04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sat Dec 21 04:42:03 2019
Date Range Processed: yesterday
( 2019-Dec-20 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [156:157]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 1 sites probed the server
66.240.205.34
Requests with error response codes
400 Bad Request
/: 2 Time(s)
mstshash=Administr: 2 Time(s)
null: 2 Time(s)
/?0628182016134805143312: 1 Time(s)
icap://icap-server.net/server?arg=87: 1 Time(s)
404 Not Found
/robots.txt: 37 Time(s)
/berlin/apple-touch-icon.png: 18 Time(s)
/home/verein: 3 Time(s)
/home/zapf: 3 Time(s)
/wp-login.php: 3 Time(s)
/protokolle/Protokoll_MV_FFM_21.11.2015.pdf: 2 Time(s)
/__media__/js/netsoltrademark.php: 1 Time(s)
/resolutionen/wise15/Transparenz_in_der_Dr ... sparenz_in_der_: 1 Time(s)
/sites/default/file/2013_05_Stellungnahme_CHERanking.pdf: 1 Time(s)
/verein/satzung/%7CSatzung: 1 Time(s)
/xmlrpc.php: 1 Time(s)
500 Internal Server Error
/: 130 Time(s)
/HNAP1: 1 Time(s)
/ajax: 1 Time(s)
/app/provision/000000000000.cfg: 1 Time(s)
/app/provision/?mac=00a2895806ec: 1 Time(s)
/evox/about: 1 Time(s)
/login/submit/only: 1 Time(s)
/nmaplowercheck1576863746: 1 Time(s)
/sdk: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (222.186.173.142): 54 Time(s)
root (222.186.173.154): 41 Time(s)
root (222.186.175.167): 36 Time(s)
root (222.186.175.217): 36 Time(s)
root (222.186.180.223): 35 Time(s)
root (218.92.0.131): 30 Time(s)
root (222.186.173.183): 30 Time(s)
root (222.186.175.181): 30 Time(s)
root (222.186.42.4): 30 Time(s)
root (222.186.180.147): 25 Time(s)
root (222.186.169.192): 24 Time(s)
root (222.186.173.238): 24 Time(s)
root (222.186.175.220): 24 Time(s)
root (49.88.112.64): 24 Time(s)
root (218.92.0.212): 23 Time(s)
root (222.186.169.194): 23 Time(s)
root (222.186.180.41): 23 Time(s)
root (218.92.0.148): 20 Time(s)
root (222.186.175.161): 19 Time(s)
root (222.186.173.180): 18 Time(s)
root (222.186.175.147): 18 Time(s)
root (222.186.175.154): 18 Time(s)
root (222.186.175.182): 18 Time(s)
root (222.186.175.202): 18 Time(s)
root (222.186.180.17): 18 Time(s)
root (222.186.180.6): 18 Time(s)
root (222.186.190.92): 18 Time(s)
root (218.92.0.175): 17 Time(s)
root (222.186.190.2): 17 Time(s)
root (218.92.0.134): 12 Time(s)
root (218.92.0.164): 12 Time(s)
root (218.92.0.178): 12 Time(s)
root (218.92.0.179): 12 Time(s)
root (222.186.173.215): 12 Time(s)
root (222.186.175.148): 12 Time(s)
root (222.186.175.150): 12 Time(s)
root (222.186.175.151): 12 Time(s)
root (222.186.175.155): 12 Time(s)
root (222.186.175.163): 12 Time(s)
root (222.186.175.169): 12 Time(s)
root (222.186.175.183): 12 Time(s)
root (61.177.172.128): 12 Time(s)
root (218.92.0.155): 11 Time(s)
root (222.186.180.9): 11 Time(s)
root (222.186.173.226): 9 Time(s)
root (112.85.42.181): 6 Time(s)
root (218.92.0.135): 6 Time(s)
root (218.92.0.145): 6 Time(s)
root (218.92.0.158): 6 Time(s)
root (218.92.0.165): 6 Time(s)
root (218.92.0.170): 6 Time(s)
root (218.92.0.172): 6 Time(s)
root (222.186.175.216): 6 Time(s)
root (222.186.180.8): 6 Time(s)
root (49.88.112.59): 6 Time(s)
root (49.88.112.61): 6 Time(s)
root (49.88.112.62): 6 Time(s)
unknown (221.165.126.138): 6 Time(s)
root (112.85.42.171): 5 Time(s)
root (112.85.42.175): 5 Time(s)
root (222.186.175.140): 5 Time(s)
root (222.186.175.212): 5 Time(s)
root (222.186.175.215): 5 Time(s)
unknown (223.226.116.4): 2 Time(s)
unknown (92.63.194.26): 2 Time(s)
unknown (cpe-65-24-251-40.insight.res.rr.com): 2 Time(s)
postgres (103.101.52.48): 1 Time(s)
postgres (222.128.59.164): 1 Time(s)
postgres (36.66.156.125): 1 Time(s)
root (112.214.136.5): 1 Time(s)
root (178.79.11.62): 1 Time(s)
root (180.190.64.11): 1 Time(s)
root (185.120.77.56): 1 Time(s)
root (188.39.20.2): 1 Time(s)
root (195.231.9.20): 1 Time(s)
root (197.69.194.35.bc.googleusercontent.com): 1 Time(s)
root (218.92.0.141): 1 Time(s)
root (27.50.24.83): 1 Time(s)
root (53.red-80-28-238.staticip.rima-tde.net): 1 Time(s)
root (bcdd2abd.skybroadband.com): 1 Time(s)
root (ip33.ip-198-50-159.net): 1 Time(s)
root (lfbn-idf1-1-1632-112.w90-90.abo.wanadoo.fr): 1 Time(s)
root (static-52-252-24-46.ipcom.comunitel.net): 1 Time(s)
root (static-70-145-62-95.ipcom.comunitel.net): 1 Time(s)
unknown (103.91.181.25): 1 Time(s)
unknown (104.236.246.16): 1 Time(s)
unknown (110.164.76.61): 1 Time(s)
unknown (111.95.5.23): 1 Time(s)
unknown (116.72.16.15): 1 Time(s)
unknown (119.205.235.251): 1 Time(s)
unknown (120.132.124.237): 1 Time(s)
unknown (121.69.40.250): 1 Time(s)
unknown (123.21.67.84): 1 Time(s)
unknown (132.145.18.157): 1 Time(s)
unknown (139.59.78.236): 1 Time(s)
unknown (14.173.131.138): 1 Time(s)
unknown (159.203.77.51): 1 Time(s)
unknown (159.65.144.233): 1 Time(s)
unknown (180.245.146.38): 1 Time(s)
unknown (182.185.223.185): 1 Time(s)
unknown (185.120.77.56): 1 Time(s)
unknown (188.166.237.191): 1 Time(s)
unknown (194-118-206-6.hdsl.highway.telekom.at): 1 Time(s)
unknown (200.173.187.35.bc.googleusercontent.com): 1 Time(s)
unknown (206.189.137.113): 1 Time(s)
unknown (223.29.200.70): 1 Time(s)
unknown (37.139.13.105): 1 Time(s)
unknown (40.124.4.131): 1 Time(s)
unknown (46.101.27.6): 1 Time(s)
unknown (49.49.244.149): 1 Time(s)
unknown (5.11.37.63): 1 Time(s)
unknown (58.22.99.135): 1 Time(s)
unknown (91.205.217.22): 1 Time(s)
unknown (95.189.104.67): 1 Time(s)
unknown (host133.200-117-239.telecom.net.ar): 1 Time(s)
unknown (ip-132-148-129-180.ip.secureserver.net): 1 Time(s)
unknown (ip-176-199-132-109.hsi06.unitymediagroup.de): 1 Time(s)
unknown (ip-206-57.sn1.clouditalia.com): 1 Time(s)
unknown (mail6.keltron.in): 1 Time(s)
unknown (mx-ll-183.89.237-49.dynamic.3bb.co.th): 1 Time(s)
unknown (nilsriecker.de): 1 Time(s)
unknown (ns301667.ip-94-23-50.eu): 1 Time(s)
unknown (ns3045583.ip-46-105-122.eu): 1 Time(s)
unknown (ool-8e366592.static.optonline.net): 1 Time(s)
unknown (ppp91-122-191-82.pppoe.avangarddsl.ru): 1 Time(s)
unknown (v133-130-109-118.a038.g.tyo1.static.cnode.io): 1 Time(s)
Invalid Users:
Unknown Account: 54 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
6 Miscellaneous warnings
13.751K Bytes accepted 14,081
13.751K Bytes sent via SMTP 14,081
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
2 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
2 Total 4xx Rejects 100.00%
======== ==================================================
101 Connections
44 Connections lost (inbound)
101 Disconnections
1 Removed from queue
1 Sent via SMTP
2 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- rsyslogd Begin ------------------------
**** Unmatched entries ****
[origin software="rsyslogd" swVersion="8.4.2"
x-pid="243" x-info="http://www.rsyslog.com"] exiting on signal 15. : 1
Times
---------------------- rsyslogd End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
**Unmatched Entries**
systemd-logind: New seat seat0.: 1 Time(s)
---------------------- Connections (secure-log) End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
SSHD Started: 2 Time(s)
Disconnecting after too many authentication failures for user:
invalid : 1 Time(s)
root : 170 Time(s)
Failed logins from:
27.50.24.83 (ip-27-50-24-83.cepat.net.id): 1 time
35.194.69.197 (197.69.194.35.bc.googleusercontent.com): 1 time
36.66.156.125: 1 time
46.24.252.52 (static-52-252-24-46.ipcom.comunitel.net): 1 time
49.88.112.59: 6 times
49.88.112.61: 6 times
49.88.112.62: 6 times
49.88.112.64: 24 times
61.177.172.128: 12 times
80.28.238.53 (53.red-80-28-238.staticip.rima-tde.net): 1 time
90.90.7.112 (lfbn-idf1-1-1632-112.w90-90.abo.wanadoo.fr): 1 time
95.62.145.70 (static-70-145-62-95.ipcom.comunitel.net): 1 time
103.101.52.48 (48.52.101.103.in-addr.arpa.semarangkota.go.id): 1 time
112.85.42.171: 5 times
112.85.42.175: 6 times
112.85.42.181: 6 times
112.214.136.5: 1 time
178.79.11.62 (11-62-dynamic.kti.rs): 1 time
180.190.64.11: 1 time
185.120.77.56: 1 time
188.39.20.2 (gateway.britishfriendly.com): 1 time
188.221.42.189 (bcdd2abd.skybroadband.com): 1 time
195.231.9.20 (host20-9-231-195.serverdedicati.aruba.it): 1 time
198.50.159.33 (ip33.ip-198-50-159.net): 1 time
218.92.0.131: 30 times
218.92.0.134: 12 times
218.92.0.135: 6 times
218.92.0.141: 4 times
218.92.0.145: 6 times
218.92.0.148: 20 times
218.92.0.155: 11 times
218.92.0.158: 6 times
218.92.0.164: 12 times
218.92.0.165: 6 times
218.92.0.170: 6 times
218.92.0.172: 6 times
218.92.0.175: 17 times
218.92.0.178: 12 times
218.92.0.179: 12 times
218.92.0.212: 23 times
222.128.59.164: 1 time
222.186.42.4: 30 times
222.186.169.192: 24 times
222.186.169.194: 23 times
222.186.173.142: 54 times
222.186.173.154: 41 times
222.186.173.180: 18 times
222.186.173.183: 30 times
222.186.173.215: 12 times
222.186.173.226: 12 times
222.186.173.238: 24 times
222.186.175.140: 5 times
222.186.175.147: 18 times
222.186.175.148: 12 times
222.186.175.150: 12 times
222.186.175.151: 12 times
222.186.175.154: 18 times
222.186.175.155: 12 times
222.186.175.161: 19 times
222.186.175.163: 12 times
222.186.175.167: 36 times
222.186.175.169: 12 times
222.186.175.181: 30 times
222.186.175.182: 18 times
222.186.175.183: 12 times
222.186.175.202: 18 times
222.186.175.212: 5 times
222.186.175.215: 5 times
222.186.175.216: 6 times
222.186.175.217: 36 times
222.186.175.220: 24 times
222.186.180.6: 18 times
222.186.180.8: 6 times
222.186.180.9: 11 times
222.186.180.17: 18 times
222.186.180.41: 23 times
222.186.180.147: 27 times
222.186.180.223: 35 times
222.186.190.2: 17 times
222.186.190.92: 18 times
Illegal users from:
undef: 18 times
5.11.37.63: 1 time
14.173.131.138 (static.vnpt.vn): 1 time
35.187.173.200 (200.173.187.35.bc.googleusercontent.com): 1 time
37.139.13.105: 1 time
40.124.4.131: 1 time
46.101.27.6 (wetech.digital.demo): 1 time
46.105.122.62 (ns3045583.ip-46-105-122.eu): 1 time
49.49.244.149 (mx-ll-49.49.244-149.dynamic.3bb.co.th): 1 time
58.22.99.135: 1 time
62.94.206.57 (ip-206-57.sn1.clouditalia.com): 1 time
65.24.251.40 (cpe-65-24-251-40.insight.res.rr.com): 2 times
91.122.191.82 (ppp91-122-191-82.pppoe.avangarddsl.ru): 1 time
91.205.217.22: 1 time
92.63.194.26: 2 times
94.23.50.194 (ns301667.ip-94-23-50.eu): 1 time
95.189.104.67 (xn--80apagqjddln9b0ga.xn--p1ai.104.189.95.in-addr.arpa): 1 time
103.10.168.8 (mail6.keltron.in): 1 time
103.91.181.25: 1 time
104.236.246.16: 1 time
110.164.76.61 (mx-ll-110-164-76-61.static.3bb.co.th): 1 time
111.95.5.23 (fm-dyn-111-95-5-23.fast.net.id): 1 time
116.72.16.15: 1 time
119.205.235.251: 1 time
120.132.124.237: 1 time
121.69.40.250: 1 time
123.21.67.84: 1 time
132.145.18.157: 1 time
132.148.129.180 (ip-132-148-129-180.ip.secureserver.net): 1 time
133.130.109.118 (v133-130-109-118.a038.g.tyo1.static.cnode.io): 1 time
139.59.78.236: 1 time
142.54.101.146 (ool-8e366592.static.optonline.net): 1 time
159.65.144.233: 1 time
159.203.77.51: 1 time
165.227.151.59 (nilsriecker.de): 1 time
176.199.132.109 (ip-176-199-132-109.hsi06.unitymediagroup.de): 1 time
180.245.146.38: 1 time
182.185.223.185: 1 time
183.89.237.49 (mx-ll-183.89.237-49.dynamic.3bb.co.th): 1 time
185.120.77.56: 1 time
188.166.237.191: 1 time
194.118.206.6 (194-118-206-6.hdsl.highway.telekom.at): 1 time
200.117.239.133 (host133.200-117-239.telecom.net.ar): 1 time
206.189.137.113: 1 time
221.165.126.138: 6 times
223.29.200.70 (Kol-223.29.200.70.PMPL-Broadband.net): 1 time
223.226.116.4: 2 times
**Unmatched Entries**
error: Received disconnect from 141.98.10.39: 2: Handshake failed [preauth] : 1 time(s)
fatal: no matching cipher found: client
aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none
server
aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
[preauth] : 4 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 241G 160G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
2129
days inactive
2129
days old
0 comments
1 participants
participants (1)
-
root@zapf.in