################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Tue Feb 12 04:42:04 2019 Date Range Processed: yesterday ( 2019-Feb-11 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 5:5 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 2 sites probed the server 129.213.21.173 37.115.191.132 Requests with error response codes 400 Bad Request null: 3 Time(s) /: 1 Time(s) /robots.txt: 1 Time(s) http://179.34.176.53:8287/wdy07e260e: 1 Time(s) mstshash=Administr: 1 Time(s) 404 Not Found /robots.txt: 42 Time(s) /wp-login.php: 9 Time(s) /berlin/apple-touch-icon.png: 6 Time(s) /reader/2017_SoSe_Berlin_vorlaeufig.pdf: 3 Time(s) /adminer.php: 2 Time(s) //blog/wp-includes/wlwmanifest.xml: 1 Time(s) //cms/wp-includes/wlwmanifest.xml: 1 Time(s) //site/wp-includes/wlwmanifest.xml: 1 Time(s) //wordpress/wp-includes/wlwmanifest.xml: 1 Time(s) //wp-includes/wlwmanifest.xml: 1 Time(s) //wp/wp-includes/wlwmanifest.xml: 1 Time(s) //xmlrpc.php?rsd: 1 Time(s) /berlin/orientierung/apple-touch-icon.png: 1 Time(s) /favicon.ico: 1 Time(s) /neuigkeiten/einladung-zapf-ws2010: 1 Time(s) /node: 1 Time(s) /resolutionen/sose18/reso_ablaeufe_akkr.pdf: 1 Time(s) /resolutionen/sose18/reso_laender_akkr.pdf: 1 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s) 500 Internal Server Error /: 6 Time(s) 502 Bad Gateway /: 24 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (118.36.32.51): 6 Time(s) root (123.118.107.15): 6 Time(s) root (223.19.178.156): 6 Time(s) unknown (113.195.116.179): 6 Time(s) unknown (14.44.97.171): 6 Time(s) unknown (41.ip-51-254-205.eu): 2 Time(s) unknown (ip565b429b.direct-adsl.nl): 2 Time(s) postgres (181.165.255.200): 1 Time(s) root (119.201.214.130): 1 Time(s) root (host81-136-189-195.in-addr.btopenworld.com): 1 Time(s) unknown (1.236.151.31): 1 Time(s) unknown (104.40.205.172): 1 Time(s) unknown (106.12.205.168): 1 Time(s) unknown (112.196.35.197): 1 Time(s) unknown (122.154.134.38): 1 Time(s) unknown (122.222.192.41.ap.gmobb-fix.jp): 1 Time(s) unknown (128.199.221.163): 1 Time(s) unknown (132.232.103.159): 1 Time(s) unknown (177.206.128.131): 1 Time(s) unknown (177.41.113.57.dynamic.adsl.gvt.net.br): 1 Time(s) unknown (185.244.25.227): 1 Time(s) unknown (188.166.237.191): 1 Time(s) unknown (197.248.62.114): 1 Time(s) unknown (200.69.250.253): 1 Time(s) unknown (203.190.53.10): 1 Time(s) unknown (210.183.236.30): 1 Time(s) unknown (213.8.182.122): 1 Time(s) unknown (36.67.59.193): 1 Time(s) unknown (88.214.26.49): 1 Time(s) unknown (espeed17-84.brunet.bn): 1 Time(s) unknown (host-109-89-36-91.dynamic.voo.be): 1 Time(s) unknown (ns3016508.ip-51-254-47.eu): 1 Time(s) Invalid Users: Unknown Account: 38 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 88 Miscellaneous warnings 8.333K Bytes accepted 8,533 8.333K Bytes sent via SMTP 8,533 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 3 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 3 Total 4xx Rejects 100.00% ======== ================================================== 269 Connections 193 Connections lost (inbound) 269 Disconnections 1 Removed from queue 1 Sent via SMTP 2 SMTP dialog errors ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 2 Time(s) root : 3 Time(s) Failed logins from: 81.136.189.195 (host81-136-189-195.in-addr.btopenworld.com): 1 time 118.36.32.51: 6 times 119.201.214.130: 1 time 123.118.107.15: 6 times 181.165.255.200 (200-255-165-181.fibertel.com.ar): 1 time 223.19.178.156 (156-178-19-223-on-nets.com): 6 times Illegal users from: undef: 19 times 1.236.151.31: 1 time 14.44.97.171: 6 times 36.67.59.193: 1 time 51.254.47.198 (ns3016508.ip-51-254-47.eu): 1 time 51.254.205.41 (41.ip-51-254-205.eu): 2 times 86.91.66.155 (ip565b429b.direct-adsl.nl): 2 times 88.214.26.49 (hostby.fcloud.biz): 1 time 104.40.205.172: 1 time 106.12.205.168: 1 time 109.89.36.91 (host-109-89-36-91.dynamic.voo.be): 1 time 112.196.35.197: 1 time 113.195.116.179 (179.116.195.113.adsl-pool.jx.chinaunicom.com): 6 times 122.154.134.38: 1 time 122.222.192.41 (122.222.192.41.ap.gmobb-fix.jp): 1 time 128.199.221.163: 1 time 132.232.103.159: 1 time 177.41.113.57 (177.41.113.57.dynamic.adsl.gvt.net.br): 1 time 177.206.128.131 (177.206.128.131.static.gvt.net.br): 1 time 185.244.25.227: 1 time 188.166.237.191: 1 time 197.248.62.114 (197-248-62-114.safaricombusiness.co.ke): 1 time 200.69.250.253 (customer-static-250-253.iplannetworks.net): 1 time 202.160.17.84 (espeed17-84.brunet.bn): 1 time 203.190.53.10: 1 time 210.183.236.30: 1 time 213.8.182.122 (122.182.8.213.static.012.net.il): 1 time **Unmatched Entries** Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################