04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sat Sep 28 04:42:12 2019
Date Range Processed: yesterday
( 2019-Sep-27 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [347:349]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
A total of 3 sites probed the server
183.129.160.229
5.188.210.101
82.221.105.7
Requests with error response codes
400 Bad Request
null: 8 Time(s)
/w00tw00t.at.ISC.SANS.DFind:): 2 Time(s)
mstshash=Administr: 2 Time(s)
mstshash=Test: 2 Time(s)
../../mnt/custom/ProductDefinition: 1 Time(s)
HTTP/1.1: 1 Time(s)
http://5.188.210.101/echo.php: 1 Time(s)
zapf.in: 1 Time(s)
403 Forbidden
/resolutionen/sose17/gesellschaftlich_verantwortung/: 1 Time(s)
404 Not Found
/robots.txt: 41 Time(s)
/berlin/apple-touch-icon.png: 8 Time(s)
/wp-login.php: 3 Time(s)
/wp-admin/: 2 Time(s)
/ads.txt: 1 Time(s)
/berlin//apple-touch-icon.png: 1 Time(s)
/protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s)
/reader/2016_sose_konstanz_lang.pdf: 1 Time(s)
/resolutionen/wise15/Transparenz_in_der_Dr ... sparenz_in_der_: 1 Time(s)
/sites/default/files/2010_SoSe_Frankfurt.pdf: 1 Time(s)
/sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
500 Internal Server Error
/: 103 Time(s)
/MAPI/API: 1 Time(s)
/RDWeb/Pages/: 1 Time(s)
/_VTI_BIN/WSTS: 1 Time(s)
/api/v1/pods: 1 Time(s)
/robots.txt: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (177.47.18.50): 75 Time(s)
unknown (191.184.203.71): 67 Time(s)
unknown (108.ip-51-83-72.eu): 62 Time(s)
unknown (206.189.39.183): 62 Time(s)
unknown (157.230.94.157): 61 Time(s)
unknown (161-115-132-5.ftth.glasoperator.nl): 61 Time(s)
unknown (195.222.163.54): 61 Time(s)
unknown (es20.homesyspro.com): 61 Time(s)
unknown (121.12.151.250): 60 Time(s)
unknown (207.154.245.200): 59 Time(s)
unknown (60.11.113.212): 59 Time(s)
unknown (212.136.68.34.bc.googleusercontent.com): 57 Time(s)
unknown (103.115.227.18): 56 Time(s)
unknown (62.234.109.155): 56 Time(s)
unknown (148.70.62.12): 55 Time(s)
unknown (168-128-13-252-eu.mcp-services.net): 53 Time(s)
unknown (106.12.181.34): 52 Time(s)
unknown (121.122.141.49): 47 Time(s)
unknown (129.211.117.47): 43 Time(s)
unknown (220-244-98-26.static.tpgi.com.au): 43 Time(s)
unknown (142.93.201.168): 40 Time(s)
unknown (213.148.213.99): 40 Time(s)
unknown (ns388913.ip-176-31-100.eu): 40 Time(s)
unknown (107.13.186.21): 34 Time(s)
unknown (178.62.33.38): 33 Time(s)
unknown (231.red-80-58-157.staticip.rima-tde.net): 29 Time(s)
unknown (ip-138.net-89-2-157.rev.numericable.fr): 26 Time(s)
unknown (s0106ac202e1dbfb3.va.shawcable.net): 22 Time(s)
unknown (198.144.184.34): 21 Time(s)
unknown (27.111.83.239): 18 Time(s)
unknown (213.146.203.200): 16 Time(s)
unknown (77.93.33.212): 16 Time(s)
unknown (103.17.55.200): 15 Time(s)
unknown (46.105.244.1): 10 Time(s)
unknown (mail.matrixlink.net): 10 Time(s)
unknown (180.ip-51-89-148.eu): 8 Time(s)
unknown (111.230.241.245): 7 Time(s)
unknown (195.29.105.125): 7 Time(s)
unknown (mail2.bergschneider.de): 7 Time(s)
root (112.85.42.177): 6 Time(s)
root (148.70.62.12): 6 Time(s)
root (218.92.0.163): 6 Time(s)
root (49.88.112.54): 6 Time(s)
unknown (059148043097.ctinets.com): 6 Time(s)
unknown (114.223.49.97): 6 Time(s)
unknown (180.126.218.124): 6 Time(s)
unknown (37.228.139.235): 6 Time(s)
unknown (ti0034a400-1616.bb.online.no): 6 Time(s)
root (121.12.151.250): 4 Time(s)
root (62.234.109.155): 4 Time(s)
unknown (148.70.11.143): 4 Time(s)
unknown (60.29.241.2): 4 Time(s)
unknown (62-210-129-207.rev.poneytelecom.eu): 4 Time(s)
unknown (ns341006.ip-176-31-250.eu): 4 Time(s)
root (206.189.39.183): 3 Time(s)
root (223.83.155.77): 3 Time(s)
root (ns388913.ip-176-31-100.eu): 3 Time(s)
unknown (180.168.156.210): 3 Time(s)
unknown (193.32.163.182): 3 Time(s)
unknown (222.122.94.10): 3 Time(s)
unknown (223.83.155.77): 3 Time(s)
mysql (213.148.213.99): 2 Time(s)
root (129.211.117.47): 2 Time(s)
root (168-128-13-252-eu.mcp-services.net): 2 Time(s)
root (195.222.163.54): 2 Time(s)
root (207.154.245.200): 2 Time(s)
root (213.148.213.99): 2 Time(s)
root (218.92.0.181): 2 Time(s)
unknown (92.63.194.26): 2 Time(s)
unknown (95.249.81.207): 2 Time(s)
backup (161-115-132-5.ftth.glasoperator.nl): 1 Time(s)
backup (60.11.113.212): 1 Time(s)
bin (157.230.94.157): 1 Time(s)
games (195.222.163.54): 1 Time(s)
games (60.11.113.212): 1 Time(s)
gnats (107.13.186.21): 1 Time(s)
irc (60.11.113.212): 1 Time(s)
mail (195.29.105.125): 1 Time(s)
mysql (121.12.151.250): 1 Time(s)
mysql (157.230.94.157): 1 Time(s)
mysql (220-244-98-26.static.tpgi.com.au): 1 Time(s)
mysql (60.29.241.2): 1 Time(s)
news (207.154.245.200): 1 Time(s)
postgres (161-115-132-5.ftth.glasoperator.nl): 1 Time(s)
postgres (220-244-98-26.static.tpgi.com.au): 1 Time(s)
postgres (60.11.113.212): 1 Time(s)
postgres (ip-138.net-89-2-157.rev.numericable.fr): 1 Time(s)
postgres (ti0034a400-1616.bb.online.no): 1 Time(s)
proxy (46.105.244.1): 1 Time(s)
root (103.17.55.200): 1 Time(s)
root (106.12.181.34): 1 Time(s)
root (106.53.94.190): 1 Time(s)
root (108.ip-51-83-72.eu): 1 Time(s)
root (121.122.141.49): 1 Time(s)
root (128.199.129.68): 1 Time(s)
root (148.70.11.143): 1 Time(s)
root (157.230.94.157): 1 Time(s)
root (178.62.33.38): 1 Time(s)
root (180.168.156.210): 1 Time(s)
root (180.ip-51-89-148.eu): 1 Time(s)
root (212.136.68.34.bc.googleusercontent.com): 1 Time(s)
root (231.red-80-58-157.staticip.rima-tde.net): 1 Time(s)
root (27.111.83.239): 1 Time(s)
root (60.11.113.212): 1 Time(s)
root (60.29.241.2): 1 Time(s)
root (62-210-129-207.rev.poneytelecom.eu): 1 Time(s)
root (82.209.207.189.ripe.vitebsk.by): 1 Time(s)
root (c-67-184-64-224.hsd1.il.comcast.net): 1 Time(s)
root (es20.homesyspro.com): 1 Time(s)
root (malta2144.dedicatedpanel.com): 1 Time(s)
root (s0106ac202e1dbfb3.va.shawcable.net): 1 Time(s)
sshd (212.136.68.34.bc.googleusercontent.com): 1 Time(s)
sshd (62.234.109.155): 1 Time(s)
sshd (ip-138.net-89-2-157.rev.numericable.fr): 1 Time(s)
sync (62.234.109.155): 1 Time(s)
temp (121.122.141.49): 1 Time(s)
temp (148.70.62.12): 1 Time(s)
temp (206.189.39.183): 1 Time(s)
temp (213.148.213.99): 1 Time(s)
temp (220-244-98-26.static.tpgi.com.au): 1 Time(s)
temp (60.11.113.212): 1 Time(s)
temp (62.234.109.155): 1 Time(s)
unknown (103.94.5.42): 1 Time(s)
unknown (109.234.125.2): 1 Time(s)
unknown (110.164.205.133): 1 Time(s)
unknown (115.254.63.52): 1 Time(s)
unknown (116.red-83-48-29.staticip.rima-tde.net): 1 Time(s)
unknown (118.200.41.3): 1 Time(s)
unknown (123.20.115.105): 1 Time(s)
unknown (123.207.99.21): 1 Time(s)
unknown (1280.hostserv.eu): 1 Time(s)
unknown (14.207.43.144): 1 Time(s)
unknown (140.ip-193-70-37.eu): 1 Time(s)
unknown (150-tilogmed-147.reizigersvilla.nl): 1 Time(s)
unknown (177.37.77.64): 1 Time(s)
unknown (188.165.164.234): 1 Time(s)
unknown (193.192.48.70): 1 Time(s)
unknown (211.252.19.254): 1 Time(s)
unknown (40.112.248.127): 1 Time(s)
unknown (42.159.5.98): 1 Time(s)
unknown (46.pool85-57-27.dynamic.orange.es): 1 Time(s)
unknown (49.83.169.172): 1 Time(s)
unknown (70.ip-79-137-35.eu): 1 Time(s)
unknown (91.241.59.25): 1 Time(s)
unknown (decker-dent.de): 1 Time(s)
unknown (ds62-138-144-36.dedicated.hosteurope.de): 1 Time(s)
unknown (ip-148-72-208-74.ip.secureserver.net): 1 Time(s)
unknown (mail.facturacionchile.cl): 1 Time(s)
unknown (profoto.by): 1 Time(s)
unknown (server1.wili.de): 1 Time(s)
unknown (static.161.22.203.116.clients.your-server.de): 1 Time(s)
unknown (wodrd.home.net.pl): 1 Time(s)
uucp (60.29.241.2): 1 Time(s)
www-data (142.93.201.168): 1 Time(s)
www-data (198.144.184.34): 1 Time(s)
www-data (60.11.113.212): 1 Time(s)
Invalid Users:
Unknown Account: 1645 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
9 Miscellaneous warnings
14.814K Bytes accepted 15,170
14.814K Bytes sent via SMTP 15,170
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
2 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
2 Total 4xx Rejects 100.00%
======== ==================================================
53 Connections
14 Connections lost (inbound)
53 Disconnections
1 Removed from queue
1 Sent via SMTP
3 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Network Read Write Errors: 1
Disconnecting after too many authentication failures for user:
invalid : 3 Time(s)
root : 3 Time(s)
Failed logins from:
5.132.115.161 (161-115-132-5.ftth.glasoperator.nl): 2 times
27.111.83.239 (server-x.ipv4.hkg02.ds.network): 1 time
34.68.136.212 (212.136.68.34.bc.googleusercontent.com): 2 times
46.105.244.1: 1 time
49.88.112.54: 6 times
50.67.178.164 (S0106ac202e1dbfb3.va.shawcable.net): 1 time
51.83.72.108 (108.ip-51-83-72.eu): 1 time
51.89.148.180 (180.ip-51-89-148.eu): 1 time
60.11.113.212: 7 times
60.29.241.2: 3 times
62.210.129.207 (62-210-129-207.rev.poneytelecom.eu): 1 time
62.234.109.155: 7 times
67.184.64.224 (c-67-184-64-224.hsd1.il.comcast.net): 1 time
80.58.157.231 (231.red-80-58-157.staticip.rima-tde.net): 1 time
82.209.207.189 (82.209.207.189.ripe.vitebsk.by): 1 time
85.25.185.122 (malta2144.dedicatedpanel.com): 1 time
85.167.33.87 (ti0034a400-1616.bb.online.no): 1 time
89.2.157.138 (ip-138.net-89-2-157.rev.numericable.fr): 2 times
103.17.55.200: 1 time
106.12.181.34: 1 time
106.53.94.190: 1 time
107.13.186.21 (mta-107-13-186-21.nc.rr.com): 1 time
112.85.42.177: 6 times
121.12.151.250: 5 times
121.122.141.49: 2 times
128.199.129.68: 1 time
129.211.117.47: 2 times
142.93.201.168 (209060.cloudwaysapps.com): 1 time
148.70.11.143: 1 time
148.70.62.12: 7 times
157.230.94.157: 3 times
168.128.13.252 (168-128-13-252-eu.mcp-services.net): 2 times
176.31.100.19 (ns388913.ip-176-31-100.eu): 3 times
178.62.33.38: 1 time
180.168.156.210: 1 time
195.29.105.125: 1 time
195.222.163.54: 3 times
198.144.184.34 (198-144-184-34-host.colocrossing.com): 1 time
206.189.39.183 (royalshopwise.com): 4 times
207.154.245.200: 3 times
212.129.52.3 (es20.homesyspro.com): 1 time
213.148.213.99 (ftth-213-148-213-99.fibracat.cat): 5 times
218.92.0.163: 6 times
218.92.0.181: 6 times
220.244.98.26 (220-244-98-26.static.tpgi.com.au): 3 times
223.83.155.77: 3 times
Illegal users from:
undef: 1211 times
5.132.115.161 (161-115-132-5.ftth.glasoperator.nl): 61 times
14.207.43.144 (mx-ll-14.207.43-144.dynamic.3bb.in.th): 1 time
27.111.83.239 (server-x.ipv4.hkg02.ds.network): 18 times
34.68.136.212 (212.136.68.34.bc.googleusercontent.com): 57 times
37.228.139.235 (37.228.139.235.pol.ir): 6 times
40.112.248.127: 1 time
42.159.5.98: 1 time
46.105.244.1: 10 times
49.83.169.172: 5 times
50.67.178.164 (S0106ac202e1dbfb3.va.shawcable.net): 22 times
51.83.72.108 (108.ip-51-83-72.eu): 62 times
51.89.148.180 (180.ip-51-89-148.eu): 8 times
59.148.43.97 (059148043097.ctinets.com): 6 times
60.11.113.212: 59 times
60.29.241.2: 4 times
62.75.150.104 (decker-dent.de): 1 time
62.129.249.194 (wodrd.home.net.pl): 1 time
62.138.144.36 (ds62-138-144-36.dedicated.hosteurope.de): 1 time
62.210.129.207 (62-210-129-207.rev.poneytelecom.eu): 4 times
62.234.109.155: 56 times
77.93.33.212: 16 times
79.137.35.70 (70.ip-79-137-35.eu): 1 time
80.58.157.231 (231.red-80-58-157.staticip.rima-tde.net): 29 times
82.149.162.78 (mail2.bergschneider.de): 7 times
82.220.34.169 (1280.hostserv.eu): 1 time
83.48.29.116 (116.red-83-48-29.staticip.rima-tde.net): 1 time
85.57.27.46 (46.pool85-57-27.dynamic.orange.es): 1 time
85.167.33.87 (ti0034a400-1616.bb.online.no): 6 times
89.2.157.138 (ip-138.net-89-2-157.rev.numericable.fr): 26 times
91.241.59.25: 1 time
92.63.194.26: 2 times
95.249.81.207 (host207-81-dynamic.249-95-r.retail.telecomitalia.it): 2 times
103.17.55.200: 15 times
103.94.5.42: 1 time
103.115.227.18 (host-18.surakarta.go.id): 56 times
106.12.181.34: 52 times
107.13.186.21 (mta-107-13-186-21.nc.rr.com): 34 times
109.234.125.2 (2.125.234.109.in-addr.arpa): 1 time
110.164.205.133 (mx-ll-110.164.205-133.static.3bb.co.th): 1 time
111.230.241.245: 7 times
114.223.49.97 (97.49.223.114.broad.wx.js.dynamic.163data.com.cn): 6 times
115.254.63.52: 1 time
116.203.22.161 (static.161.22.203.116.clients.your-server.de): 1 time
118.200.41.3 (bb118-200-41-3.singnet.com.sg): 1 time
119.81.240.155 (mail.matrixlink.net): 10 times
121.12.151.250: 60 times
121.122.141.49: 47 times
123.20.115.105: 1 time
123.207.99.21: 1 time
129.211.117.47: 43 times
139.162.122.110 (scan-8.security.ipip.net): 1 time
142.93.201.168 (209060.cloudwaysapps.com): 40 times
148.70.11.143: 4 times
148.70.62.12: 55 times
148.72.208.74 (ip-148-72-208-74.ip.secureserver.net): 1 time
157.230.94.157: 61 times
168.128.13.252 (168-128-13-252-eu.mcp-services.net): 53 times
176.31.100.19 (ns388913.ip-176-31-100.eu): 40 times
176.31.250.160 (ns341006.ip-176-31-250.eu): 4 times
177.37.77.64 (177-37-77-64.ultrat.com.br): 1 time
177.47.18.50 (50.18.47.177.static.sp2.alog.com.br): 75 times
178.62.33.38: 33 times
178.124.140.227 (profoto.by): 1 time
180.126.218.124: 6 times
180.168.156.210: 3 times
185.147.80.150 (150-tilogmed-147.reizigersvilla.nl): 1 time
188.165.164.234: 1 time
190.13.128.146 (mail.facturacionchile.cl): 1 time
191.184.203.71 (bfb8cb47.virtua.com.br): 67 times
193.32.163.182 (hosting-by.cloud-home.me): 3 times
193.70.37.140 (140.ip-193-70-37.eu): 1 time
193.192.48.70 (b1.asp.bg): 1 time
195.29.105.125: 7 times
195.167.213.251 (server1.wili.de): 1 time
195.222.163.54: 61 times
198.144.184.34 (198-144-184-34-host.colocrossing.com): 21 times
206.189.39.183 (royalshopwise.com): 62 times
207.154.245.200: 59 times
211.252.19.254: 1 time
212.129.52.3 (es20.homesyspro.com): 61 times
213.146.203.200: 16 times
213.148.213.99 (ftth-213-148-213-99.fibracat.cat): 40 times
220.244.98.26 (220-244-98-26.static.tpgi.com.au): 43 times
222.122.94.10: 3 times
223.83.155.77: 3 times
**Unmatched Entries**
fatal: no matching cipher found: client
aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none
server
aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
[preauth] : 6 time(s)
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) ->
(user,ssh-connection) [preauth] : 2 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 242G 159G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
2214
days inactive
2214
days old
0 comments
1 participants
participants (1)
-
root@zapf.in