################### Logwatch 7.4.0 (03/01/11) #################### Processing Initiated: Sun Jun 23 04:42:11 2019 Date Range Processed: yesterday ( 2019-Jun-22 ) Period is day. Detail Level of Output: 0 Type of Output/Format: mail / text Logfiles for Host: h2361197.stratoserver.net ################################################################## --------------------- fail2ban-messages Begin ------------------------ Banned services with Fail2Ban: Bans:Unbans ssh: [ 76:76 ] ---------------------- fail2ban-messages End ------------------------- --------------------- httpd Begin ------------------------ A total of 1 sites probed the server 185.137.233.227 Requests with error response codes 400 Bad Request /socket.io/?noteId=a5Nhb6acTZ-lVJr5F0tbLQ& ... 31VZa9yZU95ABkF: 4 Time(s) mstshash=Administr: 2 Time(s) mstshash=Test: 2 Time(s) /w00tw00t.at.ISC.SANS.DFind:): 1 Time(s) http://110.249.212.46/testget?q=23333&port=80: 1 Time(s) null: 1 Time(s) 403 Forbidden /bp9hE2swRPGQzl3QTwIibg: 4 Time(s) 404 Not Found /robots.txt: 33 Time(s) /berlin/apple-touch-icon.png: 2 Time(s) /sites/default/libraries/elfinder/elfinder.php.html: 2 Time(s) /sites/default/libraries/elfinder/src/elfinder-src.php.html: 2 Time(s) /wp-login.php: 2 Time(s) //blog/wp-login.php: 1 Time(s) //wordpress/wp-login.php: 1 Time(s) //wp/wp-login.php: 1 Time(s) /admin/images/cal_date_over.gif: 1 Time(s) /admin/login.php: 1 Time(s) /fckeditor/editor/filemanager/connectors/p ... .php?Type=Media: 1 Time(s) /protokolle/ergebnisprotokoll_mv_09.06.2017.pdf: 1 Time(s) /reader/1989-wi-berlin.pdf: 1 Time(s) /sites/default/files/Empfehlungen_der_ZaPF ... 7CStellungnahme: 1 Time(s) /templates/system/css/system.css: 1 Time(s) 499 (undefined) /build/index-styles-pack.2c73dce02b1eaa3a3b4e.css: 1 Time(s) /css/font-awesome.min.css: 1 Time(s) 500 Internal Server Error /: 35 Time(s) /HNAP1/: 1 Time(s) /backup/.env: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sshd: Authentication Failures: unknown (14.34.28.131): 18 Time(s) unknown (222.107.26.125): 14 Time(s) unknown (dsl54023e30.fixip.t-online.hu): 14 Time(s) unknown (116.89.53.66): 12 Time(s) unknown (125-227-57-223.hinet-ip.hinet.net): 12 Time(s) unknown (58.59.2.26): 12 Time(s) unknown (96.191.89.79.rev.sfr.net): 12 Time(s) unknown (111.231.87.233): 11 Time(s) unknown (190.193.92.26): 11 Time(s) unknown (97-88-249-182.static.mdsn.wi.charter.com): 10 Time(s) unknown (104.248.117.234): 9 Time(s) unknown (139.59.41.154): 9 Time(s) unknown (139.59.41.6): 9 Time(s) unknown (150.242.99.190): 9 Time(s) unknown (164.132.38.167): 9 Time(s) unknown (202.129.190.2): 9 Time(s) unknown (62.234.108.63): 9 Time(s) unknown (73.ip-54-37-66.eu): 9 Time(s) unknown (donzhd.donbass.com): 9 Time(s) unknown (ip154.ip-66-70-130.net): 9 Time(s) unknown (172-220-009-054.dhcp.chtrptr.net): 8 Time(s) unknown (190.96.49.189): 8 Time(s) unknown (206.189.122.133): 8 Time(s) unknown (106.38.3.253): 7 Time(s) unknown (40.ip-176-31-172.eu): 7 Time(s) root (14.33.133.188): 6 Time(s) root (177.11.46.65): 6 Time(s) root (188.136.205.53): 6 Time(s) root (200.66.125.123): 6 Time(s) root (61.177.172.128): 6 Time(s) unknown (1.63.164.142): 6 Time(s) unknown (14.ip-144-217-4.net): 6 Time(s) unknown (177.94.211.233): 6 Time(s) unknown (207-238-47-212.rev.cloud.scaleway.com): 6 Time(s) unknown (79.89.191.96): 6 Time(s) unknown (host81-130-234-235.in-addr.btopenworld.com): 6 Time(s) unknown (139.199.192.159): 5 Time(s) unknown (189.4.1.12): 3 Time(s) unknown (176-156-92-106.abo.bbox.fr): 2 Time(s) man (14.34.28.131): 1 Time(s) mysql (111.231.87.233): 1 Time(s) mysql (96.191.89.79.rev.sfr.net): 1 Time(s) mysql (97-88-249-182.static.mdsn.wi.charter.com): 1 Time(s) postgres (106.38.3.253): 1 Time(s) postgres (139.199.192.159): 1 Time(s) postgres (206.189.122.133): 1 Time(s) postgres (58.59.2.26): 1 Time(s) postgres (dsl54023e30.fixip.t-online.hu): 1 Time(s) root (172-220-009-054.dhcp.chtrptr.net): 1 Time(s) root (207-238-47-212.rev.cloud.scaleway.com): 1 Time(s) root (218.92.0.167): 1 Time(s) root (218.92.0.181): 1 Time(s) root (42.61.24.202): 1 Time(s) root (58.242.82.13): 1 Time(s) root (dsl54023e30.fixip.t-online.hu): 1 Time(s) temp (190.193.92.26): 1 Time(s) unknown (193.32.163.182): 1 Time(s) unknown (197.50.25.167): 1 Time(s) unknown (51.52.92.120): 1 Time(s) unknown (53.red-80-28-238.staticip.rima-tde.net): 1 Time(s) unknown (78-134-6-82.v4.ngi.it): 1 Time(s) unknown (82.184.14.37.dynamic.jazztel.es): 1 Time(s) unknown (86-42-91-227-dynamic.agg2.ckn.rsl-rtd.eircom.net): 1 Time(s) unknown (92.119.160.80): 1 Time(s) unknown (llamentin-656-1-26-40.w81-248.abo.wanadoo.fr): 1 Time(s) www-data (116.89.53.66): 1 Time(s) www-data (96.191.89.79.rev.sfr.net): 1 Time(s) Invalid Users: Unknown Account: 309 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 27 Miscellaneous warnings 9.948K Bytes accepted 10,187 9.948K Bytes sent via SMTP 10,187 ======== ================================================== 1 Accepted 100.00% -------- -------------------------------------------------- 1 Total 100.00% ======== ================================================== 4 4xx Reject relay denied 100.00% -------- -------------------------------------------------- 4 Total 4xx Rejects 100.00% ======== ================================================== 73 Connections 67 Connections lost (inbound) 73 Disconnections 1 Removed from queue 1 Sent via SMTP 1 Hostname verification errors (FCRDNS) ---------------------- Postfix End ------------------------- --------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------ Large Mailbox threshold: 40MB (41943040 bytes) Warning: Large mailbox: mailman.gz (1747199807) Warning: Large mailbox: mailman (235703599967) ---------------------- sendmail-largeboxes (large mail spool files) End ------------------------- --------------------- SSHD Begin ------------------------ Disconnecting after too many authentication failures for user: invalid : 1 Time(s) root : 5 Time(s) Failed logins from: 14.33.133.188: 6 times 14.34.28.131: 1 time 42.61.24.202: 1 time 58.59.2.26: 1 time 58.242.82.13: 1 time 61.177.172.128: 6 times 79.89.191.96 (96.191.89.79.rev.sfr.net): 2 times 84.2.62.48 (dsl54023E30.fixip.t-online.hu): 2 times 97.88.249.182 (97-88-249-182.static.mdsn.wi.charter.com): 1 time 106.38.3.253: 1 time 111.231.87.233: 1 time 116.89.53.66 (66.53.89.116.starhub.net.sg): 1 time 139.199.192.159: 1 time 172.220.9.54 (172-220-009-054.dhcp.chtrptr.net): 1 time 177.11.46.65 (177-11-46-65.virt.com.br): 6 times 188.136.205.53: 6 times 190.193.92.26 (26-92-193-190.cab.prima.net.ar): 1 time 200.66.125.123: 6 times 206.189.122.133: 1 time 212.47.238.207 (207-238-47-212.rev.cloud.scaleway.com): 1 time 218.92.0.167: 3 times 218.92.0.181: 5 times Illegal users from: undef: 214 times 1.63.164.142: 6 times 5.153.139.114 (donzhd.donbass.com): 9 times 14.34.28.131: 18 times 37.14.184.82 (82.184.14.37.dynamic.jazztel.es): 1 time 51.52.92.120: 1 time 54.37.66.73 (73.ip-54-37-66.eu): 9 times 58.59.2.26: 12 times 62.234.108.63: 9 times 66.70.130.154 (ip154.ip-66-70-130.net): 9 times 78.134.6.82 (78-134-6-82.v4.ngi.it): 1 time 79.89.191.96 (96.191.89.79.rev.sfr.net): 18 times 80.28.238.53 (53.red-80-28-238.staticip.rima-tde.net): 1 time 81.130.234.235 (host81-130-234-235.in-addr.btopenworld.com): 6 times 81.248.6.40 (llamentin-656-1-26-40.w81-248.abo.wanadoo.fr): 1 time 84.2.62.48 (dsl54023E30.fixip.t-online.hu): 14 times 86.42.91.227 (86-42-91-227-dynamic.agg2.ckn.rsl-rtd.eircom.net): 1 time 92.119.160.80: 1 time 97.88.249.182 (97-88-249-182.static.mdsn.wi.charter.com): 10 times 104.248.117.234: 9 times 106.38.3.253: 7 times 111.231.87.233: 11 times 116.89.53.66 (66.53.89.116.starhub.net.sg): 12 times 125.227.57.223 (125-227-57-223.HINET-IP.hinet.net): 12 times 139.59.41.6: 9 times 139.59.41.154: 9 times 139.199.192.159: 5 times 144.217.4.14 (14.ip-144-217-4.net): 6 times 150.242.99.190: 9 times 164.132.38.167: 9 times 172.220.9.54 (172-220-009-054.dhcp.chtrptr.net): 8 times 176.31.172.40 (40.ip-176-31-172.eu): 7 times 176.156.92.106 (176-156-92-106.abo.bbox.fr): 2 times 177.94.211.233 (177-94-211-233.dsl.telesp.net.br): 6 times 189.4.1.12 (bd04010c.ctb.static.virtua.com.br): 3 times 190.96.49.189: 8 times 190.193.92.26 (26-92-193-190.cab.prima.net.ar): 11 times 193.32.163.182 (hosting-by.cloud-home.me): 1 time 197.50.25.167 (host-197.50.25.167.tedata.net): 1 time 202.129.190.2: 9 times 206.189.122.133: 8 times 212.47.238.207 (207-238-47-212.rev.cloud.scaleway.com): 6 times 222.107.26.125: 14 times ---------------------- SSHD End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/vzfs 400G 242G 159G 61% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################