[Sysadmin] LogWatch for tempest
root
root at tempest.evolt.org
Sun Apr 6 06:25:43 CDT 2008
################### LogWatch 5.2.2 (06/23/04) ####################
Processing Initiated: Sun Apr 6 06:25:22 2008
Date Range Processed: yesterday
Detail Level of Output: 10
Logfiles for Host: tempest
################################################################
--------------------- Cron Begin ------------------------
Commands Run:
User dkaufman:
/bin/date > $HOME/date.txt: 1440 Time(s)
User dmah:
/home/dmah/bin/article_reminder.pl: 1 Time(s)
/home/dmah/bin/comment_reminder.pl: 1 Time(s)
User mailman:
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/checkdbs: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/disabled: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/gate_news: 288 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/nightly_gzip: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/senddigests: 1 Time(s)
User root:
run-parts --report /etc/cron.hourly: 24 Time(s)
[ -d /var/lib/php4 ] && find /var/lib/php4/ -type f -cmin +$(/usr/lib/php4/maxlifetime) -print0 | xargs -r -0 rm: 48 Time(s)
/store/host/browsers.evolt.org/mkarchivesize: 1 Time(s)
/usr/bin/freshclam --quiet -l /var/log/clam-update.log: 1 Time(s)
/usr/local/bin/planetupdate 1>/dev/null 2>&1: 24 Time(s)
/usr/sbin/ntpdate -su us.pool.ntp.org us.pool.ntp.org: 1 Time(s)
/var/qmail/bin/qmailstats 1>/dev/null 2>/dev/null: 1 Time(s)
if [ -x /usr/bin/vnstat ] && [ `ls /var/lib/vnstat/ | wc -l` -ge 1 ]; then /usr/bin/vnstat -u; fi: 288 Time(s)
test -x /usr/sbin/anacron || run-parts --report /etc/cron.daily: 1 Time(s)
test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt: 1 Time(s)
wget -O - -q http://evolt.org/cron.php: 72 Time(s)
User www-data:
[ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.conf -a -r /var/log/apache/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=awstats -update >/dev/null: 144 Time(s)
---------------------- Cron End -------------------------
--------------------- EXIM Begin ------------------------
--- Messages history ---
-MsgID: 1Ji8iB-0002X5-00:
2008-04-05 08:54:10 <= root at tempest.evolt.org U=root P=local S=837
2008-04-05 08:59:11 SMTP timeout while connected to lists.evolt.org [67.19.100.195] after initial connection: Connection timed out
2008-04-05 08:59:12 == root at lists.evolt.org <root at tempest.evolt.org> T=local_smtp defer (110): Connection timed out: SMTP timeout while connected to lists.evolt.org [67.19.100.195] after initial connection
2008-04-05 08:59:12 failed to open DB file /var/spool/exim/db/retry: File exists
2 messages delivered immediately to 2 total recipients
---------------------- EXIM End -------------------------
--------------------- httpd Begin ------------------------
1.92 MB transfered in 563 responses (1xx 0, 2xx 104, 3xx 19, 4xx 440, 5xx 0)
48 Images (0.01 MB),
8 Documents (0.00 MB),
377 Content pages (1.51 MB),
21 Program source files (0.17 MB),
109 Other (0.22 MB)
Attempts to use 1 known hacks were logged 43 time(s)
phpmyadmin by
213.123.219.34 43 time(s)
A total of 1 sites probed the server
213.123.219.34
A total of 44 unidentified 'other' records logged
GET /dshadovi/traffic.cfm HTTP/1.0 with response code(s) 1 404 responses
GET /turkif HTTP/1.0 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/print.module?r1=1.5&r2=1.6 HTTP/1.0 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/grabbag/steeringcheck/.cvsignore?logsort=date HTTP/1.1 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/print.module?rev=1.25&sortby=log&view=log HTTP/1.0 with response code(s) 1 200 responses
GET /jeff/code/character_converting_textarea.cfm HTTP/1.0 with response code(s) 1 404 responses
GET /signup.cfm HTTP/1.1 with response code(s) 3 404 responses
GET /liorean HTTP/1.1 with response code(s) 2 404 responses
GET /jeff/yahoo.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/rollover_n_click/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /dshadovi HTTP/1.0 with response code(s) 1 404 responses
GET /dmah HTTP/1.0 with response code(s) 1 404 responses
GET /jeff/code/dhtml_form_rollover/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1 with response code(s) 6 400 responses
GET /cgi-bin/viewcvs.cgi/noc/favicon.ico?rev=1.1&sortdir=down&view=log HTTP/1.0 with response code(s) 1 200 responses
GET /burhankhalid/index.rdf HTTP/1.1 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/grabbag/steeringcheck/.cvsignore HTTP/1.1 with response code(s) 1 200 responses
GET /dave/EvoltCon2 HTTP/1.0 with response code(s) 1 404 responses
GET /dshadovi/traffic.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /djc/stdio/index.cfm/daddy/show/mommy/94 HTTP/1.0 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/print.module?rev=1.25&r1=1.6&view=log HTTP/1.0 with response code(s) 1 200 responses
GET /simonc/php/bookmarklet.phps HTTP/1.0 with response code(s) 1 404 responses
GET /jeff/code/rank_select.cfm HTTP/1.0 with response code(s) 1 404 responses
GET /rss/articles.rss HTTP/1.0 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/print.module?rev=1.3&view=markup HTTP/1.0 with response code(s) 1 200 responses
GET /mantruc/blog HTTP/1.0 with response code(s) 3 404 responses
GET /cgi-bin/viewcvs.cgi/weo_html/evoltorg.psd HTTP/1.1 with response code(s) 1 200 responses
GET /jeff/code/preload_n_rollover/index.cfm HTTP/1.0 with response code(s) 1 404 responses
- with response code(s) 50 408 responses
GET /mwarden/weblog HTTP/1.0 with response code(s) 1 404 responses
GET /jeff/code/js_url_variables/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/beo_ng/mkarchivesize?rev=1.12 HTTP/1.0 with response code(s) 5 200 responses
GET /twitch/folio HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/preload_n_rollover HTTP/1.1 with response code(s) 3 404 responses
GET /jeff/code/user_defined_colors.cfm HTTP/1.0 with response code(s) 1 404 responses
GET /jeff/code/select_keydown.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /arijit HTTP/1.1 with response code(s) 1 404 responses
GET /stone HTTP/1.0 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/Attic/square-bullet.psd?annotate=1.1 HTTP/1.0 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/Attic/evoltorg.psd?rev=1.2&content-type=text/vnd.viewcvs-markup HTTP/1.0 with response code(s) 1 200 responses
GET /jeff/code/checkbox_check_all.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /garrett/site/books/factual HTTP/1.1 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/grabbag/steeringcheck/.cvsignore?logsort=date&rev=1.1&view=markup HTTP/1.1 with response code(s) 1 200 responses
GET /turkif HTTP/1.1 with response code(s) 1 404 responses
A total of 11 ROBOTS were logged
Mozilla/5.0 (compatible; Ask Jeeves/Teoma; +http://about.ask.com/en/docs/about/webmasters.shtml) 2 time(s)
Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) 49 time(s)
Mozilla/5.0 (compatible; Charlotte/1.0b; http://www.searchme.com/support/) 3 time(s)
WebAlta Crawler/2.0 (http://www.webalta.net/ru/about_webmaster.html) (Windows; U; Windows NT 5.1; ru-RU) 1 time(s)
Mozilla/5.0 (compatible; BecomeBot/3.0; +http://www.become.com/site_owners.html) 1 time(s)
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) 4 time(s)
Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1) VoilaBot BETA 1.2 (http://www.voila.com/) 1 time(s)
msnbot-media/1.0 (+http://search.msn.com/msnbot.htm) 4 time(s)
larbin_2.6.3 (larbin2.6.3 at unspecified.mail) 1 time(s)
Grub/2.0 (Grub.org crawler; http://www.grub.org/; bot at grub.org) 1 time(s)
msnbot/1.1 (+http://search.msn.com/msnbot.htm) 10 time(s)
---------------------- httpd End -------------------------
--------------------- Kernel Begin ------------------------
1 Time(s): NET: 10 messages suppressed.
1 Time(s): NET: 109 messages suppressed.
2 Time(s): NET: 12 messages suppressed.
3 Time(s): NET: 13 messages suppressed.
2 Time(s): NET: 14 messages suppressed.
2 Time(s): NET: 15 messages suppressed.
1 Time(s): NET: 17 messages suppressed.
2 Time(s): NET: 18 messages suppressed.
3 Time(s): NET: 19 messages suppressed.
2 Time(s): NET: 20 messages suppressed.
2 Time(s): NET: 21 messages suppressed.
1 Time(s): NET: 22 messages suppressed.
1 Time(s): NET: 23 messages suppressed.
1 Time(s): NET: 24 messages suppressed.
3 Time(s): NET: 25 messages suppressed.
2 Time(s): NET: 26 messages suppressed.
1 Time(s): NET: 27 messages suppressed.
1 Time(s): NET: 28 messages suppressed.
2 Time(s): NET: 29 messages suppressed.
1 Time(s): NET: 30 messages suppressed.
1 Time(s): NET: 34 messages suppressed.
1 Time(s): NET: 35 messages suppressed.
1 Time(s): NET: 36 messages suppressed.
3 Time(s): NET: 38 messages suppressed.
1 Time(s): NET: 39 messages suppressed.
1 Time(s): NET: 40 messages suppressed.
1 Time(s): NET: 42 messages suppressed.
1 Time(s): NET: 44 messages suppressed.
2 Time(s): NET: 47 messages suppressed.
2 Time(s): NET: 49 messages suppressed.
1 Time(s): NET: 51 messages suppressed.
1 Time(s): NET: 53 messages suppressed.
1 Time(s): NET: 54 messages suppressed.
1 Time(s): NET: 55 messages suppressed.
1 Time(s): NET: 56 messages suppressed.
1 Time(s): NET: 57 messages suppressed.
1 Time(s): NET: 6 messages suppressed.
1 Time(s): NET: 61 messages suppressed.
1 Time(s): NET: 68 messages suppressed.
3 Time(s): NET: 7 messages suppressed.
1 Time(s): NET: 70 messages suppressed.
1 Time(s): NET: 71 messages suppressed.
1 Time(s): NET: 76 messages suppressed.
1 Time(s): NET: 77 messages suppressed.
1 Time(s): NET: 79 messages suppressed.
1 Time(s): NET: 80 messages suppressed.
1 Time(s): NET: 81 messages suppressed.
3 Time(s): NET: 89 messages suppressed.
1 Time(s): NET: 9 messages suppressed.
1 Time(s): NET: 91 messages suppressed.
1 Time(s): NET: 94 messages suppressed.
1 Time(s): NET: 99 messages suppressed.
1 Time(s): TCP: drop open request from 124.147.38.125/36911
1 Time(s): TCP: drop open request from 124.166.214.182/4247
1 Time(s): TCP: drop open request from 125.134.149.140/42353
1 Time(s): TCP: drop open request from 141.156.108.23/55999
1 Time(s): TCP: drop open request from 142.46.210.178/49919
1 Time(s): TCP: drop open request from 143.90.14.69/33975
1 Time(s): TCP: drop open request from 146.145.124.170/55535
1 Time(s): TCP: drop open request from 150.215.214.50/64282
1 Time(s): TCP: drop open request from 190.2.1.10/53213
1 Time(s): TCP: drop open request from 193.45.10.11/4793
1 Time(s): TCP: drop open request from 193.92.92.41/36793
1 Time(s): TCP: drop open request from 194.176.176.103/3163
1 Time(s): TCP: drop open request from 194.206.163.37/4690
1 Time(s): TCP: drop open request from 194.246.101.37/60283
1 Time(s): TCP: drop open request from 195.120.201.123/61978
1 Time(s): TCP: drop open request from 195.140.44.133/49025
1 Time(s): TCP: drop open request from 195.41.178.3/2433
1 Time(s): TCP: drop open request from 195.64.165.44/38813
1 Time(s): TCP: drop open request from 198.67.36.148/1592
1 Time(s): TCP: drop open request from 200.182.248.25/36059
1 Time(s): TCP: drop open request from 200.47.30.42/3778
1 Time(s): TCP: drop open request from 201.38.48.2/55756
1 Time(s): TCP: drop open request from 202.157.176.220/38321
1 Time(s): TCP: drop open request from 202.164.191.158/2424
1 Time(s): TCP: drop open request from 202.164.191.158/3021
1 Time(s): TCP: drop open request from 202.220.160.66/56115
1 Time(s): TCP: drop open request from 202.248.38.241/54836
1 Time(s): TCP: drop open request from 202.254.11.2/56772
1 Time(s): TCP: drop open request from 202.34.151.2/46025
1 Time(s): TCP: drop open request from 202.35.192.26/7383
1 Time(s): TCP: drop open request from 203.139.204.126/19810
1 Time(s): TCP: drop open request from 203.152.109.159/12528
1 Time(s): TCP: drop open request from 203.216.227.56/26476
1 Time(s): TCP: drop open request from 205.179.55.210/36038
1 Time(s): TCP: drop open request from 205.201.164.114/44183
1 Time(s): TCP: drop open request from 206.230.16.10/13878
1 Time(s): TCP: drop open request from 207.219.200.2/31008
1 Time(s): TCP: drop open request from 208.7.93.4/58594
1 Time(s): TCP: drop open request from 209.133.73.198/59302
1 Time(s): TCP: drop open request from 209.85.24.178/50076
1 Time(s): TCP: drop open request from 210.143.109.217/46791
1 Time(s): TCP: drop open request from 210.147.8.10/38191
1 Time(s): TCP: drop open request from 210.165.9.35/28938
1 Time(s): TCP: drop open request from 210.175.129.87/51506
1 Time(s): TCP: drop open request from 210.233.65.144/42230
1 Time(s): TCP: drop open request from 210.239.141.202/43788
1 Time(s): TCP: drop open request from 211.124.126.7/58274
1 Time(s): TCP: drop open request from 211.147.225.119/1197
1 Time(s): TCP: drop open request from 211.147.6.141/40136
1 Time(s): TCP: drop open request from 212.124.193.60/56539
1 Time(s): TCP: drop open request from 213.33.87.8/23975
1 Time(s): TCP: drop open request from 216.127.47.132/3985
1 Time(s): TCP: drop open request from 216.254.136.21/44569
1 Time(s): TCP: drop open request from 216.54.214.150/21172
1 Time(s): TCP: drop open request from 216.54.214.150/22148
1 Time(s): TCP: drop open request from 216.54.97.86/33685
1 Time(s): TCP: drop open request from 217.145.112.73/48872
1 Time(s): TCP: drop open request from 217.151.0.56/3735
1 Time(s): TCP: drop open request from 217.200.184.87/11874
1 Time(s): TCP: drop open request from 218.45.4.117/2307
1 Time(s): TCP: drop open request from 219.166.226.210/1862
1 Time(s): TCP: drop open request from 219.99.208.223/51099
1 Time(s): TCP: drop open request from 59.87.93.88/53477
1 Time(s): TCP: drop open request from 61.120.104.178/61538
1 Time(s): TCP: drop open request from 61.152.107.109/1753
1 Time(s): TCP: drop open request from 61.152.94.167/3981
1 Time(s): TCP: drop open request from 61.187.51.36/19558
1 Time(s): TCP: drop open request from 61.236.145.197/1298
1 Time(s): TCP: drop open request from 62.151.11.207/34363
1 Time(s): TCP: drop open request from 62.193.206.8/39009
1 Time(s): TCP: drop open request from 62.249.206.178/8366
1 Time(s): TCP: drop open request from 62.40.155.61/45461
1 Time(s): TCP: drop open request from 63.118.171.179/36489
1 Time(s): TCP: drop open request from 63.123.252.6/45666
1 Time(s): TCP: drop open request from 63.139.98.46/54207
1 Time(s): TCP: drop open request from 63.192.50.52/17960
1 Time(s): TCP: drop open request from 63.231.122.49/2741
1 Time(s): TCP: drop open request from 63.97.177.6/49508
1 Time(s): TCP: drop open request from 64.3.247.178/4228
1 Time(s): TCP: drop open request from 64.56.103.102/58691
1 Time(s): TCP: drop open request from 65.54.246.92/42567
1 Time(s): TCP: drop open request from 65.83.4.162/39751
1 Time(s): TCP: drop open request from 65.89.75.194/35692
1 Time(s): TCP: drop open request from 66.142.250.98/64745
1 Time(s): TCP: drop open request from 66.189.46.178/53542
1 Time(s): TCP: drop open request from 66.246.246.83/50921
1 Time(s): TCP: drop open request from 67.88.67.51/53755
1 Time(s): TCP: drop open request from 67.93.244.82/20044
1 Time(s): TCP: drop open request from 68.165.162.164/41032
1 Time(s): TCP: drop open request from 68.178.13.174/9120
1 Time(s): TCP: drop open request from 69.18.32.34/40190
1 Time(s): TCP: drop open request from 69.63.218.218/19198
1 Time(s): TCP: drop open request from 70.86.205.130/60887
1 Time(s): TCP: drop open request from 72.158.220.66/43473
1 Time(s): TCP: drop open request from 74.187.62.202/56592
1 Time(s): TCP: drop open request from 75.126.227.114/41940
1 Time(s): TCP: drop open request from 80.105.121.49/33408
1 Time(s): TCP: drop open request from 80.18.82.43/41691
1 Time(s): TCP: drop open request from 80.193.130.154/5151
1 Time(s): TCP: drop open request from 80.254.183.210/28221
1 Time(s): TCP: drop open request from 80.36.200.19/36050
1 Time(s): TCP: drop open request from 81.29.232.43/64063
1 Time(s): TCP: drop open request from 82.138.76.76/2685
1 Time(s): TCP: drop open request from 82.179.244.140/1756
1 Time(s): TCP: drop open request from 85.88.224.75/48633
1 Time(s): TCP: drop open request from 86.152.214.140/61444
1 Time(s): TCP: drop open request from 88.48.232.192/17864
1 Time(s): TCP: drop open request from 89.19.7.250/2158
1 Time(s): TCP: drop open request from 89.97.226.38/64176
1 Time(s): UDP: bad checksum. From 12.96.160.115:53 to 67.19.100.194:55071 ulen 39
1 Time(s): UDP: short packet: 12.96.160.115:53 158/142 to 67.19.100.194:54324
1 Time(s): UDP: short packet: 12.96.160.115:53 159/143 to 67.19.100.194:46904
1 Time(s): UDP: short packet: 12.96.160.115:53 159/143 to 67.19.100.194:48576
1 Time(s): UDP: short packet: 12.96.160.115:53 178/162 to 67.19.100.194:64715
1 Time(s): UDP: short packet: 12.96.160.115:53 183/167 to 67.19.100.194:64715
1 Time(s): UDP: short packet: 12.96.160.115:53 208/192 to 67.19.100.194:48849
1 Time(s): UDP: short packet: 12.96.160.115:53 213/197 to 67.19.100.194:36090
1 Time(s): UDP: short packet: 12.96.160.115:53 213/197 to 67.19.100.194:40423
1 Time(s): UDP: short packet: 12.96.160.115:53 213/197 to 67.19.100.194:50063
1 Time(s): UDP: short packet: 12.96.160.115:53 222/206 to 67.19.100.194:52032
1 Time(s): UDP: short packet: 12.96.160.115:53 272/256 to 67.19.100.194:45830
1 Time(s): UDP: short packet: 12.96.160.115:53 308/292 to 67.19.100.194:42932
1 Time(s): UDP: short packet: 12.96.160.115:53 313/297 to 67.19.100.194:56626
1 Time(s): UDP: short packet: 12.96.160.115:53 315/299 to 67.19.100.194:60812
1 Time(s): UDP: short packet: 12.96.160.115:53 414/398 to 67.19.100.194:51377
1 Time(s): UDP: short packet: 12.96.160.115:53 414/398 to 67.19.100.194:58908
1 Time(s): UDP: short packet: 12.96.160.115:53 530/514 to 67.19.100.194:34806
1 Time(s): UDP: short packet: 12.96.160.115:53 530/514 to 67.19.100.194:53431
1 Time(s): device eth0 entered promiscuous mode
1 Time(s): device eth0 left promiscuous mode
1 Time(s): sending pkt_too_big (len[1500] pmtu[1454]) to self
2 Time(s): sending pkt_too_big (len[1500] pmtu[1496]) to self
---------------------- Kernel End -------------------------
--------------------- pam_unix Begin ------------------------
cron:
Sessions Opened:
dkaufman: 1440 Time(s)
root: 462 Time(s)
mailman: 292 Time(s)
www-data: 144 Time(s)
dmah: 2 Time(s)
sshd:
Authentication Failures:
dmah (s010600c049d9e99b.cg.shawcable.net): 1 Time(s)
Sessions Opened:
dmah: 3 Time(s)
su:
Sessions Opened:
dmah(uid=0) -> root: 3 Time(s)
(uid=0) -> nobody: 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- sendmail Begin ------------------------
ERROR: Could not open /etc/mail/local-host-names
ERROR: Could not open /etc/mail/access
Message Size Distribution:
Range # Msgs KBytes
0 - 10k 0 0
10k - 20k 0 0
20k - 50k 0 0
50k - 100k 0 0
100k - 500k 0 0
500k - 1Mb 0 0
1Mb - 2Mb 0 0
2Mb - 5Mb 0 0
5Mb - 10Mb 0 0
10Mb+ 0 0
----------------------------------
TOTAL 0 0
---------------------- sendmail End -------------------------
--------------------- SSHD Begin ------------------------
Didn't receive an ident from these IPs:
192.108.38.242: 7 Time(s)
218.93.143.5: 6 Time(s)
85.185.166.4: 1 Time(s)
intranet.grupomarta.com (201.199.194.10): 5 Time(s)
sd-11572.dedibox.fr (88.191.62.151): 1 Time(s)
Failed logins from these:
administrator/password from 218.93.143.5: 2 Time(s)
alias/password from 192.108.38.242: 5 Time(s)
amanda/password from 218.93.143.5: 5 Time(s)
angela/password from 88.191.62.151: 1 Time(s)
belinda/password from 88.191.62.151: 1 Time(s)
bonnie/password from 218.93.143.5: 5 Time(s)
clasic/password from 218.93.143.5: 5 Time(s)
cyrus/password from 192.108.38.242: 5 Time(s)
david/password from 218.93.143.5: 1 Time(s)
escola/password from 88.191.62.151: 1 Time(s)
gault/password from 88.191.62.151: 1 Time(s)
griselda/password from 88.191.62.151: 1 Time(s)
invite/password from 88.191.62.151: 1 Time(s)
iris/password from 218.93.143.5: 5 Time(s)
jamy/password from 218.93.143.5: 5 Time(s)
julio/password from 88.191.62.151: 1 Time(s)
michael/password from 192.108.38.242: 1 Time(s)
nathalie/password from 88.191.62.151: 1 Time(s)
office/password from 192.108.38.242: 5 Time(s)
oracle/password from 192.108.38.242: 4 Time(s)
recruit/password from 192.108.38.242: 5 Time(s)
rhousand/password from 88.191.62.151: 1 Time(s)
root/password from 201.199.194.10: 127 Time(s)
root/password from 85.185.166.4: 35 Time(s)
root/password from 88.191.62.151: 12 Time(s)
sales/password from 192.108.38.242: 5 Time(s)
samba/password from 192.108.38.242: 5 Time(s)
service/password from 88.191.62.151: 2 Time(s)
spam/password from 192.108.38.242: 5 Time(s)
sparky/password from 218.93.143.5: 5 Time(s)
staff/password from 192.108.38.242: 5 Time(s)
student/password from 88.191.62.151: 3 Time(s)
sysop/password from 88.191.62.151: 1 Time(s)
tomcat/password from 192.108.38.242: 5 Time(s)
tomcat/password from 88.191.62.151: 1 Time(s)
virus/password from 192.108.38.242: 5 Time(s)
wayne/password from 88.191.62.151: 5 Time(s)
webadmin/password from 192.108.38.242: 5 Time(s)
webcam/password from 88.191.62.151: 1 Time(s)
Illegal users from these:
administrator/none from 218.93.143.5: 2 Time(s)
administrator/password from 218.93.143.5: 2 Time(s)
alias/password from 192.108.38.242: 5 Time(s)
amanda/none from 218.93.143.5: 5 Time(s)
amanda/password from 218.93.143.5: 5 Time(s)
angela/none from 88.191.62.151: 1 Time(s)
angela/password from 88.191.62.151: 1 Time(s)
belinda/none from 88.191.62.151: 1 Time(s)
belinda/password from 88.191.62.151: 1 Time(s)
bonnie/none from 218.93.143.5: 5 Time(s)
bonnie/password from 218.93.143.5: 5 Time(s)
clasic/none from 218.93.143.5: 5 Time(s)
clasic/password from 218.93.143.5: 5 Time(s)
cyrus/none from 192.108.38.242: 5 Time(s)
cyrus/password from 192.108.38.242: 5 Time(s)
david/none from 218.93.143.5: 1 Time(s)
david/password from 218.93.143.5: 1 Time(s)
escola/none from 88.191.62.151: 1 Time(s)
escola/password from 88.191.62.151: 1 Time(s)
gault/none from 88.191.62.151: 1 Time(s)
gault/password from 88.191.62.151: 1 Time(s)
griselda/none from 88.191.62.151: 1 Time(s)
griselda/password from 88.191.62.151: 1 Time(s)
invite/none from 88.191.62.151: 1 Time(s)
invite/password from 88.191.62.151: 1 Time(s)
iris/none from 218.93.143.5: 5 Time(s)
iris/password from 218.93.143.5: 5 Time(s)
jamy/none from 218.93.143.5: 5 Time(s)
jamy/password from 218.93.143.5: 5 Time(s)
julio/none from 88.191.62.151: 1 Time(s)
julio/password from 88.191.62.151: 1 Time(s)
michael/none from 192.108.38.242: 1 Time(s)
michael/password from 192.108.38.242: 1 Time(s)
nathalie/none from 88.191.62.151: 1 Time(s)
nathalie/password from 88.191.62.151: 1 Time(s)
office/none from 192.108.38.242: 5 Time(s)
office/password from 192.108.38.242: 5 Time(s)
oracle/none from 192.108.38.242: 4 Time(s)
oracle/password from 192.108.38.242: 4 Time(s)
recruit/none from 192.108.38.242: 5 Time(s)
recruit/password from 192.108.38.242: 5 Time(s)
rhousand/none from 88.191.62.151: 1 Time(s)
rhousand/password from 88.191.62.151: 1 Time(s)
sales/none from 192.108.38.242: 5 Time(s)
sales/password from 192.108.38.242: 5 Time(s)
samba/none from 192.108.38.242: 5 Time(s)
samba/password from 192.108.38.242: 5 Time(s)
service/none from 88.191.62.151: 2 Time(s)
service/password from 88.191.62.151: 2 Time(s)
spam/none from 192.108.38.242: 5 Time(s)
spam/password from 192.108.38.242: 5 Time(s)
sparky/none from 218.93.143.5: 5 Time(s)
sparky/password from 218.93.143.5: 5 Time(s)
staff/none from 192.108.38.242: 5 Time(s)
staff/password from 192.108.38.242: 5 Time(s)
student/none from 88.191.62.151: 3 Time(s)
student/password from 88.191.62.151: 3 Time(s)
sysop/none from 88.191.62.151: 1 Time(s)
sysop/password from 88.191.62.151: 1 Time(s)
tomcat/none from 192.108.38.242: 5 Time(s)
tomcat/none from 88.191.62.151: 1 Time(s)
tomcat/password from 192.108.38.242: 5 Time(s)
tomcat/password from 88.191.62.151: 1 Time(s)
virus/none from 192.108.38.242: 5 Time(s)
virus/password from 192.108.38.242: 5 Time(s)
wayne/none from 88.191.62.151: 5 Time(s)
wayne/password from 88.191.62.151: 5 Time(s)
webadmin/none from 192.108.38.242: 5 Time(s)
webadmin/password from 192.108.38.242: 5 Time(s)
webcam/none from 88.191.62.151: 1 Time(s)
webcam/password from 88.191.62.151: 1 Time(s)
User login attempt failed because:
shell /sbin/nologin does not exist:
alias : 5 Time(s)
Users logging in through sshd:
dmah:
S010600c049d9e99b.cg.shawcable.net (70.73.105.151): 3 times
Error in PAM authentication:
Authentication failure for dmah from s010600c049d9e99b.cg.shawcable.net : 1 Time(s)
**Unmatched Entries**
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
---------------------- SSHD End -------------------------
--------------------- Sudo (secure-log) Begin ------------------------
==============================================================================
dmah => root
------------------------------------------------------------------------------
/bin/su -
/bin/su -
/bin/su -
---------------------- Sudo (secure-log) End -------------------------
--------------------- Syslogd Begin ------------------------
Syslogd started 1 Time(s)
---------------------- Syslogd End -------------------------
------------------ Disk Space --------------------
/dev/hda3 72G 27G 41G 40% /
/dev/hda1 92M 6.3M 81M 8% /boot
###################### LogWatch End #########################
More information about the Sysadmin
mailing list