################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Mon Mar 4 04:42:03 2024 Date Range Processed: yesterday ( 2024-Mar-03 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 50:48 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Connection attempts using mod_proxy: 90.151.171.106 -> eth0.me:443: 1 Time(s) A total of 8 sites probed the server 161.35.37.161 162.243.134.31 188.166.87.67 195.170.172.128 205.210.31.58 45.95.169.184 65.49.1.29 90.151.171.106 Requests with error response codes 400 Bad Request null: 10 Time(s) /: 9 Time(s) mstshash=Administr: 6 Time(s) 1,: 4 Time(s) (Windows: 2 Time(s) *: 2 Time(s) stager64: 2 Time(s) /.env: 1 Time(s) /favicon.ico: 1 Time(s) 7: 1 Time(s) 8qP\x07\xE1+\x99t\xE3\xC0@\x8E\x926h\xAD#\ ... #\xC0'\x00g\xC0: 1 Time(s) HTTP/1.0: 1 Time(s) \x00\x00BBBB\xBA\x8C\xC1\xABDAAA: 1 Time(s) \x12ky\x18\x22i\xB6z\x8A,\xD7\xB3\x98n\xBD ... x01\x9E\x88\xFC: 1 Time(s) \xC0/\xC00\xC0+\xC0,\xCC\xA8\xCC\xA9\xC0\x ... x09\xC0\x14\xC0: 1 Time(s) eth0.me:443: 1 Time(s) http://eth0.me?Z72378600731Q1: 1 Time(s) 500 Internal Server Error /: 19 Time(s) /.env: 3 Time(s) /.git/config: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /SiteLoader: 1 Time(s) /WuEL: 1 Time(s) /a: 1 Time(s) /actuator/gateway/routes: 1 Time(s) /autodiscover/autodiscover.json?@zdi/Powershell: 1 Time(s) /cgi-bin/login: 1 Time(s) /download/file.ext: 1 Time(s) /ecp/Current/exporttool/microsoft.exchange ... ool.application: 1 Time(s) /favicon.ico: 1 Time(s) /geoserver/web/: 1 Time(s) /mPlayer: 1 Time(s) /webui/: 1 Time(s) 502 Bad Gateway /DJN1EHJMQt-tpE1lNqpnaw/pdf: 1 Time(s) /Reso_DigitalePruefungen/pdf: 1 Time(s) /bibundlern/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (165.22.245.164): 220 Time(s) root (93-178-173-89-dynamic.dk.customer.tdc.net): 49 Time(s) root (165.22.245.164): 26 Time(s) root (218.92.0.28): 18 Time(s) root (218.92.0.33): 18 Time(s) root (218.92.0.40): 18 Time(s) root (218.92.0.47): 18 Time(s) unknown (164.92.133.216): 17 Time(s) root (218.92.0.43): 12 Time(s) root (218.92.0.52): 12 Time(s) root (218.92.0.55): 12 Time(s) unknown (68.183.94.254): 11 Time(s) unknown (62.122.184.252): 7 Time(s) root (110.42.248.198): 6 Time(s) root (121.183.20.170): 6 Time(s) root (124244049012.ctinets.com): 6 Time(s) root (164.92.133.216): 6 Time(s) root (218.158.22.6): 6 Time(s) root (218.92.0.51): 6 Time(s) root (218.92.0.53): 6 Time(s) root (218.92.0.59): 6 Time(s) root (220.77.4.105): 6 Time(s) root (91.205.145.30): 6 Time(s) root (a114143.upc-a.chello.nl): 6 Time(s) root (c-185-45-239-65.customer.ggaweb.ch): 6 Time(s) unknown (185.11.61.88): 6 Time(s) unknown (221.165.136.172): 6 Time(s) root (68.183.94.254): 3 Time(s) unknown (185.196.8.151): 3 Time(s) unknown (2.57.122.127): 3 Time(s) unknown (host-79-26-48-178.retail.telecomitalia.it): 2 Time(s) mysql (165.22.245.164): 1 Time(s) postgres (164.92.133.216): 1 Time(s) root (118.145.151.164): 1 Time(s) root (host-79-26-48-178.retail.telecomitalia.it): 1 Time(s) unknown (61.74.14.153): 1 Time(s) Invalid Users: Unknown Account: 280 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 10.173K Bytes accepted 10,417 663 Bytes sent via SMTP 663 ======== ================================================== 2 Accepted 100.00% -------- -------------------------------------------------- 2 Total 100.00% ======== ================================================== 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 117 Connections 8 Connections lost (inbound) 117 Disconnections 2 Removed from queue 2 Sent via SMTP 2 SMTP dialog errors 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 1 Time(s) root : 28 Time(s) Failed logins from: 62.163.114.143 (a114143.upc-a.chello.nl): 6 times 68.183.94.254: 3 times 79.26.48.178 (host-79-26-48-178.retail.telecomitalia.it): 1 time 91.205.145.30 (vpn.as47923.lancraft.pro): 6 times 93.178.173.89 (93-178-173-89-dynamic.dk.customer.tdc.net): 49 times 110.42.248.198: 6 times 118.145.151.164: 1 time 121.183.20.170: 6 times 124.244.49.12 (124244049012.ctinets.com): 6 times 164.92.133.216: 7 times 165.22.245.164: 27 times 185.45.239.65 (c-185-45-239-65.customer.ggaweb.ch): 6 times 218.92.0.28: 18 times 218.92.0.33: 18 times 218.92.0.40: 18 times 218.92.0.43: 12 times 218.92.0.47: 18 times 218.92.0.51: 6 times 218.92.0.52: 12 times 218.92.0.53: 6 times 218.92.0.55: 12 times 218.92.0.59: 6 times 218.158.22.6: 6 times 220.77.4.105: 6 times Illegal users from: 2001:470:1:c84::18 (scan-08o.shadowserver.org): 1 time undef: 167 times 2.57.122.127: 3 times 61.74.14.153: 5 times 62.122.184.252: 7 times 65.49.1.54 (scan-55c.shadowserver.org): 1 time 68.183.94.254: 11 times 79.26.48.178 (host-79-26-48-178.retail.telecomitalia.it): 3 times 93.178.173.89 (93-178-173-89-dynamic.dk.customer.tdc.net): 19 times 110.42.200.114: 1 time 164.92.133.216: 18 times 165.22.245.164: 220 times 178.88.167.38 (mail.rokor.kz): 6 times 185.11.61.88: 6 times 185.196.8.151: 3 times 221.165.136.172: 6 times **Unmatched Entries** fatal: buffer_get_string: buffer error [preauth] : 2 time(s) error: buffer_get_string_ret: incomplete message [preauth] : 2 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop59766p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################