.181 (181.237.189.35.bc.googleusercontent.com): 4 times
40.73.29.153: 1 time
49.88.112.55: 6 times
51.77.137.211 (211.ip-51-77-137.eu): 6 times
51.255.30.22: 2 times
54.37.68.66 (66.ip-54-37-68.eu): 8 times
58.240.52.75: 1 time
82.196.4.46: 7 times
91.121.116.65 (ns349510.ip-91-121-116.eu): 10 times
94.191.21.35: 7 times
94.226.255.121 (94-226-255-121.access.telenet.be): 6 times
95.173.196.206 (mail.hluchak.cz): 1 time
106.12.120.79: 10 times
106.53.71.176: 3 times
106.75.122.81: 6 times
106.243.162.3: 6 times
116.196.90.254: 8 times
118.25.177.241: 5 times
118.121.206.66: 9 times
123.207.167.233: 1 time
124.156.140.219: 7 times
129.21.226.211 (8n607612d0.main.ad.rit.edu): 8 times
132.232.118.214: 1 time
138.68.74.107: 1 time
140.246.229.195: 9 times
147.139.132.146: 2 times
159.203.190.189: 8 times
162.214.14.3 (server.etaaleem.com): 5 times
178.32.219.209 (ns3306296.ip-178-32-219.eu): 3 times
178.128.76.6: 2 times
178.128.211.157: 4 times
180.66.207.67: 1 time
180.117.116.184: 6 times
180.126.34.80: 5 times
183.82.99.107 (broadband.actcorp.in): 6 times
189.115.92.79 (189.115.92.79.static.gvt.net.br): 3 times
200.150.87.131 (131.87.150.200.static.copel.net): 5 times
201.182.33.193: 10 times
206.189.222.38: 5 times
209.94.195.212 (209.94.195.212.business.static.tstt.net.tt): 5 times
209.235.67.48: 11 times
212.156.136.114 (212.156.136.114.static.turktelekom.com.tr): 10 times
218.92.0.155: 6 times
218.92.0.181: 6 times
220.247.174.14: 4 times
Illegal users from:
undef: 524 times
1.232.77.64: 2 times
27.210.143.2: 5 times
35.189.237.181 (181.237.189.35.bc.googleusercontent.com): 115 times
36.26.115.133: 5 times
40.74.120.190: 1 time
49.69.200.89: 5 times
51.77.137.211 (211.ip-51-77-137.eu): 39 times
51.255.30.22: 122 times
54.37.68.66 (66.ip-54-37-68.eu): 107 times
58.240.52.75: 25 times
62.231.168.109 (62-231-168-109.rdtc.ru): 1 time
78.194.214.19 (imb69-1-78-194-214-19.fbxo.proxad.net): 5 times
81.38.63.176 (176.red-81-38-63.dynamicip.rima-tde.net): 2 times
82.196.4.46: 96 times
87.202.138.86 (athedsl-361123.home.otenet.gr): 2 times
91.121.116.65 (ns349510.ip-91-121-116.eu): 109 times
92.63.194.26: 3 times
94.191.21.35: 41 times
95.173.196.206 (mail.hluchak.cz): 63 times
103.27.237.67: 13 times
103.136.43.108: 1 time
106.12.120.79: 105 times
106.53.71.176: 65 times
106.75.122.81: 98 times
106.243.162.3: 90 times
109.252.240.202: 1 time
113.215.221.141: 5 times
116.196.90.254: 65 times
116.228.58.93: 58 times
118.25.177.241: 80 times
118.121.206.66: 90 times
119.149.141.191: 2 times
121.122.13.83 (mx4.mbsbislamicbank.com): 1 time
123.175.52.251: 6 times
123.207.167.233: 102 times
124.156.140.219: 99 times
124.207.187.139: 1 time
129.21.226.211 (8n607612d0.main.ad.rit.edu): 61 times
129.213.117.53: 1 time
132.232.118.214: 79 times
134.19.187.77: 1 time
138.68.74.107: 18 times
139.162.122.110 (scan-8.security.ipip.net): 1 time
140.246.229.195: 87 times
147.139.132.146: 24 times
159.203.190.189: 120 times
162.214.14.3 (server.etaaleem.com): 63 times
167.71.172.174: 1 time
167.114.152.139 (139.ip-167-114-152.net): 49 times
178.32.219.209 (ns3306296.ip-178-32-219.eu): 122 times
178.128.22.249: 15 times
178.128.76.6: 18 times
178.128.211.157: 95 times
180.66.207.67: 43 times
180.126.34.80: 3 times
180.126.227.23: 6 times
181.223.213.28 (b5dfd51c.virtua.com.br): 1 time
183.82.99.107 (broadband.actcorp.in): 110 times
189.115.92.79 (189.115.92.79.static.gvt.net.br): 52 times
193.32.163.182 (hosting-by.cloud-home.me): 4 times
197.46.174.103 (host-197.46.174.103.tedata.net): 1 time
200.150.87.131 (131.87.150.200.static.copel.net): 83 times
201.41.148.228 (201-41-148-228.mganm301b.ipd.brasiltelecom.net.br): 42 times
201.182.33.193: 82 times
206.189.222.38: 109 times
209.94.195.212 (209.94.195.212.business.static.tstt.net.tt): 65 times
209.235.67.48: 113 times
212.156.136.114 (212.156.136.114.static.turktelekom.com.tr): 94 times
219.156.197.209 (hn.kd.ny.adsl): 6 times
220.247.174.14: 36 times
**Unmatched Entries**
Disconnecting: Change of username or service not allowed: (1,ssh-connection) ->
(111,ssh-connection) [preauth] : 1 time(s)
fatal: Unable to negotiate a key exchange method [preauth] : 1 time(s)
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) ->
(user,ssh-connection) [preauth] : 4 time(s)
fatal: no matching cipher found: client
aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none
server
aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
[preauth] : 3 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 242G 159G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
2230
days inactive
2230
days old
0 comments
1 participants
participants (1)
-
root@zapf.in