04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sat Sep 7 04:42:09 2019
Date Range Processed: yesterday
( 2019-Sep-06 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [476:481]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 4 sites probed the server
121.140.47.104
172.104.242.173
61.219.11.153
66.240.205.34
Requests with error response codes
400 Bad Request
../../mnt/custom/ProductDefinition: 15 Time(s)
null: 6 Time(s)
mstshash=Administr: 2 Time(s)
mstshash=Test: 2 Time(s)
/setup.cgi?next_file=netgear.cfg&todo=sysc ... ntsetting.htm=1: 1 Time(s)
404 Not Found
/robots.txt: 109 Time(s)
/berlin/apple-touch-icon.png: 6 Time(s)
/berichte/SoSe16/www.zapfev.de/reader/2016 ... nstanz_lang.pdf: 1 Time(s)
/berichte/SoSe16/www.zapfev.de/resolutione ... hraenkungen.pdf: 1 Time(s)
/berichte/WiSe16/www.zapfev.de/resolutione ... professuren.pdf: 1 Time(s)
/berlin/,: 1 Time(s)
/download/zapfev_satzung.pdf: 1 Time(s)
/protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s)
/reader/www.zapfev.de/zapf/resolutionen: 1 Time(s)
/resolutionen/sose18/Pruefungsanmeldung/reso_pruefungsanmel-: 1 Time(s)
/resolutionen/wise16/Zugangs-Zulassungsbeschraenkung/Reso: 1 Time(s)
/resolutionen/wise17/Zwangsexmatrikulation ... sexmatrikulati-: 1 Time(s)
/sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
/wp-login.php: 1 Time(s)
500 Internal Server Error
/: 45 Time(s)
/robots.txt: 7 Time(s)
/Lists/admin.php: 1 Time(s)
/admin.php: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (ns354139.ip-91-121-103.eu): 123 Time(s)
unknown (168.126.85.225): 116 Time(s)
unknown (103.28.57.86): 112 Time(s)
unknown (200.209.174.92): 107 Time(s)
unknown (36-232-17-190.fibertel.com.ar): 107 Time(s)
unknown (164.ip-144-217-84.net): 104 Time(s)
unknown (62.234.105.16): 104 Time(s)
unknown (ns388274.ip-176-31-253.eu): 101 Time(s)
unknown (124.156.202.243): 99 Time(s)
unknown (188.166.41.192): 95 Time(s)
unknown (user-83.96.infomir.com.ua): 95 Time(s)
unknown (138.36.96.46): 94 Time(s)
unknown (118.24.23.100): 92 Time(s)
unknown (178.128.125.60): 92 Time(s)
unknown (110.43.42.244): 88 Time(s)
unknown (154.ip-51-75-22.eu): 87 Time(s)
unknown (221.133.1.11): 82 Time(s)
unknown (43.231.61.147): 81 Time(s)
unknown (190.9.130.159): 77 Time(s)
unknown (ip17.ip-51-254-57.eu): 73 Time(s)
unknown (202.65.151.31): 68 Time(s)
unknown (124.74.248.218): 67 Time(s)
unknown (210.209.72.243): 67 Time(s)
unknown (189.7.17.61): 65 Time(s)
unknown (104.248.187.179): 61 Time(s)
unknown (50-250-231-41-static.hfc.comcastbusiness.net): 58 Time(s)
unknown (111.230.227.17): 51 Time(s)
unknown (as5300-s21-008.cnt.entelchile.net): 50 Time(s)
unknown (181.28.94.205): 41 Time(s)
unknown (116.196.109.197): 37 Time(s)
unknown (113.176.89.116): 36 Time(s)
unknown (104.248.148.34): 33 Time(s)
unknown (36.92.21.50): 32 Time(s)
unknown (113.ip-51-68-215.eu): 19 Time(s)
unknown (109.255.23.150): 17 Time(s)
unknown (45.80.64.246): 15 Time(s)
unknown (52.169.136.28): 15 Time(s)
unknown (157.230.18.195): 10 Time(s)
root (112.85.42.178): 6 Time(s)
root (119.183.48.113): 6 Time(s)
root (123.15.12.3): 6 Time(s)
root (180.126.50.50): 6 Time(s)
root (bzq-79-176-29-242.red.bezeqint.net): 6 Time(s)
unknown (175.ip-51-75-19.eu): 6 Time(s)
unknown (cpc109369-brom11-2-0-cust71.16-1.cable.virginm.net): 6 Time(s)
root (104.248.187.179): 5 Time(s)
root (164.ip-144-217-84.net): 5 Time(s)
postgres (178.128.125.60): 4 Time(s)
root (116.196.109.197): 4 Time(s)
root (210.209.72.243): 4 Time(s)
unknown (59.54.154.118): 4 Time(s)
mysql (168.126.85.225): 3 Time(s)
mysql (ns354139.ip-91-121-103.eu): 3 Time(s)
postgres (168.126.85.225): 3 Time(s)
postgres (36-232-17-190.fibertel.com.ar): 3 Time(s)
postgres (ns354139.ip-91-121-103.eu): 3 Time(s)
postgres (user-83.96.infomir.com.ua): 3 Time(s)
root (124.156.202.243): 3 Time(s)
root (138.36.96.46): 3 Time(s)
root (168.126.85.225): 3 Time(s)
root (200.209.174.92): 3 Time(s)
root (43.231.61.147): 3 Time(s)
root (as5300-s21-008.cnt.entelchile.net): 3 Time(s)
unknown (193.32.163.182): 3 Time(s)
unknown (218.153.159.206): 3 Time(s)
unknown (92.63.194.26): 3 Time(s)
mysql (111.230.227.17): 2 Time(s)
mysql (124.156.202.243): 2 Time(s)
mysql (138.36.96.46): 2 Time(s)
mysql (43.231.61.147): 2 Time(s)
postgres (103.28.57.86): 2 Time(s)
postgres (110.43.42.244): 2 Time(s)
postgres (111.230.227.17): 2 Time(s)
postgres (164.ip-144-217-84.net): 2 Time(s)
postgres (189.7.17.61): 2 Time(s)
postgres (190.9.130.159): 2 Time(s)
postgres (200.209.174.92): 2 Time(s)
postgres (210.209.72.243): 2 Time(s)
postgres (ip17.ip-51-254-57.eu): 2 Time(s)
root (178.128.125.60): 2 Time(s)
root (36-232-17-190.fibertel.com.ar): 2 Time(s)
root (45.80.64.246): 2 Time(s)
root (user-83.96.infomir.com.ua): 2 Time(s)
www-data (ns354139.ip-91-121-103.eu): 2 Time(s)
games (116.196.109.197): 1 Time(s)
mail (104.248.187.179): 1 Time(s)
mysql (188.166.41.192): 1 Time(s)
mysql (189.7.17.61): 1 Time(s)
mysql (190.9.130.159): 1 Time(s)
mysql (202.65.151.31): 1 Time(s)
mysql (210.209.72.243): 1 Time(s)
mysql (36-232-17-190.fibertel.com.ar): 1 Time(s)
mysql (52.169.136.28): 1 Time(s)
mysql (ip17.ip-51-254-57.eu): 1 Time(s)
postgres (104.248.148.34): 1 Time(s)
postgres (104.248.187.179): 1 Time(s)
postgres (109.255.23.150): 1 Time(s)
postgres (113.ip-51-68-215.eu): 1 Time(s)
postgres (124.74.248.218): 1 Time(s)
postgres (188.166.41.192): 1 Time(s)
postgres (45.80.64.246): 1 Time(s)
postgres (ns388274.ip-176-31-253.eu): 1 Time(s)
root (103.28.57.86): 1 Time(s)
root (109.255.23.150): 1 Time(s)
root (110.43.42.244): 1 Time(s)
root (111.230.227.17): 1 Time(s)
root (118.121.201.83): 1 Time(s)
root (124.74.248.218): 1 Time(s)
root (154.ip-51-75-22.eu): 1 Time(s)
root (180.66.34.140): 1 Time(s)
root (202.65.151.31): 1 Time(s)
root (221.133.1.11): 1 Time(s)
root (36.92.21.50): 1 Time(s)
root (5.196.252.8.infinity-hosting.com): 1 Time(s)
root (50-250-231-41-static.hfc.comcastbusiness.net): 1 Time(s)
root (52.169.136.28): 1 Time(s)
root (62.234.105.16): 1 Time(s)
root (ip17.ip-51-254-57.eu): 1 Time(s)
root (ns388274.ip-176-31-253.eu): 1 Time(s)
temp (109.255.23.150): 1 Time(s)
temp (138.36.96.46): 1 Time(s)
temp (164.ip-144-217-84.net): 1 Time(s)
temp (168.126.85.225): 1 Time(s)
temp (210.209.72.243): 1 Time(s)
temp (221.133.1.11): 1 Time(s)
unknown (112.186.77.86): 1 Time(s)
unknown (121.142.111.86): 1 Time(s)
unknown (121.67.246.132): 1 Time(s)
unknown (129.204.176.234): 1 Time(s)
unknown (14.186.41.222): 1 Time(s)
unknown (152.169.204.74): 1 Time(s)
unknown (175.211.116.234): 1 Time(s)
unknown (202.137.141.91): 1 Time(s)
unknown (218.148.239.169): 1 Time(s)
unknown (223.245.31.65): 1 Time(s)
unknown (49.235.8.107): 1 Time(s)
unknown (blog.jungleland.co.id): 1 Time(s)
unknown (data-131-6.cgates.lt): 1 Time(s)
unknown (ip5b432bb6.dynamic.kabel-deutschland.de): 1 Time(s)
unknown (mail.resistance.cf): 1 Time(s)
unknown (ns2.cablebox.co): 1 Time(s)
www-data (104.248.148.34): 1 Time(s)
www-data (116.196.109.197): 1 Time(s)
www-data (124.156.202.243): 1 Time(s)
www-data (188.166.41.192): 1 Time(s)
www-data (36.92.21.50): 1 Time(s)
www-data (50-250-231-41-static.hfc.comcastbusiness.net): 1 Time(s)
www-data (ns388274.ip-176-31-253.eu): 1 Time(s)
Invalid Users:
Unknown Account: 2716 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
5 Miscellaneous warnings
17.950K Bytes accepted 18,381
17.950K Bytes sent via SMTP 18,381
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
2 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
2 Total 4xx Rejects 100.00%
======== ==================================================
660 Connections
3 Connections lost (inbound)
660 Disconnections
1 Removed from queue
1 Sent via SMTP
1 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
invalid : 1 Time(s)
root : 5 Time(s)
Failed logins from:
5.196.252.8 (5.196.252.8.infinity-hosting.com): 1 time
36.92.21.50: 2 times
43.231.61.147 (static-147-61-231-43.ebonenet.com): 5 times
45.80.64.246: 3 times
50.250.231.41 (50-250-231-41-static.hfc.comcastbusiness.net): 2 times
51.68.215.113 (113.ip-51-68-215.eu): 1 time
51.75.22.154 (154.ip-51-75-22.eu): 1 time
51.254.57.17 (ip17.ip-51-254-57.eu): 4 times
52.169.136.28: 2 times
62.234.105.16: 1 time
79.176.29.242 (bzq-79-176-29-242.red.bezeqint.net): 6 times
91.121.103.175 (ns354139.ip-91-121-103.eu): 8 times
103.28.57.86: 3 times
104.248.148.34: 2 times
104.248.187.179: 7 times
109.255.23.150: 3 times
110.43.42.244: 3 times
111.230.227.17: 5 times
112.85.42.178: 6 times
116.196.109.197: 6 times
118.121.201.83: 1 time
119.183.48.113: 6 times
123.15.12.3 (hn.kd.ny.adsl): 6 times
124.74.248.218: 2 times
124.156.202.243: 6 times
138.36.96.46 (138-36-96-46.reduno.com.ar): 6 times
144.217.84.164 (164.ip-144-217-84.net): 8 times
164.77.119.18 (as5300-s21-008.cnt.entelchile.net): 3 times
168.126.85.225: 10 times
176.31.253.55 (ns388274.ip-176-31-253.eu): 3 times
178.128.125.60: 6 times
180.66.34.140: 1 time
180.126.50.50: 6 times
188.166.41.192: 3 times
189.7.17.61 (bd07113d.virtua.com.br): 3 times
190.9.130.159: 3 times
190.17.232.36 (36-232-17-190.fibertel.com.ar): 6 times
200.209.174.92: 5 times
202.65.151.31 (static-202-65-151-31.ctrls.in): 2 times
210.209.72.243: 8 times
217.73.83.96 (user-83.96.infomir.com.ua): 5 times
221.133.1.11: 2 times
Illegal users from:
undef: 648 times
5.20.131.6 (data-131-6.cgates.lt): 1 time
14.186.41.222 (static.vnpt.vn): 1 time
36.92.21.50: 32 times
43.231.61.147 (static-147-61-231-43.ebonenet.com): 81 times
45.80.64.246: 15 times
49.235.8.107: 1 time
50.250.231.41 (50-250-231-41-static.hfc.comcastbusiness.net): 58 times
51.15.167.124 (mail.resistance.cf): 1 time
51.68.215.113 (113.ip-51-68-215.eu): 19 times
51.75.19.175 (175.ip-51-75-19.eu): 6 times
51.75.22.154 (154.ip-51-75-22.eu): 87 times
51.254.57.17 (ip17.ip-51-254-57.eu): 73 times
52.169.136.28: 15 times
59.54.154.118 (118.154.54.59.broad.sr.jx.dynamic.163data.com.cn): 4 times
62.234.105.16: 104 times
82.41.141.72 (cpc109369-brom11-2-0-cust71.16-1.cable.virginm.net): 6 times
91.67.43.182 (ip5b432bb6.dynamic.kabel-deutschland.de): 1 time
91.121.103.175 (ns354139.ip-91-121-103.eu): 123 times
92.63.194.26: 3 times
103.28.57.86: 112 times
104.248.148.34: 33 times
104.248.187.179: 61 times
109.255.23.150: 17 times
110.43.42.244: 88 times
111.230.227.17: 51 times
112.186.77.86: 1 time
113.176.89.116 (static.vnpt.vn): 36 times
116.196.109.197: 37 times
118.24.23.100: 92 times
121.67.246.132: 1 time
121.142.111.86: 1 time
124.74.248.218: 67 times
124.156.202.243: 99 times
129.204.176.234: 1 time
138.36.96.46 (138-36-96-46.reduno.com.ar): 94 times
139.59.249.255 (blog.jungleland.co.id): 1 time
139.162.122.110 (scan-8.security.ipip.net): 1 time
144.217.79.233 (ns2.cablebox.co): 1 time
144.217.84.164 (164.ip-144-217-84.net): 104 times
152.169.204.74 (74-204-169-152.fibertel.com.ar): 1 time
157.230.18.195: 10 times
164.77.119.18 (as5300-s21-008.cnt.entelchile.net): 50 times
168.126.85.225: 116 times
175.211.116.234: 1 time
176.31.253.55 (ns388274.ip-176-31-253.eu): 101 times
178.128.125.60: 92 times
181.28.94.205 (205-94-28-181.fibertel.com.ar): 41 times
188.166.41.192: 95 times
189.7.17.61 (bd07113d.virtua.com.br): 65 times
190.9.130.159: 77 times
190.17.232.36 (36-232-17-190.fibertel.com.ar): 107 times
193.32.163.182 (hosting-by.cloud-home.me): 3 times
200.209.174.92: 107 times
202.65.151.31 (static-202-65-151-31.ctrls.in): 68 times
202.137.141.91: 1 time
210.209.72.243: 67 times
217.73.83.96 (user-83.96.infomir.com.ua): 95 times
218.148.239.169: 1 time
218.153.159.206: 3 times
221.133.1.11: 82 times
223.245.31.65: 5 times
**Unmatched Entries**
fatal: no matching cipher found: client
aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none
server
aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
[preauth] : 1 time(s)
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) ->
(user,ssh-connection) [preauth] : 3 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 242G 159G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
2236
days inactive
2236
days old
0 comments
1 participants
participants (1)
-
root@zapf.in