04:42
################### Logwatch 7.4.0 (03/01/11) ####################
Processing Initiated: Sun Sep 22 04:42:15 2019
Date Range Processed: yesterday
( 2019-Sep-21 )
Period is day.
Detail Level of Output: 0
Type of Output/Format: mail / text
Logfiles for Host: h2361197.stratoserver.net
##################################################################
--------------------- fail2ban-messages Begin ------------------------
Banned services with Fail2Ban: Bans:Unbans
ssh: [445:446]
---------------------- fail2ban-messages End -------------------------
--------------------- httpd Begin ------------------------
Requests with error response codes
400 Bad Request
../../mnt/custom/ProductDefinition: 4 Time(s)
mstshash=Administr: 3 Time(s)
/: 2 Time(s)
7: 1 Time(s)
404 Not Found
/robots.txt: 32 Time(s)
/berlin/apple-touch-icon.png: 8 Time(s)
/wp-login.php: 3 Time(s)
/2019/wp-login.php: 1 Time(s)
/berlin/exkursionen/apple-touch-icon.png: 1 Time(s)
/berlin/orientierung/apple-touch-icon.png: 1 Time(s)
/blog/wp-login.php: 1 Time(s)
/reader/2016_sose_konstanz_lang.pdf: 1 Time(s)
/resolutionen/sose17/gesellschaftlich_vera ... wantwortung.pdf: 1 Time(s)
/sites/default/files/2004_WiSe_Hamburg.pdf: 1 Time(s)
/sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s)
/test/wp-login.php: 1 Time(s)
/wordpress/wp-login.php: 1 Time(s)
/wp/wp-login.php: 1 Time(s)
/zapf/reader/%7CTagungsreader: 1 Time(s)
500 Internal Server Error
/: 86 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (93.95.56.130): 96 Time(s)
unknown (173.248.242.25): 90 Time(s)
unknown (122.161.192.206): 88 Time(s)
unknown (177.73.140.66): 78 Time(s)
unknown (6.ip-51-254-205.eu): 73 Time(s)
unknown (101.68.70.14): 71 Time(s)
unknown (159.65.155.227): 66 Time(s)
unknown (ns3026767.ip-94-23-215.eu): 63 Time(s)
unknown (206.81.18.66): 62 Time(s)
unknown (243.ip-37-59-99.eu): 62 Time(s)
unknown (78.101.164.87): 62 Time(s)
unknown (115.159.214.247): 61 Time(s)
unknown (147.red-83-48-89.staticip.rima-tde.net): 61 Time(s)
unknown (154.8.232.205): 61 Time(s)
unknown (45.80.65.35): 61 Time(s)
unknown (142.93.232.222): 60 Time(s)
unknown (159.89.174.192): 60 Time(s)
unknown (94.6.219.175): 60 Time(s)
unknown (146.0.209.72): 58 Time(s)
unknown (41.76.169.43): 56 Time(s)
unknown (93.189.149.248): 56 Time(s)
unknown (83.167.87.198): 53 Time(s)
unknown (182.76.158.114): 52 Time(s)
unknown (140.143.206.137): 49 Time(s)
unknown (211.144.114.26): 48 Time(s)
unknown (94.231.120.189): 47 Time(s)
unknown (106.12.198.232): 44 Time(s)
unknown (62.4.23.104): 39 Time(s)
unknown (66.ip-54-37-68.eu): 39 Time(s)
unknown (static-94-247-216-178.glattnet.ch): 38 Time(s)
unknown (160.ip-51-83-73.eu): 36 Time(s)
unknown (129.211.10.228): 34 Time(s)
unknown (59.41.158.194): 29 Time(s)
unknown (pc-29-116-101-190.cm.vtr.net): 27 Time(s)
unknown (79.119.105.189): 21 Time(s)
unknown (62.234.154.64): 19 Time(s)
unknown (162.ip-37-187-192.eu): 17 Time(s)
unknown (129.213.100.212): 16 Time(s)
unknown (179.108.105.151): 16 Time(s)
unknown (212.64.94.179): 16 Time(s)
unknown (95-28-18-56.broadband.corbina.ru): 16 Time(s)
unknown (49.235.36.51): 15 Time(s)
unknown (mgt.pnu.ac.th): 12 Time(s)
unknown (legolas.kodewave.com): 11 Time(s)
unknown (178.128.107.61): 8 Time(s)
root (112.85.42.180): 6 Time(s)
root (122.161.192.206): 6 Time(s)
root (218.92.0.182): 6 Time(s)
root (218.92.0.193): 6 Time(s)
root (221.231.95.45): 6 Time(s)
root (27.210.143.2): 6 Time(s)
unknown (109.133.164.224): 6 Time(s)
unknown (61.183.35.44): 6 Time(s)
root (159.89.174.192): 5 Time(s)
unknown (121.130.93.250): 5 Time(s)
root (154.8.232.205): 4 Time(s)
root (173.248.242.25): 4 Time(s)
root (182.76.158.114): 4 Time(s)
root (243.ip-37-59-99.eu): 4 Time(s)
root (6.ip-51-254-205.eu): 4 Time(s)
root (pc-29-116-101-190.cm.vtr.net): 4 Time(s)
unknown (121.136.167.50): 4 Time(s)
root (106.12.198.232): 3 Time(s)
root (140.143.206.137): 3 Time(s)
root (146.0.209.72): 3 Time(s)
root (212.64.94.179): 3 Time(s)
root (94.6.219.175): 3 Time(s)
unknown (193.32.163.182): 3 Time(s)
unknown (95.58.194.141): 3 Time(s)
unknown (ool-addccea2.static.optonline.net): 3 Time(s)
root (101.68.70.14): 2 Time(s)
root (142.93.232.222): 2 Time(s)
root (179.108.105.151): 2 Time(s)
root (211.144.114.26): 2 Time(s)
root (41.76.169.43): 2 Time(s)
root (45.80.65.35): 2 Time(s)
root (59.41.158.194): 2 Time(s)
root (62.4.23.104): 2 Time(s)
root (66.ip-54-37-68.eu): 2 Time(s)
root (93.95.56.130): 2 Time(s)
root (ns3026767.ip-94-23-215.eu): 2 Time(s)
temp (129.211.10.228): 2 Time(s)
unknown (130.61.122.5): 2 Time(s)
unknown (207.237.204.11): 2 Time(s)
unknown (92.63.194.26): 2 Time(s)
unknown (host-177-185-219-7.globonet.net.br): 2 Time(s)
unknown (ool-2f168746.static.optonline.net): 2 Time(s)
backup (182.76.158.114): 1 Time(s)
backup (243.ip-37-59-99.eu): 1 Time(s)
backup (62.234.154.64): 1 Time(s)
bin (212.64.94.179): 1 Time(s)
daemon (177.73.140.66): 1 Time(s)
games (62.4.23.104): 1 Time(s)
gnats (162.ip-37-187-192.eu): 1 Time(s)
mail (212.64.94.179): 1 Time(s)
mailman (122.161.192.206): 1 Time(s)
mysql (101.68.70.14): 1 Time(s)
mysql (140.143.206.137): 1 Time(s)
mysql (146.0.209.72): 1 Time(s)
mysql (177.73.140.66): 1 Time(s)
mysql (182.76.158.114): 1 Time(s)
nobody (122.161.192.206): 1 Time(s)
nobody (94.6.219.175): 1 Time(s)
postgres (112.112.7.202): 1 Time(s)
postgres (146.0.209.72): 1 Time(s)
postgres (62.4.23.104): 1 Time(s)
postgres (95-28-18-56.broadband.corbina.ru): 1 Time(s)
proxy (173.248.242.25): 1 Time(s)
root (129.211.10.228): 1 Time(s)
root (129.213.100.212): 1 Time(s)
root (162.ip-37-187-192.eu): 1 Time(s)
root (206.81.18.66): 1 Time(s)
root (61.183.35.44): 1 Time(s)
root (78.101.164.87): 1 Time(s)
root (79.119.105.189): 1 Time(s)
root (83.167.87.198): 1 Time(s)
root (94.231.120.189): 1 Time(s)
root (95-28-18-56.broadband.corbina.ru): 1 Time(s)
root (static-100-37-253-46.nycmny.fios.verizon.net): 1 Time(s)
root (static-94-247-216-178.glattnet.ch): 1 Time(s)
smmsp (101.68.70.14): 1 Time(s)
sshd (179.108.105.151): 1 Time(s)
sshd (243.ip-37-59-99.eu): 1 Time(s)
sshd (45.80.65.35): 1 Time(s)
sync (154.8.232.205): 1 Time(s)
temp (142.93.232.222): 1 Time(s)
temp (154.8.232.205): 1 Time(s)
temp (211.144.114.26): 1 Time(s)
temp (42.104.97.228): 1 Time(s)
temp (static-94-247-216-178.glattnet.ch): 1 Time(s)
unknown (109.86.184.239): 1 Time(s)
unknown (119.ip-51-83-76.eu): 1 Time(s)
unknown (128.199.173.127): 1 Time(s)
unknown (142.93.117.249): 1 Time(s)
unknown (156.202.20.94): 1 Time(s)
unknown (178.128.144.227): 1 Time(s)
unknown (187-162-137-19.static.axtel.net): 1 Time(s)
unknown (203.110.166.51): 1 Time(s)
unknown (51.15.182.231): 1 Time(s)
unknown (77.139.0.204): 1 Time(s)
unknown (80.211.113.144): 1 Time(s)
unknown (82.209.235.178): 1 Time(s)
unknown (88.198.43.229): 1 Time(s)
unknown (91.126.53.221): 1 Time(s)
unknown (mail.digitalindulgences.com): 1 Time(s)
unknown (mx-ll-183.89.226-153.dynamic.3bb.co.th): 1 Time(s)
unknown (static-100-37-253-46.nycmny.fios.verizon.net): 1 Time(s)
uucp (154.8.232.205): 1 Time(s)
uucp (62.234.154.64): 1 Time(s)
www-data (115.159.214.247): 1 Time(s)
www-data (206.81.18.66): 1 Time(s)
Invalid Users:
Unknown Account: 2164 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
105 Miscellaneous warnings
21.533K Bytes accepted 22,050
21.533K Bytes sent via SMTP 22,050
======== ==================================================
1 Accepted 100.00%
-------- --------------------------------------------------
1 Total 100.00%
======== ==================================================
6 4xx Reject relay denied 100.00%
-------- --------------------------------------------------
6 Total 4xx Rejects 100.00%
======== ==================================================
235 Connections
138 Connections lost (inbound)
235 Disconnections
1 Removed from queue
1 Sent via SMTP
3 Hostname verification errors (FCRDNS)
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: mailman.gz (1747199807)
Warning: Large mailbox: mailman (235703599967)
---------------------- sendmail-largeboxes (large mail spool files) End
-------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
root : 5 Time(s)
Failed logins from:
27.210.143.2: 6 times
37.59.99.243 (243.ip-37-59-99.eu): 6 times
37.187.192.162 (162.ip-37-187-192.eu): 2 times
41.76.169.43: 2 times
42.104.97.228: 1 time
45.80.65.35: 3 times
51.254.205.6 (6.ip-51-254-205.eu): 4 times
54.37.68.66 (66.ip-54-37-68.eu): 2 times
59.41.158.194: 2 times
61.183.35.44: 1 time
62.4.23.104: 4 times
62.234.154.64: 2 times
78.101.164.87: 1 time
79.119.105.189 (79-119-105-189.rdsnet.ro): 1 time
83.167.87.198: 1 time
93.95.56.130: 2 times
94.6.219.175 (5e06dbaf.bb.sky.com): 4 times
94.23.215.90 (ns3026767.ip-94-23-215.eu): 2 times
94.231.120.189 (dhcp-dynamic-94-231-120-189.broadband.nlink.ru): 1 time
94.247.216.178 (static-94-247-216-178.glattnet.ch): 2 times
95.28.18.56 (95-28-18-56.broadband.corbina.ru): 2 times
100.37.253.46 (static-100-37-253-46.nycmny.fios.verizon.net): 1 time
101.68.70.14: 4 times
106.12.198.232: 3 times
112.85.42.180: 6 times
112.112.7.202: 1 time
115.159.214.247: 1 time
122.161.192.206 (abts-north-static-206.192.161.122-airtelbroadband.in): 8 times
129.211.10.228: 3 times
129.213.100.212: 1 time
140.143.206.137: 4 times
142.93.232.222: 3 times
146.0.209.72: 5 times
154.8.232.205: 7 times
159.89.174.192: 5 times
173.248.242.25 (173-248-242-025.static.imsbiz.com): 5 times
177.73.140.66: 2 times
179.108.105.151 (static-179-108-105-151.optitel.net.br): 3 times
182.76.158.114 (nsg-static-114.158.76.182-airtel.com): 6 times
190.101.116.29 (pc-29-116-101-190.cm.vtr.net): 4 times
206.81.18.66: 2 times
211.144.114.26: 3 times
212.64.94.179: 5 times
218.92.0.182: 6 times
218.92.0.193: 6 times
221.231.95.45: 6 times
Illegal users from:
undef: 1534 times
37.59.99.243 (243.ip-37-59-99.eu): 62 times
37.187.192.162 (162.ip-37-187-192.eu): 17 times
41.76.169.43: 56 times
45.80.65.35: 61 times
47.22.135.70 (ool-2f168746.static.optonline.net): 2 times
49.235.36.51: 15 times
51.15.182.231 (51-15-182-231.rev.poneytelecom.eu): 1 time
51.83.73.160 (160.ip-51-83-73.eu): 36 times
51.83.76.119 (119.ip-51-83-76.eu): 1 time
51.254.205.6 (6.ip-51-254-205.eu): 73 times
54.37.68.66 (66.ip-54-37-68.eu): 39 times
59.41.158.194: 29 times
61.183.35.44: 6 times
62.4.23.104: 39 times
62.234.154.64: 19 times
77.139.0.204: 1 time
78.101.164.87: 62 times
79.119.105.189 (79-119-105-189.rdsnet.ro): 21 times
80.211.113.144 (host144-113-211-80.serverdedicati.aruba.it): 1 time
82.209.235.178: 1 time
83.48.89.147 (147.red-83-48-89.staticip.rima-tde.net): 61 times
83.167.87.198: 53 times
88.198.43.229 (crabhost.ru): 1 time
91.126.53.221 (cli-5b7e35dd.wholesale.adamo.es): 1 time
92.63.194.26: 2 times
93.95.56.130: 96 times
93.189.149.248 (host-149-248.iqdata.center): 56 times
94.6.219.175 (5e06dbaf.bb.sky.com): 60 times
94.23.215.90 (ns3026767.ip-94-23-215.eu): 63 times
94.231.120.189 (dhcp-dynamic-94-231-120-189.broadband.nlink.ru): 47 times
94.247.216.178 (static-94-247-216-178.glattnet.ch): 38 times
95.28.18.56 (95-28-18-56.broadband.corbina.ru): 16 times
95.58.194.141 (95.58.194.141.megaline.telecom.kz): 3 times
100.37.253.46 (static-100-37-253-46.nycmny.fios.verizon.net): 1 time
101.68.70.14: 71 times
104.248.150.150 (legolas.kodewave.com): 11 times
106.12.198.232: 44 times
109.86.184.239 (239.184.86.109.triolan.net): 1 time
109.133.164.224 (224.164-133-109.adsl-dyn.isp.belgacom.be): 6 times
115.159.214.247: 61 times
121.130.93.250: 5 times
121.136.167.50: 4 times
122.161.192.206 (abts-north-static-206.192.161.122-airtelbroadband.in): 88 times
128.199.173.127: 1 time
129.211.10.228: 34 times
129.213.100.212: 16 times
130.61.122.5: 2 times
139.162.122.110 (scan-8.security.ipip.net): 1 time
140.143.206.137: 49 times
142.93.117.249: 1 time
142.93.232.222: 60 times
146.0.209.72: 58 times
154.8.232.205: 61 times
156.202.20.94 (host-156.202.94.20-static.tedata.net): 1 time
157.230.6.42 (mail.digitalindulgences.com): 1 time
159.65.155.227: 66 times
159.89.174.192: 60 times
173.220.206.162 (ool-addccea2.static.optonline.net): 3 times
173.248.242.25 (173-248-242-025.static.imsbiz.com): 90 times
177.73.140.66: 78 times
177.185.219.7 (host-177-185-219-7.globonet.net.br): 2 times
178.128.107.61: 8 times
178.128.144.227: 1 time
179.108.105.151 (static-179-108-105-151.optitel.net.br): 16 times
182.76.158.114 (nsg-static-114.158.76.182-airtel.com): 52 times
183.89.226.153 (mx-ll-183.89.226-153.dynamic.3bb.co.th): 1 time
187.162.137.19 (187-162-137-19.static.axtel.net): 1 time
190.101.116.29 (pc-29-116-101-190.cm.vtr.net): 27 times
193.32.163.182 (hosting-by.cloud-home.me): 3 times
202.29.70.42 (mgt.pnu.ac.th): 12 times
203.110.166.51: 1 time
206.81.18.66: 62 times
207.237.204.11 (static.rcn.com): 2 times
211.144.114.26: 48 times
212.64.94.179: 16 times
**Unmatched Entries**
Disconnecting: Change of username or service not allowed: (admin,ssh-connection) ->
(user,ssh-connection) [preauth] : 3 time(s)
fatal: no matching cipher found: client
aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none
server
aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com
[preauth] : 3 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/vzfs 400G 242G 159G 61% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
2221
days inactive
2221
days old
0 comments
1 participants
participants (1)
-
root@zapf.in