################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sat Dec 7 04:42:03 2019 Date Range Processed: yesterday ( 2019-Dec-06 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [280:281] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 5 sites probed the server 107.172.94.68 167.71.119.44 167.99.187.122 61.219.11.153 66.240.205.34 Requests with error response codes 400 Bad Request null: 8 Time(s) mstshash=Administr: 6 Time(s) /socket.io/?noteId=Dvll-V5GR7CGvuqIIyKt1g& ... 78z_wpZEZd8AAIJ: 3 Time(s) /: 1 Time(s) /setup.cgi?next_file=netgear.cfg&todo=sysc ... ntsetting.htm=1: 1 Time(s) \xB9\xDB\x0CEN#5h[\xE4\xC5\x16\xF7wBr=\xB1: 1 Time(s) 403 Forbidden /resolutionen/: 1 Time(s) /resolutionen/sose17/gesellschaftlich_verantwortung/: 1 Time(s) /resolutionen/wise17/Zwangsexmatrikulation/: 1 Time(s) 404 Not Found /robots.txt: 44 Time(s) /berlin/apple-touch-icon.png: 10 Time(s) /protokolle/Protokoll_MV_12.11.2016.pdf: 2 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 2 Time(s) /home/zapf: 1 Time(s) /neuigkeiten/einladung-mgv-ss2011: 1 Time(s) /protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s) /user/login: 1 Time(s) /verein/satzung/%7CSatzung: 1 Time(s) /zapf/reader/2018_WiSe_Wuerzburg.pdf: 1 Time(s) 413 Request Entity Too Large /msdn.cpp: 1 Time(s) 499 (undefined) /apple-touch-icon.png: 6 Time(s) /build/font-pack.2c73dce02b1eaa3a3b4e.css: 3 Time(s) /favicon.png: 3 Time(s) /build/emojify.js/dist/css/basic/emojify.min.css: 2 Time(s) /build/index-styles-pack.2c73dce02b1eaa3a3b4e.css: 2 Time(s) /build/MathJax/jax/output/HTML-CSS/jax.js?V=2.7.1: 1 Time(s) /build/cover-styles-pack.2c73dce02b1eaa3a3b4e.css: 1 Time(s) /build/cover.2c73dce02b1eaa3a3b4e.css: 1 Time(s) /build/index.2c73dce02b1eaa3a3b4e.css: 1 Time(s) /fonts/SourceCodePro-Regular.woff: 1 Time(s) /fonts/SourceSansPro-Regular.woff: 1 Time(s) /socket.io/?noteId=Dvll-V5GR7CGvuqIIyKt1g& ... aEbj6Kbwm3XAAIQ: 1 Time(s) 500 Internal Server Error /: 143 Time(s) /upgrade.aspx?a1=a51599c6: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (222.186.169.192): 48 Time(s) root (112.85.42.178): 47 Time(s) root (218.92.0.175): 47 Time(s) root (218.92.0.182): 47 Time(s) root (222.186.173.142): 47 Time(s) root (222.186.175.182): 47 Time(s) root (218.92.0.170): 42 Time(s) root (222.186.169.194): 42 Time(s) root (222.186.173.183): 42 Time(s) root (222.186.175.161): 42 Time(s) root (222.186.180.6): 42 Time(s) root (222.186.180.8): 42 Time(s) root (222.186.175.150): 36 Time(s) root (222.186.175.169): 36 Time(s) root (222.186.175.181): 35 Time(s) root (222.186.175.151): 33 Time(s) root (222.186.180.9): 31 Time(s) root (112.85.42.177): 30 Time(s) root (218.92.0.158): 30 Time(s) root (218.92.0.181): 30 Time(s) root (222.186.175.140): 30 Time(s) root (222.186.175.163): 30 Time(s) root (222.186.175.220): 30 Time(s) root (222.186.42.4): 30 Time(s) root (49.88.112.58): 30 Time(s) root (218.92.0.135): 29 Time(s) root (222.186.190.92): 29 Time(s) root (222.186.173.226): 25 Time(s) root (112.85.42.171): 24 Time(s) root (218.92.0.141): 24 Time(s) root (218.92.0.193): 24 Time(s) root (222.186.173.180): 24 Time(s) root (222.186.175.147): 24 Time(s) root (222.186.175.148): 24 Time(s) root (222.186.175.155): 24 Time(s) root (222.186.175.215): 24 Time(s) root (222.186.175.217): 24 Time(s) root (222.186.180.17): 24 Time(s) root (222.186.180.223): 24 Time(s) root (218.92.0.155): 23 Time(s) root (222.186.175.183): 22 Time(s) root (112.85.42.175): 18 Time(s) root (112.85.42.180): 18 Time(s) root (112.85.42.182): 18 Time(s) root (218.92.0.145): 18 Time(s) root (218.92.0.178): 18 Time(s) root (218.92.0.212): 18 Time(s) root (222.186.173.154): 18 Time(s) root (222.186.175.167): 18 Time(s) root (222.186.175.202): 18 Time(s) root (222.186.175.216): 18 Time(s) root (49.88.112.55): 18 Time(s) root (61.177.172.128): 18 Time(s) root (218.92.0.179): 17 Time(s) root (222.186.180.147): 14 Time(s) root (112.85.42.176): 12 Time(s) root (218.92.0.134): 12 Time(s) root (218.92.0.139): 12 Time(s) root (222.186.173.215): 12 Time(s) root (222.186.173.238): 12 Time(s) root (222.186.175.154): 12 Time(s) root (222.186.180.41): 12 Time(s) root (222.186.190.2): 12 Time(s) root (218.92.0.131): 11 Time(s) root (112.85.42.173): 6 Time(s) root (112.85.42.179): 6 Time(s) root (218.92.0.148): 6 Time(s) root (218.92.0.176): 6 Time(s) root (222.186.175.212): 6 Time(s) root (broadband-37-110-104-212.ip.moscow.rt.ru): 6 Time(s) root (112.85.42.174): 5 Time(s) unknown (ip5b432bb6.dynamic.kabel-deutschland.de): 4 Time(s) unknown (nlcrpi8921.rit.edu): 4 Time(s) unknown (185.249.151.43): 2 Time(s) unknown (p5deb691e.dip0.t-ipconnect.de): 2 Time(s) postgres (121.142.111.114): 1 Time(s) postgres (179.108.126.114): 1 Time(s) root (122.51.23.79): 1 Time(s) root (45.55.157.147): 1 Time(s) root (49.15.237.253): 1 Time(s) unknown (103.41.24.45): 1 Time(s) unknown (106.13.37.61): 1 Time(s) unknown (110.77.246.237): 1 Time(s) unknown (117.211.50.171): 1 Time(s) unknown (117.215.8.144): 1 Time(s) unknown (120.85.207.67): 1 Time(s) unknown (121.142.111.114): 1 Time(s) unknown (123.20.50.69): 1 Time(s) unknown (125.165.63.62): 1 Time(s) unknown (138.197.105.79): 1 Time(s) unknown (197.232.56.157): 1 Time(s) unknown (36.66.156.125): 1 Time(s) unknown (39.41.34.22): 1 Time(s) unknown (39.62.163.21): 1 Time(s) unknown (45.123.92.113): 1 Time(s) unknown (45.249.82.227): 1 Time(s) unknown (89.189.154.66.dynamic.ufanet.ru): 1 Time(s) unknown (96.43.180.117): 1 Time(s) unknown (anon-61-239.vpn.ipredator.se): 1 Time(s) unknown (ip-104-238-116-19.ip.secureserver.net): 1 Time(s) unknown (mail.bidakarahotel.com): 1 Time(s) unknown (maildc1519218994.mihandns.com): 1 Time(s) unknown (ns3075683.ip-217-182-194.eu): 1 Time(s) Invalid Users: Unknown Account: 35 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 11 Miscellaneous warnings 14.748K Bytes accepted 15,102 14.748K Bytes sent via SMTP 15,102 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 80 Connections 74 Connections lost (inbound) 80 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Timeouts (inbound) 8 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 288 Time(s) Failed logins from: 37.110.104.212 (broadband-37-110-104-212.ip.moscow.rt.ru): 6 times 45.55.157.147: 1 time 49.15.237.253: 1 time 49.88.112.55: 18 times 49.88.112.58: 30 times 61.177.172.128: 18 times 112.85.42.171: 24 times 112.85.42.173: 6 times 112.85.42.174: 5 times 112.85.42.175: 18 times 112.85.42.176: 12 times 112.85.42.177: 30 times 112.85.42.178: 47 times 112.85.42.179: 6 times 112.85.42.180: 18 times 112.85.42.182: 18 times 121.142.111.114: 1 time 122.51.23.79: 1 time 179.108.126.114 (static-179-108-126-114.optitel.net.br): 1 time 218.92.0.131: 11 times 218.92.0.134: 12 times 218.92.0.135: 29 times 218.92.0.139: 12 times 218.92.0.141: 24 times 218.92.0.145: 18 times 218.92.0.148: 6 times 218.92.0.155: 23 times 218.92.0.158: 30 times 218.92.0.170: 42 times 218.92.0.175: 47 times 218.92.0.176: 6 times 218.92.0.178: 18 times 218.92.0.179: 17 times 218.92.0.181: 30 times 218.92.0.182: 47 times 218.92.0.193: 24 times 218.92.0.212: 18 times 222.186.42.4: 30 times 222.186.169.192: 48 times 222.186.169.194: 42 times 222.186.173.142: 47 times 222.186.173.154: 18 times 222.186.173.180: 24 times 222.186.173.183: 42 times 222.186.173.215: 12 times 222.186.173.226: 27 times 222.186.173.238: 12 times 222.186.175.140: 30 times 222.186.175.147: 24 times 222.186.175.148: 24 times 222.186.175.150: 36 times 222.186.175.151: 36 times 222.186.175.154: 12 times 222.186.175.155: 24 times 222.186.175.161: 42 times 222.186.175.163: 30 times 222.186.175.167: 18 times 222.186.175.169: 36 times 222.186.175.181: 35 times 222.186.175.182: 47 times 222.186.175.183: 24 times 222.186.175.202: 18 times 222.186.175.212: 6 times 222.186.175.215: 24 times 222.186.175.216: 18 times 222.186.175.217: 24 times 222.186.175.220: 30 times 222.186.180.6: 42 times 222.186.180.8: 42 times 222.186.180.9: 31 times 222.186.180.17: 24 times 222.186.180.41: 12 times 222.186.180.147: 18 times 222.186.180.223: 24 times 222.186.190.2: 12 times 222.186.190.92: 29 times Illegal users from: undef: 19 times 36.66.156.125: 1 time 39.41.34.22: 1 time 39.62.163.21: 1 time 45.123.92.113 (45.123.92.113.soipl.co.in): 1 time 45.249.82.227 (node-45-249-82-227.alliancebroadband.in): 1 time 46.246.61.239 (anon-61-239.vpn.ipredator.se): 1 time 89.42.209.7 (maildc1519218994.mihandns.com): 1 time 89.189.154.66 (89.189.154.66.dynamic.ufanet.ru): 1 time 91.67.43.182 (ip5b432bb6.dynamic.kabel-deutschland.de): 4 times 93.235.105.30 (p5DEB691E.dip0.t-ipconnect.de): 2 times 96.43.180.117: 1 time 103.41.24.45 (45.24.41.103.netplus.co.in): 1 time 104.238.116.19 (ip-104-238-116-19.ip.secureserver.net): 1 time 106.13.37.61: 1 time 110.77.246.237: 1 time 117.211.50.171: 1 time 117.215.8.144: 1 time 120.85.207.67: 1 time 121.142.111.114: 1 time 123.20.50.69: 1 time 125.165.63.62: 1 time 129.21.67.167 (nlcrpi8921.rit.edu): 4 times 138.197.105.79: 1 time 182.16.179.70 (mail.bidakarahotel.com): 1 time 185.249.151.43: 2 times 197.232.56.157: 1 time 217.182.194.95 (ns3075683.ip-217-182-194.eu): 1 time **Unmatched Entries** error: Received disconnect from 141.98.10.39: 2: Handshake failed [preauth] : 1 time(s) fatal: no matching cipher found: client aes256-cbc,rijndael-cbc(a)lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 5 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################