[Sysadmin] LogWatch for tempest
root
root at tempest.evolt.org
Fri Jan 18 06:25:25 CST 2008
################### LogWatch 5.2.2 (06/23/04) ####################
Processing Initiated: Fri Jan 18 06:25:14 2008
Date Range Processed: yesterday
Detail Level of Output: 10
Logfiles for Host: tempest
################################################################
--------------------- Cron Begin ------------------------
Commands Run:
User dkaufman:
/bin/date > $HOME/date.txt: 1440 Time(s)
User dmah:
/home/dmah/bin/article_reminder.pl: 1 Time(s)
/home/dmah/bin/comment_reminder.pl: 1 Time(s)
User mailman:
/home/mailman/bin/discardbysubj.pl: 24 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/checkdbs: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/disabled: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/gate_news: 288 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/nightly_gzip: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/senddigests: 1 Time(s)
User root:
run-parts --report /etc/cron.hourly: 24 Time(s)
[ -d /var/lib/php4 ] && find /var/lib/php4/ -type f -cmin +$(/usr/lib/php4/maxlifetime) -print0 | xargs -r -0 rm: 48 Time(s)
/store/host/browsers.evolt.org/mkarchivesize: 1 Time(s)
/usr/bin/freshclam --quiet -l /var/log/clam-update.log: 1 Time(s)
/usr/local/bin/planetupdate 1>/dev/null 2>&1: 24 Time(s)
/usr/sbin/ntpdate -su us.pool.ntp.org us.pool.ntp.org: 1 Time(s)
/var/qmail/bin/qmailstats 1>/dev/null 2>/dev/null: 1 Time(s)
if [ -x /usr/bin/vnstat ] && [ `ls /var/lib/vnstat/ | wc -l` -ge 1 ]; then /usr/bin/vnstat -u; fi: 288 Time(s)
test -x /usr/sbin/anacron || run-parts --report /etc/cron.daily: 1 Time(s)
test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt: 1 Time(s)
wget -O - -q http://evolt.org/cron.php: 72 Time(s)
User www-data:
[ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.conf -a -r /var/log/apache/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=awstats -update >/dev/null: 144 Time(s)
---------------------- Cron End -------------------------
--------------------- EXIM Begin ------------------------
--- Messages history ---
-MsgID: 1JFTon-0003z7-00:
2008-01-17 06:26:01 <= root at tempest.evolt.org U=root P=local S=21036
2008-01-17 06:29:10 lists.evolt.org [67.19.100.195]: Connection timed out
2008-01-17 06:29:10 == sysadmin at lists.evolt.org T=local_smtp defer (110): Connection timed out
2008-01-17 06:29:10 failed to open DB file /var/spool/exim/db/retry: File exists
-MsgID: 1JFTon-0003zV-00:
2008-01-17 06:26:10 <= root at tempest.evolt.org U=root P=local S=247219
2008-01-17 06:29:19 lists.evolt.org [67.19.100.195]: Connection timed out
2008-01-17 06:29:19 == root at lists.evolt.org <root at tempest.evolt.org> T=local_smtp defer (110): Connection timed out
2008-01-17 06:29:19 failed to open DB file /var/spool/exim/db/retry: File exists
-MsgID: 1JFXDJ-00040U-00:
2008-01-17 10:07:15 <= root at tempest.evolt.org U=root P=local S=837
2008-01-17 10:10:25 lists.evolt.org [67.19.100.195]: Connection timed out
2008-01-17 10:10:25 == root at lists.evolt.org <root at tempest.evolt.org> T=local_smtp defer (110): Connection timed out
2008-01-17 10:10:25 failed to open DB file /var/spool/exim/db/retry: File exists
25 messages delivered immediately to 25 total recipients
---------------------- EXIM End -------------------------
--------------------- httpd Begin ------------------------
1.77 MB transfered in 783 responses (1xx 0, 2xx 223, 3xx 20, 4xx 540, 5xx 0)
99 Images (0.03 MB),
8 Documents (0.00 MB),
6 Archives (0.00 MB),
565 Content pages (1.56 MB),
26 Program source files (0.15 MB),
2 mod_proxy connection attempts (0.00 MB),
77 Other (0.02 MB)
Attempts to use 1 known hacks were logged 142 time(s)
phpmyadmin by
216.98.148.34 40 time(s)
82.186.49.166 102 time(s)
Connection attempts using mod_proxy:
208.254.109.248 -> http://lti-mail01.ltinetworks.com:25 : 2 Time(s)
A total of 2 sites probed the server
216.98.148.34
82.186.49.166
A total of 31 unidentified 'other' records logged
GET /winddancer HTTP/1.0 with response code(s) 1 404 responses
GET /jeff/code/js_url_variables/index.cfm?foo=bar&far=bo HTTP/1.0 with response code(s) 1 404 responses
GET http://toolbarqueries.google.co.in/search?sourceid=navclient-ff&features=Rank&client=navclient-auto-ff&googleip=O;null;1047&ch=8de891538&q=info:http%3A%2F%2Fbrowsers.evolt.org%2F%3Fie%2F32bit%2F6.0 HTTP/1.1 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/*checkout*/weo_theme/<?php%20print%20url()%20?> HTTP/1.0 with response code(s) 1 404 responses
GET /mantruc/blog HTTP/1.0 with response code(s) 1 404 responses
GET /aleem HTTP/1.1 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/Attic/square-bullet.psd?hideattic=0&view=graph HTTP/1.0 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/.cvsignore HTTP/1.1 with response code(s) 1 200 responses
GET /garrett/site/books/factual HTTP/1.0 with response code(s) 1 404 responses
- with response code(s) 23 408 responses
GET /djc HTTP/1.0 with response code(s) 1 404 responses
GET /signup.cfm HTTP/1.1 with response code(s) 6 404 responses
GET /mantruc/blog HTTP/1.1 with response code(s) 2 404 responses
GET /jeff/code/js_url_variables/index.cfm HTTP/1.1 with response code(s) 3 404 responses
GET /jeff/code/form_to_window/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /burhankhalid HTTP/1.1 with response code(s) 2 404 responses
GET /djc/stdio/index.cfm/daddy/show/mommy/158 HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/preload_n_rollover HTTP/1.1 with response code(s) 6 404 responses
GET /jeff/code/table_cell_rollover.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /danfascia/index.cfm?case=pneumonia§ion=clinical&page=1 HTTP/1.0 with response code(s) 1 404 responses
GET /StOne HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/dhtml_form_rollover/index.cfm HTTP/1.1 with response code(s) 3 404 responses
GET /djc/stdio/index.cfm/daddy/show/mommy/1 HTTP/1.0 with response code(s) 1 404 responses
GET /jeff/code/js_url_variables/index.cfm?foo=bar&far=bo HTTP/1.1 with response code(s) 2 404 responses
GET /dshadovi/MM_resources.cfm HTTP/1.0 with response code(s) 2 404 responses
GET /jeff/code/preload_n_rollover/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /garrett/site/books/factual HTTP/1.1 with response code(s) 2 404 responses
GET /index.cfm?menu=8&cid=389&catid=25 HTTP/1.0 with response code(s) 1 404 responses
GET /deadL0ck HTTP/1.0 with response code(s) 1 404 responses
GET /tarbyah HTTP/1.1 with response code(s) 1 404 responses
GET /turkif HTTP/1.1 with response code(s) 1 404 responses
A total of 11 ROBOTS were logged
Mozilla/5.0 (compatible; Ask Jeeves/Teoma; +http://about.ask.com/en/docs/about/webmasters.shtml) 1 time(s)
Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) 3 time(s)
WebAlta Crawler/2.0 (http://www.webalta.net/ru/about_webmaster.html) (Windows; U; Windows NT 5.1; ru-RU) 3 time(s)
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) 4 time(s)
Mozilla/5.0 (compatible; BecomeBot/3.0; +http://www.become.com/site_owners.html) 7 time(s)
msnbot/1.0 (+http://search.msn.com/msnbot.htm) 3 time(s)
Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1) VoilaBot BETA 1.2 (http://www.voila.com/) 2 time(s)
Mozilla/4.0 (compatible; MSIE 5.01; Windows NT) 1 time(s)
msnbot-media/1.0 (+http://search.msn.com/msnbot.htm) 4 time(s)
Speedy Spider (http://www.entireweb.com/about/search_tech/speedy_spider/) 3 time(s)
del.icio.us-thumbnails/1.0 Mozilla/5.0 (compatible; Konqueror/3.4; FreeBSD) KHTML/3.4.2 (like Gecko) 1 time(s)
---------------------- httpd End -------------------------
--------------------- Kernel Begin ------------------------
4 Time(s): NET: 1 messages suppressed.
7 Time(s): NET: 10 messages suppressed.
1 Time(s): NET: 100 messages suppressed.
1 Time(s): NET: 104 messages suppressed.
2 Time(s): NET: 106 messages suppressed.
1 Time(s): NET: 107 messages suppressed.
1 Time(s): NET: 108 messages suppressed.
8 Time(s): NET: 11 messages suppressed.
1 Time(s): NET: 111 messages suppressed.
1 Time(s): NET: 114 messages suppressed.
1 Time(s): NET: 117 messages suppressed.
5 Time(s): NET: 12 messages suppressed.
1 Time(s): NET: 120 messages suppressed.
1 Time(s): NET: 123 messages suppressed.
3 Time(s): NET: 13 messages suppressed.
1 Time(s): NET: 136 messages suppressed.
3 Time(s): NET: 14 messages suppressed.
1 Time(s): NET: 142 messages suppressed.
4 Time(s): NET: 15 messages suppressed.
1 Time(s): NET: 156 messages suppressed.
3 Time(s): NET: 16 messages suppressed.
1 Time(s): NET: 17 messages suppressed.
1 Time(s): NET: 173 messages suppressed.
6 Time(s): NET: 18 messages suppressed.
3 Time(s): NET: 19 messages suppressed.
1 Time(s): NET: 2 messages suppressed.
1 Time(s): NET: 20 messages suppressed.
1 Time(s): NET: 212 messages suppressed.
2 Time(s): NET: 22 messages suppressed.
3 Time(s): NET: 23 messages suppressed.
4 Time(s): NET: 24 messages suppressed.
1 Time(s): NET: 25 messages suppressed.
4 Time(s): NET: 26 messages suppressed.
3 Time(s): NET: 27 messages suppressed.
1 Time(s): NET: 28 messages suppressed.
4 Time(s): NET: 29 messages suppressed.
3 Time(s): NET: 3 messages suppressed.
4 Time(s): NET: 30 messages suppressed.
3 Time(s): NET: 31 messages suppressed.
2 Time(s): NET: 32 messages suppressed.
6 Time(s): NET: 33 messages suppressed.
2 Time(s): NET: 34 messages suppressed.
4 Time(s): NET: 36 messages suppressed.
2 Time(s): NET: 37 messages suppressed.
2 Time(s): NET: 39 messages suppressed.
3 Time(s): NET: 4 messages suppressed.
2 Time(s): NET: 41 messages suppressed.
1 Time(s): NET: 42 messages suppressed.
3 Time(s): NET: 43 messages suppressed.
2 Time(s): NET: 44 messages suppressed.
4 Time(s): NET: 45 messages suppressed.
5 Time(s): NET: 46 messages suppressed.
1 Time(s): NET: 47 messages suppressed.
2 Time(s): NET: 48 messages suppressed.
1 Time(s): NET: 49 messages suppressed.
4 Time(s): NET: 5 messages suppressed.
4 Time(s): NET: 51 messages suppressed.
5 Time(s): NET: 52 messages suppressed.
3 Time(s): NET: 53 messages suppressed.
1 Time(s): NET: 54 messages suppressed.
1 Time(s): NET: 56 messages suppressed.
1 Time(s): NET: 57 messages suppressed.
2 Time(s): NET: 58 messages suppressed.
9 Time(s): NET: 6 messages suppressed.
1 Time(s): NET: 60 messages suppressed.
1 Time(s): NET: 61 messages suppressed.
1 Time(s): NET: 62 messages suppressed.
1 Time(s): NET: 63 messages suppressed.
1 Time(s): NET: 64 messages suppressed.
2 Time(s): NET: 65 messages suppressed.
1 Time(s): NET: 66 messages suppressed.
1 Time(s): NET: 68 messages suppressed.
2 Time(s): NET: 7 messages suppressed.
1 Time(s): NET: 70 messages suppressed.
2 Time(s): NET: 71 messages suppressed.
1 Time(s): NET: 73 messages suppressed.
3 Time(s): NET: 75 messages suppressed.
2 Time(s): NET: 77 messages suppressed.
2 Time(s): NET: 79 messages suppressed.
2 Time(s): NET: 8 messages suppressed.
1 Time(s): NET: 80 messages suppressed.
1 Time(s): NET: 82 messages suppressed.
2 Time(s): NET: 83 messages suppressed.
3 Time(s): NET: 85 messages suppressed.
2 Time(s): NET: 88 messages suppressed.
1 Time(s): NET: 89 messages suppressed.
1 Time(s): NET: 9 messages suppressed.
2 Time(s): NET: 92 messages suppressed.
2 Time(s): NET: 94 messages suppressed.
1 Time(s): NET: 98 messages suppressed.
1 Time(s): TCP: drop open request from 12.110.129.106/51320
1 Time(s): TCP: drop open request from 12.158.26.21/1362
1 Time(s): TCP: drop open request from 122.200.218.11/53798
1 Time(s): TCP: drop open request from 124.147.38.138/34889
1 Time(s): TCP: drop open request from 124.83.155.74/36975
1 Time(s): TCP: drop open request from 125.7.50.67/22020
1 Time(s): TCP: drop open request from 128.125.137.210/47199
1 Time(s): TCP: drop open request from 128.220.2.64/23495
1 Time(s): TCP: drop open request from 130.241.151.186/14204
1 Time(s): TCP: drop open request from 133.145.228.48/35340
1 Time(s): TCP: drop open request from 133.163.13.8/45477
1 Time(s): TCP: drop open request from 140.254.47.13/2936
1 Time(s): TCP: drop open request from 141.213.75.21/49452
1 Time(s): TCP: drop open request from 141.30.66.153/42731
1 Time(s): TCP: drop open request from 142.46.197.236/42205
1 Time(s): TCP: drop open request from 144.141.93.70/21889
1 Time(s): TCP: drop open request from 151.8.237.10/60700
1 Time(s): TCP: drop open request from 153.96.1.17/35286
1 Time(s): TCP: drop open request from 157.252.10.102/38838
1 Time(s): TCP: drop open request from 160.193.22.97/52505
1 Time(s): TCP: drop open request from 161.253.149.64/10485
1 Time(s): TCP: drop open request from 161.58.153.48/4375
1 Time(s): TCP: drop open request from 164.107.65.16/43222
1 Time(s): TCP: drop open request from 165.212.64.13/53681
1 Time(s): TCP: drop open request from 168.100.253.4/42161
1 Time(s): TCP: drop open request from 169.132.25.67/52485
1 Time(s): TCP: drop open request from 193.111.201.74/57507
1 Time(s): TCP: drop open request from 193.138.200.59/42422
1 Time(s): TCP: drop open request from 193.189.247.185/56930
1 Time(s): TCP: drop open request from 193.224.51.162/55039
1 Time(s): TCP: drop open request from 193.229.8.70/40795
1 Time(s): TCP: drop open request from 193.252.22.243/28641
1 Time(s): TCP: drop open request from 193.41.60.59/61224
1 Time(s): TCP: drop open request from 193.70.109.10/44984
1 Time(s): TCP: drop open request from 193.92.150.104/27679
1 Time(s): TCP: drop open request from 194.100.2.104/41673
1 Time(s): TCP: drop open request from 194.100.2.104/41822
1 Time(s): TCP: drop open request from 194.109.127.149/1663
1 Time(s): TCP: drop open request from 194.109.127.151/3419
1 Time(s): TCP: drop open request from 194.109.160.235/19132
1 Time(s): TCP: drop open request from 194.171.167.219/50035
1 Time(s): TCP: drop open request from 194.181.2.36/56386
1 Time(s): TCP: drop open request from 194.24.186.2/55102
1 Time(s): TCP: drop open request from 194.247.64.1/40027
1 Time(s): TCP: drop open request from 194.78.217.92/57166
1 Time(s): TCP: drop open request from 194.88.130.1/56124
1 Time(s): TCP: drop open request from 195.113.20.71/49557
1 Time(s): TCP: drop open request from 195.113.20.77/62067
1 Time(s): TCP: drop open request from 195.170.70.238/56080
1 Time(s): TCP: drop open request from 195.216.102.4/39843
1 Time(s): TCP: drop open request from 195.228.155.142/47604
1 Time(s): TCP: drop open request from 195.246.173.19/45328
1 Time(s): TCP: drop open request from 195.25.12.12/15679
1 Time(s): TCP: drop open request from 195.95.199.200/52205
1 Time(s): TCP: drop open request from 198.64.147.69/3899
1 Time(s): TCP: drop open request from 199.228.142.99/46523
1 Time(s): TCP: drop open request from 200.69.243.193/63987
1 Time(s): TCP: drop open request from 200.91.86.234/4756
1 Time(s): TCP: drop open request from 202.124.214.68/59263
1 Time(s): TCP: drop open request from 202.130.106.152/60744
1 Time(s): TCP: drop open request from 202.14.81.53/2543
1 Time(s): TCP: drop open request from 202.163.104.194/3483
1 Time(s): TCP: drop open request from 202.18.170.10/40078
2 Time(s): TCP: drop open request from 202.213.237.71/39729
1 Time(s): TCP: drop open request from 202.233.3.7/44444
1 Time(s): TCP: drop open request from 202.239.211.155/35958
1 Time(s): TCP: drop open request from 202.32.8.193/37178
1 Time(s): TCP: drop open request from 202.7.97.132/57580
1 Time(s): TCP: drop open request from 202.72.149.104/56916
1 Time(s): TCP: drop open request from 203.140.81.20/50122
1 Time(s): TCP: drop open request from 203.140.81.22/54314
1 Time(s): TCP: drop open request from 203.141.160.50/63625
1 Time(s): TCP: drop open request from 203.150.238.23/2349
1 Time(s): TCP: drop open request from 203.165.10.107/56886
1 Time(s): TCP: drop open request from 203.59.1.150/41899
1 Time(s): TCP: drop open request from 203.83.112.138/55892
1 Time(s): TCP: drop open request from 204.17.31.62/17824
1 Time(s): TCP: drop open request from 204.239.42.82/48534
1 Time(s): TCP: drop open request from 204.8.33.199/54175
1 Time(s): TCP: drop open request from 204.9.72.113/2262
1 Time(s): TCP: drop open request from 205.119.29.12/60811
1 Time(s): TCP: drop open request from 205.119.29.12/60815
1 Time(s): TCP: drop open request from 206.116.48.5/60729
1 Time(s): TCP: drop open request from 206.136.193.4/60692
1 Time(s): TCP: drop open request from 207.115.20.180/57194
1 Time(s): TCP: drop open request from 207.115.20.70/64201
1 Time(s): TCP: drop open request from 207.155.252.34/49867
1 Time(s): TCP: drop open request from 207.189.128.48/3316
1 Time(s): TCP: drop open request from 207.190.232.250/9426
1 Time(s): TCP: drop open request from 207.47.98.178/28271
1 Time(s): TCP: drop open request from 207.5.128.146/60510
1 Time(s): TCP: drop open request from 207.58.182.172/43445
1 Time(s): TCP: drop open request from 207.97.229.109/64969
1 Time(s): TCP: drop open request from 208.122.34.62/59665
1 Time(s): TCP: drop open request from 208.40.239.2/55300
1 Time(s): TCP: drop open request from 208.42.234.80/46323
1 Time(s): TCP: drop open request from 208.51.187.35/18191
1 Time(s): TCP: drop open request from 208.57.141.168/22859
1 Time(s): TCP: drop open request from 209.10.179.184/2663
1 Time(s): TCP: drop open request from 209.132.20.21/12239
1 Time(s): TCP: drop open request from 209.200.45.36/50250
1 Time(s): TCP: drop open request from 209.204.173.218/2321
1 Time(s): TCP: drop open request from 209.242.60.185/48832
1 Time(s): TCP: drop open request from 209.250.0.16/3610
1 Time(s): TCP: drop open request from 209.59.170.2/47368
1 Time(s): TCP: drop open request from 209.68.1.151/63183
1 Time(s): TCP: drop open request from 209.90.77.34/64082
1 Time(s): TCP: drop open request from 209.91.168.250/10818
1 Time(s): TCP: drop open request from 210.135.144.114/1221
1 Time(s): TCP: drop open request from 210.138.145.118/60385
1 Time(s): TCP: drop open request from 210.143.109.93/52751
1 Time(s): TCP: drop open request from 210.143.35.50/62288
1 Time(s): TCP: drop open request from 210.150.239.216/50602
1 Time(s): TCP: drop open request from 210.157.243.19/3548
1 Time(s): TCP: drop open request from 210.166.220.190/53351
1 Time(s): TCP: drop open request from 210.174.169.134/45266
1 Time(s): TCP: drop open request from 210.199.157.8/2634
1 Time(s): TCP: drop open request from 210.233.71.217/18604
1 Time(s): TCP: drop open request from 210.253.43.85/37115
1 Time(s): TCP: drop open request from 210.67.101.83/55268
1 Time(s): TCP: drop open request from 211.234.110.244/60332
1 Time(s): TCP: drop open request from 211.49.224.177/56826
1 Time(s): TCP: drop open request from 211.9.201.2/21798
1 Time(s): TCP: drop open request from 211.9.221.27/4247
1 Time(s): TCP: drop open request from 212.103.214.108/45554
1 Time(s): TCP: drop open request from 212.117.79.171/62926
1 Time(s): TCP: drop open request from 212.203.9.6/2507
1 Time(s): TCP: drop open request from 212.27.35.142/39767
1 Time(s): TCP: drop open request from 212.60.6.58/45165
1 Time(s): TCP: drop open request from 212.63.148.114/58337
1 Time(s): TCP: drop open request from 212.72.183.135/48587
1 Time(s): TCP: drop open request from 212.8.114.32/13101
1 Time(s): TCP: drop open request from 212.81.223.53/1408
1 Time(s): TCP: drop open request from 213.157.28.51/32993
1 Time(s): TCP: drop open request from 213.186.56.151/57691
1 Time(s): TCP: drop open request from 213.194.65.222/55049
1 Time(s): TCP: drop open request from 213.194.65.222/55104
1 Time(s): TCP: drop open request from 213.199.154.10/30479
1 Time(s): TCP: drop open request from 213.201.159.91/52870
1 Time(s): TCP: drop open request from 213.208.213.35/48478
1 Time(s): TCP: drop open request from 213.250.128.170/49117
1 Time(s): TCP: drop open request from 213.255.163.227/60565
1 Time(s): TCP: drop open request from 216.111.142.10/2663
1 Time(s): TCP: drop open request from 216.118.117.25/1599
1 Time(s): TCP: drop open request from 216.166.234.78/54504
1 Time(s): TCP: drop open request from 216.180.231.66/58327
1 Time(s): TCP: drop open request from 216.30.248.21/12809
1 Time(s): TCP: drop open request from 216.70.150.247/12637
1 Time(s): TCP: drop open request from 217.113.42.11/44750
1 Time(s): TCP: drop open request from 217.149.1.210/37003
1 Time(s): TCP: drop open request from 217.151.103.11/50919
1 Time(s): TCP: drop open request from 217.159.173.198/14109
1 Time(s): TCP: drop open request from 217.160.76.112/34526
1 Time(s): TCP: drop open request from 217.172.173.122/37706
1 Time(s): TCP: drop open request from 217.18.208.140/38941
1 Time(s): TCP: drop open request from 217.204.164.242/29397
1 Time(s): TCP: drop open request from 217.23.49.243/45406
1 Time(s): TCP: drop open request from 217.26.49.220/53041
1 Time(s): TCP: drop open request from 217.31.68.1/8533
1 Time(s): TCP: drop open request from 217.41.60.21/57713
1 Time(s): TCP: drop open request from 217.70.181.200/51122
1 Time(s): TCP: drop open request from 218.214.83.245/29341
1 Time(s): TCP: drop open request from 218.230.104.103/32554
1 Time(s): TCP: drop open request from 218.42.148.83/3442
1 Time(s): TCP: drop open request from 219.110.2.183/47075
1 Time(s): TCP: drop open request from 219.232.224.81/3049
1 Time(s): TCP: drop open request from 219.96.72.96/62050
1 Time(s): TCP: drop open request from 222.122.60.167/58626
1 Time(s): TCP: drop open request from 222.15.69.197/54983
1 Time(s): TCP: drop open request from 24.124.22.34/53419
1 Time(s): TCP: drop open request from 24.234.118.75/20397
1 Time(s): TCP: drop open request from 38.117.64.204/2358
1 Time(s): TCP: drop open request from 59.167.210.42/14276
1 Time(s): TCP: drop open request from 60.32.85.195/34166
1 Time(s): TCP: drop open request from 60.37.40.190/57966
1 Time(s): TCP: drop open request from 61.152.251.216/4193
1 Time(s): TCP: drop open request from 61.86.246.9/60428
1 Time(s): TCP: drop open request from 61.9.145.250/63583
1 Time(s): TCP: drop open request from 61.95.89.204/4834
1 Time(s): TCP: drop open request from 62.104.10.218/38731
1 Time(s): TCP: drop open request from 62.112.223.163/41688
1 Time(s): TCP: drop open request from 62.134.11.18/45458
1 Time(s): TCP: drop open request from 62.159.155.200/26788
1 Time(s): TCP: drop open request from 62.2.176.147/2651
1 Time(s): TCP: drop open request from 62.26.122.134/64498
1 Time(s): TCP: drop open request from 62.38.3.190/49616
1 Time(s): TCP: drop open request from 62.75.226.20/3740
1 Time(s): TCP: drop open request from 62.75.226.20/3751
1 Time(s): TCP: drop open request from 62.95.76.2/23472
1 Time(s): TCP: drop open request from 63.131.23.118/11016
1 Time(s): TCP: drop open request from 63.231.33.187/3052
1 Time(s): TCP: drop open request from 63.236.240.134/60800
1 Time(s): TCP: drop open request from 64.106.243.10/1671
1 Time(s): TCP: drop open request from 64.113.43.44/48906
1 Time(s): TCP: drop open request from 64.19.29.243/56370
1 Time(s): TCP: drop open request from 64.201.167.194/45068
1 Time(s): TCP: drop open request from 64.233.162.183/22854
1 Time(s): TCP: drop open request from 64.246.26.18/43896
1 Time(s): TCP: drop open request from 64.25.86.152/54178
1 Time(s): TCP: drop open request from 64.250.226.12/55932
1 Time(s): TCP: drop open request from 64.26.0.57/47934
1 Time(s): TCP: drop open request from 64.27.96.40/4220
1 Time(s): TCP: drop open request from 64.41.179.171/48144
1 Time(s): TCP: drop open request from 64.56.177.147/34970
1 Time(s): TCP: drop open request from 64.97.158.33/60723
1 Time(s): TCP: drop open request from 65.103.113.115/48459
1 Time(s): TCP: drop open request from 65.107.225.226/53815
1 Time(s): TCP: drop open request from 65.182.186.125/56112
1 Time(s): TCP: drop open request from 65.223.56.131/3100
1 Time(s): TCP: drop open request from 65.42.246.97/13788
1 Time(s): TCP: drop open request from 65.61.219.94/60142
1 Time(s): TCP: drop open request from 66.104.67.66/38849
1 Time(s): TCP: drop open request from 66.114.66.102/11001
1 Time(s): TCP: drop open request from 66.14.61.208/16526
1 Time(s): TCP: drop open request from 66.145.215.96/31434
1 Time(s): TCP: drop open request from 66.173.89.146/25016
1 Time(s): TCP: drop open request from 66.255.44.162/46247
1 Time(s): TCP: drop open request from 66.43.138.161/14243
1 Time(s): TCP: drop open request from 66.83.52.165/9540
1 Time(s): TCP: drop open request from 66.92.152.101/49383
1 Time(s): TCP: drop open request from 66.93.59.34/31522
1 Time(s): TCP: drop open request from 66.94.237.55/47358
1 Time(s): TCP: drop open request from 66.98.228.43/30656
1 Time(s): TCP: drop open request from 67.120.8.178/32294
1 Time(s): TCP: drop open request from 67.19.244.180/45757
1 Time(s): TCP: drop open request from 68.143.125.243/44268
1 Time(s): TCP: drop open request from 68.162.254.154/56925
1 Time(s): TCP: drop open request from 68.167.209.66/3328
1 Time(s): TCP: drop open request from 68.208.97.159/1918
1 Time(s): TCP: drop open request from 68.23.226.62/57129
1 Time(s): TCP: drop open request from 68.91.221.71/37278
1 Time(s): TCP: drop open request from 69.11.180.66/26731
1 Time(s): TCP: drop open request from 69.2.213.213/2373
1 Time(s): TCP: drop open request from 69.20.4.243/46143
1 Time(s): TCP: drop open request from 69.219.218.14/30749
1 Time(s): TCP: drop open request from 69.41.160.214/62631
1 Time(s): TCP: drop open request from 69.43.205.229/44058
1 Time(s): TCP: drop open request from 69.70.14.179/56916
1 Time(s): TCP: drop open request from 70.164.247.40/52290
1 Time(s): TCP: drop open request from 70.85.156.210/9683
1 Time(s): TCP: drop open request from 70.86.234.234/44192
1 Time(s): TCP: drop open request from 71.133.50.9/9276
1 Time(s): TCP: drop open request from 71.39.164.204/51829
1 Time(s): TCP: drop open request from 72.14.246.189/12900
1 Time(s): TCP: drop open request from 72.165.208.50/30429
1 Time(s): TCP: drop open request from 72.17.216.10/14838
1 Time(s): TCP: drop open request from 72.19.247.136/60457
1 Time(s): TCP: drop open request from 72.29.69.239/38868
1 Time(s): TCP: drop open request from 72.36.170.178/53856
1 Time(s): TCP: drop open request from 72.36.222.202/32895
1 Time(s): TCP: drop open request from 72.54.151.74/55191
1 Time(s): TCP: drop open request from 74.200.72.69/59037
1 Time(s): TCP: drop open request from 74.203.101.80/29317
1 Time(s): TCP: drop open request from 74.208.9.9/53747
1 Time(s): TCP: drop open request from 74.54.26.18/58097
1 Time(s): TCP: drop open request from 74.86.191.18/46145
1 Time(s): TCP: drop open request from 75.10.198.41/65470
1 Time(s): TCP: drop open request from 75.126.144.67/34641
1 Time(s): TCP: drop open request from 75.144.35.11/43408
1 Time(s): TCP: drop open request from 76.162.254.67/47939
1 Time(s): TCP: drop open request from 80.120.109.74/37163
1 Time(s): TCP: drop open request from 80.165.113.50/16384
1 Time(s): TCP: drop open request from 80.65.96.45/50396
1 Time(s): TCP: drop open request from 80.69.224.16/50048
1 Time(s): TCP: drop open request from 80.74.214.228/60734
1 Time(s): TCP: drop open request from 80.95.166.185/4517
1 Time(s): TCP: drop open request from 81.114.251.51/55343
1 Time(s): TCP: drop open request from 81.169.175.145/35705
1 Time(s): TCP: drop open request from 81.21.72.247/2262
1 Time(s): TCP: drop open request from 81.255.23.9/2583
1 Time(s): TCP: drop open request from 81.6.3.106/4203
1 Time(s): TCP: drop open request from 82.106.177.201/9202
1 Time(s): TCP: drop open request from 82.129.235.243/1796
1 Time(s): TCP: drop open request from 82.152.152.42/36959
1 Time(s): TCP: drop open request from 82.192.68.204/55073
1 Time(s): TCP: drop open request from 83.244.130.124/59457
1 Time(s): TCP: drop open request from 83.64.134.169/8638
1 Time(s): TCP: drop open request from 83.65.217.4/32395
1 Time(s): TCP: drop open request from 85.13.132.119/37076
1 Time(s): TCP: drop open request from 85.214.34.216/2851
1 Time(s): TCP: drop open request from 85.33.2.128/29158
1 Time(s): TCP: drop open request from 86.109.161.167/53454
1 Time(s): TCP: drop open request from 86.109.98.29/57520
1 Time(s): TCP: drop open request from 86.63.80.166/55288
1 Time(s): TCP: drop open request from 87.106.10.25/36831
1 Time(s): TCP: drop open request from 87.194.127.106/59184
1 Time(s): TCP: drop open request from 87.84.76.14/38007
1 Time(s): TCP: drop open request from 87.86.4.186/58180
1 Time(s): TCP: drop open request from 88.46.120.35/50848
1 Time(s): TCP: drop open request from 89.234.19.91/38950
1 Time(s): TCP: drop open request from 90.80.34.70/45391
1 Time(s): UDP: short packet: 12.96.160.115:53 151/135 to 67.19.100.194:59898
1 Time(s): UDP: short packet: 12.96.160.115:53 152/136 to 67.19.100.194:36769
1 Time(s): UDP: short packet: 12.96.160.115:53 159/143 to 67.19.100.194:58310
1 Time(s): UDP: short packet: 12.96.160.115:53 180/164 to 67.19.100.194:64715
1 Time(s): UDP: short packet: 12.96.160.115:53 188/172 to 67.19.100.194:64715
1 Time(s): UDP: short packet: 12.96.160.115:53 213/197 to 67.19.100.194:41931
1 Time(s): UDP: short packet: 12.96.160.115:53 213/197 to 67.19.100.194:49087
1 Time(s): UDP: short packet: 12.96.160.115:53 213/197 to 67.19.100.194:50616
1 Time(s): UDP: short packet: 12.96.160.115:53 308/292 to 67.19.100.194:46323
1 Time(s): UDP: short packet: 12.96.160.115:53 313/297 to 67.19.100.194:41471
1 Time(s): UDP: short packet: 12.96.160.115:53 313/297 to 67.19.100.194:48177
1 Time(s): UDP: short packet: 12.96.160.115:53 313/297 to 67.19.100.194:57437
1 Time(s): UDP: short packet: 12.96.160.115:53 414/398 to 67.19.100.194:38500
1 Time(s): UDP: short packet: 12.96.160.115:53 414/398 to 67.19.100.194:58201
1 Time(s): UDP: short packet: 12.96.160.115:53 446/430 to 67.19.100.194:40052
1 Time(s): UDP: short packet: 12.96.160.115:53 446/430 to 67.19.100.194:54669
1 Time(s): device eth0 entered promiscuous mode
1 Time(s): device eth0 left promiscuous mode
---------------------- Kernel End -------------------------
--------------------- pam_unix Begin ------------------------
cron:
Sessions Opened:
dkaufman: 1440 Time(s)
root: 462 Time(s)
mailman: 316 Time(s)
www-data: 144 Time(s)
dmah: 2 Time(s)
sshd:
Authentication Failures:
unknown (client-novita-5.zgora.dialog.net.pl): 20 Time(s)
Invalid Users:
Unknown Account: 20 Time(s)
Sessions Opened:
dmah: 1 Time(s)
su:
Sessions Opened:
(uid=0) -> nobody: 1 Time(s)
dmah(uid=0) -> root: 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
**Unmatched Entries**
perl: gethostby*.getanswer: asked for "62.240.152.198.in-addr.arpa IN PTR", got type "39"
perl: gethostby*.getanswer: asked for "67.13.152.198.in-addr.arpa IN PTR", got type "39"
perl: gethostby*.getanswer: asked for "62.240.152.198.in-addr.arpa IN PTR", got type "39"
---------------------- Connections (secure-log) End -------------------------
--------------------- sendmail Begin ------------------------
ERROR: Could not open /etc/mail/local-host-names
ERROR: Could not open /etc/mail/access
Message Size Distribution:
Range # Msgs KBytes
0 - 10k 0 0
10k - 20k 0 0
20k - 50k 0 0
50k - 100k 0 0
100k - 500k 0 0
500k - 1Mb 0 0
1Mb - 2Mb 0 0
2Mb - 5Mb 0 0
5Mb - 10Mb 0 0
10Mb+ 0 0
----------------------------------
TOTAL 0 0
---------------------- sendmail End -------------------------
--------------------- SSHD Begin ------------------------
Couldn't resolve these IPs:
undefined.crocustelecom.net.ua: 17 Time(s)
Didn't receive an ident from these IPs:
p508F1EA6.dip0.t-ipconnect.de (80.143.30.166): 1 Time(s)
undefined.crocustelecom.net.ua (85.159.1.200): 5 Time(s)
Failed logins from these:
Clara/keyboard-interactive/pam from 62.87.177.21: 5 Time(s)
Claudia/keyboard-interactive/pam from 62.87.177.21: 4 Time(s)
Jana/keyboard-interactive/pam from 62.87.177.21: 4 Time(s)
aaron/password from 81.9.18.198: 3 Time(s)
achim/keyboard-interactive/pam from 62.87.177.21: 5 Time(s)
adelbert/keyboard-interactive/pam from 62.87.177.21: 2 Time(s)
admin/password from 81.9.18.198: 5 Time(s)
gt05/password from 81.9.18.198: 2 Time(s)
heidi/password from 85.159.1.200: 5 Time(s)
oubiwann/password from 85.159.1.200: 5 Time(s)
root/password from 70.84.57.132: 54 Time(s)
root/password from 81.9.18.198: 9 Time(s)
stephanie/password from 81.9.18.198: 1 Time(s)
steve/password from 85.159.1.200: 2 Time(s)
stud/password from 81.9.18.198: 5 Time(s)
test/password from 80.143.30.166: 4 Time(s)
trash/password from 81.9.18.198: 4 Time(s)
william/password from 81.9.18.198: 2 Time(s)
www/password from 85.159.1.200: 5 Time(s)
Illegal users from these:
Clara/keyboard-interactive/pam from 62.87.177.21: 5 Time(s)
Clara/none from 62.87.177.21: 5 Time(s)
Claudia/keyboard-interactive/pam from 62.87.177.21: 4 Time(s)
Claudia/none from 62.87.177.21: 4 Time(s)
Jana/keyboard-interactive/pam from 62.87.177.21: 4 Time(s)
Jana/none from 62.87.177.21: 4 Time(s)
aaron/none from 81.9.18.198: 3 Time(s)
aaron/password from 81.9.18.198: 3 Time(s)
achim/keyboard-interactive/pam from 62.87.177.21: 5 Time(s)
achim/none from 62.87.177.21: 5 Time(s)
adelbert/keyboard-interactive/pam from 62.87.177.21: 2 Time(s)
adelbert/none from 62.87.177.21: 2 Time(s)
admin/none from 81.9.18.198: 5 Time(s)
admin/password from 81.9.18.198: 5 Time(s)
gt05/none from 81.9.18.198: 2 Time(s)
gt05/password from 81.9.18.198: 2 Time(s)
heidi/none from 85.159.1.200: 5 Time(s)
heidi/password from 85.159.1.200: 5 Time(s)
oubiwann/none from 85.159.1.200: 5 Time(s)
oubiwann/password from 85.159.1.200: 5 Time(s)
stephanie/none from 81.9.18.198: 1 Time(s)
stephanie/password from 81.9.18.198: 1 Time(s)
steve/none from 85.159.1.200: 2 Time(s)
steve/password from 85.159.1.200: 2 Time(s)
stud/none from 81.9.18.198: 5 Time(s)
stud/password from 81.9.18.198: 5 Time(s)
test/none from 80.143.30.166: 4 Time(s)
test/password from 80.143.30.166: 4 Time(s)
trash/none from 81.9.18.198: 4 Time(s)
trash/password from 81.9.18.198: 4 Time(s)
william/none from 81.9.18.198: 2 Time(s)
william/password from 81.9.18.198: 2 Time(s)
www/none from 85.159.1.200: 5 Time(s)
www/password from 85.159.1.200: 5 Time(s)
Users logging in through sshd:
dmah:
S010600c049d9e99b.cg.shawcable.net (70.73.105.151): 1 time
Error in PAM authentication:
User not known to the underlying authentication module for illegal user Clara from client-novita-5.zgora.dialog.net.pl : 5 Time(s)
User not known to the underlying authentication module for illegal user Claudia from client-novita-5.zgora.dialog.net.pl : 4 Time(s)
User not known to the underlying authentication module for illegal user Jana from client-novita-5.zgora.dialog.net.pl : 4 Time(s)
User not known to the underlying authentication module for illegal user achim from client-novita-5.zgora.dialog.net.pl : 5 Time(s)
User not known to the underlying authentication module for illegal user adelbert from client-novita-5.zgora.dialog.net.pl : 2 Time(s)
**Unmatched Entries**
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
---------------------- SSHD End -------------------------
--------------------- Sudo (secure-log) Begin ------------------------
==============================================================================
dmah => root
------------------------------------------------------------------------------
./qmailctl stop
/bin/su -
---------------------- Sudo (secure-log) End -------------------------
--------------------- Syslogd Begin ------------------------
Syslogd started 1 Time(s)
---------------------- Syslogd End -------------------------
--------------------- vpopmail Begin ------------------------
No Such User Found:
@ip26.aleks.com - 1 Time(s)
info at alber-antriebstechnik.de - 2 Time(s)
**Unmatched Entries**
vchkpw-smtp: invalid user/domain characters cn=mail-sygnet.syspace.co.uk, cn=sygnet.syspace.co.uk, ou=netscape servers, o=fdgroup.co.uk:213.143.10.2
---------------------- vpopmail End -------------------------
------------------ Disk Space --------------------
/dev/hda3 72G 24G 44G 36% /
/dev/hda1 92M 6.3M 81M 8% /boot
###################### LogWatch End #########################
More information about the Sysadmin
mailing list