################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Wed Mar 13 04:42:03 2024 Date Range Processed: yesterday ( 2024-Mar-12 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 2:2 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ Requests with error response codes 400 Bad Request *: 3 Time(s) /bin/zhttpd/${IFS}cd${IFS}/tmp;${IFS}rm${I ... }zyxel.selfrep;: 1 Time(s) \xE2\xDF\x16\xEEF\x02E\x08\x12\xCEj\xB2\xB ... 00l\x00\xBF\xC0: 1 Time(s) 500 Internal Server Error /: 4 Time(s) /.env: 1 Time(s) /?XDEBUG_SESSION_START=phpstorm: 1 Time(s) /actuator/gateway/routes: 1 Time(s) /admin/config.php: 1 Time(s) /client/get_targets: 1 Time(s) 502 Bad Gateway /4KvxGgBKTGWWglSbI0Xg3w/pdf: 1 Time(s) /7mVft8aUS7CAYCnKfmwhIw/pdf: 1 Time(s) /CWNtLmX2SLelz0pnhfcNyA/pdf: 1 Time(s) /OFaX7OVFSXSL7jGHLFF3hQ/pdf: 1 Time(s) /UavHVD8RQBKspC6giVp5ow/pdf: 1 Time(s) /ZAMXk83bREapH1s41rckvg/pdf: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (212.70.149.150): 10 Time(s) unknown (194.169.175.36): 9 Time(s) unknown (85.209.11.254): 7 Time(s) root (66.225.228.166): 6 Time(s) unknown (85.209.11.27): 5 Time(s) unknown (202.165.16.209): 4 Time(s) root (194.169.175.36): 3 Time(s) unknown (141.98.11.179): 3 Time(s) root (212.70.149.150): 2 Time(s) root (85.209.11.254): 2 Time(s) unknown (194.169.175.35): 2 Time(s) unknown (65.20.197.148): 2 Time(s) nobody (141.148.226.227): 1 Time(s) nobody (wsip-184-185-103-69.oc.oc.cox.net): 1 Time(s) postgres (85.209.11.27): 1 Time(s) root (103.58.64.19): 1 Time(s) root (85.209.11.27): 1 Time(s) root (c-73-143-150-28.hsd1.ma.comcast.net): 1 Time(s) unknown (103.157.114.202): 1 Time(s) unknown (103.157.115.162): 1 Time(s) unknown (103.157.115.26): 1 Time(s) unknown (106.12.109.212): 1 Time(s) unknown (110.39.180.190): 1 Time(s) unknown (113.203.193.224): 1 Time(s) unknown (114.203.211.66): 1 Time(s) unknown (115.241.38.14): 1 Time(s) unknown (117.141.32.86): 1 Time(s) unknown (117.2.60.232): 1 Time(s) unknown (118.174.209.17): 1 Time(s) unknown (118.34.117.189): 1 Time(s) unknown (124.106.213.54): 1 Time(s) unknown (149.23.117.254): 1 Time(s) unknown (162.191.182.142): 1 Time(s) unknown (175.206.113.91): 1 Time(s) unknown (190.54.136.86): 1 Time(s) unknown (19010730117.ip71.static.mediacommerce.com.co): 1 Time(s) unknown (36.137.22.65): 1 Time(s) unknown (4.232.161.33): 1 Time(s) unknown (65.20.139.136): 1 Time(s) unknown (65.20.150.90): 1 Time(s) unknown (65.20.156.218): 1 Time(s) unknown (65.20.167.207): 1 Time(s) unknown (65.20.175.221): 1 Time(s) unknown (65.20.237.130): 1 Time(s) unknown (65.20.237.78): 1 Time(s) unknown (94.74.135.156): 1 Time(s) unknown (client-67-58-229-248.consolidated.net): 1 Time(s) unknown (static-188-137-34-72.leon.com.pl): 1 Time(s) unknown (static-201-151-241-182.alestra.net.mx): 1 Time(s) unknown (static.117.173.13.49.clients.your-server.de): 1 Time(s) unknown (ua-84-217-215-241.bbcust.telenor.se): 1 Time(s) uucp (85.209.11.254): 1 Time(s) Invalid Users: Unknown Account: 75 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 1 Miscellaneous warnings 2 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 2 Total 4xx Rejects 100.00% ======== ================================================== 109 Connections 6 Connections lost (inbound) 109 Disconnections 1 SMTP dialog errors 1 SMTP protocol violations ---------------------- Postfix End ------------------------- --------------------- Connections (secure-log) Begin ------------------------ **Unmatched Entries** systemd-logind: New seat seat0.: 1 Time(s) ---------------------- Connections (secure-log) End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ SSHD Started: 2 Time(s) Disconnecting after too many authentication failures for user: root : 1 Time(s) Failed logins from: 66.225.228.166: 6 times 73.143.150.28 (c-73-143-150-28.hsd1.ma.comcast.net): 1 time 85.209.11.27: 2 times 85.209.11.254: 3 times 103.58.64.19: 1 time 141.148.226.227: 1 time 184.185.103.69 (wsip-184-185-103-69.oc.oc.cox.net): 1 time 194.169.175.36: 3 times 212.70.149.150: 2 times Illegal users from: 2001:470:1:332::157 (scan-49p.shadowserver.org): 1 time undef: 28 times 4.232.161.33: 1 time 36.137.22.65: 1 time 43.134.92.151: 1 time 49.13.173.117 (static.117.173.13.49.clients.your-server.de): 1 time 65.20.139.136: 1 time 65.20.150.90: 1 time 65.20.156.218: 1 time 65.20.167.207: 1 time 65.20.175.221: 1 time 65.20.197.148: 2 times 65.20.237.78: 1 time 65.20.237.130: 1 time 67.58.229.248 (client-67-58-229-248.consolidated.net): 1 time 84.217.215.241 (ua-84-217-215-241.bbcust.telenor.se): 1 time 85.209.11.27: 5 times 85.209.11.254: 7 times 94.74.135.156: 1 time 103.157.114.202 (202.114.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.115.26 (26.115.157.103.Ai-bkti-hts.iforte.net.id): 1 time 103.157.115.162 (162.115.157.103.Ai-bkti-hts.iforte.net.id): 1 time 106.12.109.212: 1 time 110.39.180.190 (WGPON-39180-190.wateen.net): 1 time 113.203.193.224: 1 time 114.203.211.66: 1 time 115.241.38.14: 1 time 117.2.60.232 (dynamic-ip-adsl.viettel.vn): 1 time 117.141.32.86: 1 time 118.34.117.189: 1 time 118.174.209.17: 1 time 124.106.213.54: 1 time 141.98.11.179 (srv-141-98-11-179.serveroffer.net): 3 times 149.23.117.254: 1 time 162.191.182.142: 1 time 175.206.113.91: 1 time 188.137.34.72 (static-188-137-34-72.leon.com.pl): 1 time 190.54.136.86 (190.54.136.86.wimax.telmexchile.cl): 1 time 190.107.30.117 (19010730117.ip71.static.mediacommerce.com.co): 1 time 194.169.175.35: 2 times 194.169.175.36: 9 times 201.151.241.182 (static-201-151-241-182.alestra.net.mx): 1 time 202.165.16.209: 4 times 212.70.149.150: 10 times ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/ploop19598p1 394G 243G 132G 65% / none 4.0G 0 4.0G 0% /dev ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################