################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Wed Jan 30 04:42:04 2019 Date Range Processed: yesterday ( 2019-Jan-29 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 5:5 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 2 sites probed the server 128.199.55.98 207.154.220.54 Requests with error response codes 400 Bad Request mstshash=Administr: 2 Time(s) null: 2 Time(s) /: 1 Time(s) /robots.txt: 1 Time(s) 404 Not Found /robots.txt: 32 Time(s) /.git/config: 2 Time(s) /oauth/errors?error=invalid_request&error_ ... t_id+parameter.: 2 Time(s) /wp-login.php: 2 Time(s) /.well-known/apple-app-site-association: 1 Time(s) /apple-app-site-association: 1 Time(s) /reader/2017_SoSe_Berlin_vorlaeufig.pdf: 1 Time(s) /zapf/geschaeftsordnung: 1 Time(s) 500 Internal Server Error /: 5 Time(s) //libs/js/iframe.js: 2 Time(s) 502 Bad Gateway /: 24 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: root (46.187.6.92): 6 Time(s) root (77.222.18.184): 6 Time(s) root (84.23.42.189): 6 Time(s) root (c-71-198-140-17.hsd1.ca.comcast.net): 6 Time(s) unknown (61.182.226.162): 3 Time(s) root (61.182.226.162): 2 Time(s) root (68.183.231.192): 2 Time(s) unknown (148.101.140.238): 2 Time(s) unknown (177.81.55.167): 2 Time(s) unknown (93-50-125-249.ip152.fastwebnet.it): 2 Time(s) unknown (b9168eee.cgn.dg-w.de): 2 Time(s) root (51.15.117.77): 1 Time(s) root (87.228.111.210): 1 Time(s) unknown (113.172.57.57): 1 Time(s) unknown (123.16.25.239): 1 Time(s) unknown (16.ip-51-254-208.eu): 1 Time(s) unknown (185.244.25.198): 1 Time(s) unknown (87.228.111.210): 1 Time(s) unknown (88.214.26.49): 1 Time(s) unknown (ns3016508.ip-51-254-47.eu): 1 Time(s) Invalid Users: Unknown Account: 21 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 166 Miscellaneous warnings 7.065K Bytes accepted 7,235 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 5 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 5 Total 4xx Rejects 100.00% ======== ================================================== 174 Connections 167 Connections lost (inbound) 174 Disconnections 1 Removed from queue 7 Deferred 128 Deferrals 1 Expired and returned to sender 1 Notifications sent 128 Connection failures (outbound) 1 Timeouts (inbound) 1 SMTP dialog errors ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: root : 4 Time(s) Failed logins from: 46.187.6.92 (static-46-187-6-92.netbynet.ru): 6 times 51.15.117.77 (77-117-15-51.rev.cloud.scaleway.com): 1 time 61.182.226.162: 2 times 68.183.231.192: 2 times 71.198.140.17 (c-71-198-140-17.hsd1.ca.comcast.net): 6 times 77.222.18.184 (adsl-lns6-l696.crnagora.net): 6 times 84.23.42.189: 6 times 87.228.111.210: 3 times Illegal users from: undef: 9 times 51.254.47.198 (ns3016508.ip-51-254-47.eu): 1 time 51.254.208.16 (16.ip-51-254-208.eu): 1 time 61.182.226.162: 3 times 87.228.111.210: 4 times 88.214.26.49: 1 time 93.50.125.249 (93-50-125-249.ip152.fastwebnet.it): 2 times 113.172.57.57 (static.vnpt.vn): 1 time 123.16.25.239 (static.vnpt.vn): 1 time 148.101.140.238 (238.140.101.148.d.dyn.claro.net.do): 2 times 177.81.55.167 (b15137a7.virtua.com.br): 2 times 185.22.142.238 (b9168eee.cgn.dg-w.de): 2 times 185.244.25.198: 1 time **Unmatched Entries** Disconnecting: Change of username or service not allowed: (admin,ssh-connection) -> (user,ssh-connection) [preauth] : 1 time(s) fatal: no matching cipher found: client aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,twofish-cbc,arcfour server aes128-ctr,aes192-ctr,aes256-ctr,aes128-gcm@openssh.com,aes256-gcm@openssh.com,chacha20-poly1305@openssh.com [preauth] : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 241G 160G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################