[Sysadmin] LogWatch for tempest
root
root at tempest.evolt.org
Sat Jan 19 06:26:27 CST 2008
################### LogWatch 5.2.2 (06/23/04) ####################
Processing Initiated: Sat Jan 19 06:25:34 2008
Date Range Processed: yesterday
Detail Level of Output: 10
Logfiles for Host: tempest
################################################################
--------------------- Cron Begin ------------------------
Commands Run:
User dkaufman:
/bin/date > $HOME/date.txt: 1440 Time(s)
User dmah:
/home/dmah/bin/article_reminder.pl: 1 Time(s)
/home/dmah/bin/comment_reminder.pl: 1 Time(s)
User mailman:
/home/mailman/bin/discardbysubj.pl: 24 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/checkdbs: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/disabled: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/gate_news: 288 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/nightly_gzip: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/senddigests: 1 Time(s)
User root:
run-parts --report /etc/cron.hourly: 24 Time(s)
[ -d /var/lib/php4 ] && find /var/lib/php4/ -type f -cmin +$(/usr/lib/php4/maxlifetime) -print0 | xargs -r -0 rm: 48 Time(s)
/store/host/browsers.evolt.org/mkarchivesize: 1 Time(s)
/usr/bin/freshclam --quiet -l /var/log/clam-update.log: 1 Time(s)
/usr/local/bin/planetupdate 1>/dev/null 2>&1: 24 Time(s)
/usr/sbin/ntpdate -su us.pool.ntp.org us.pool.ntp.org: 1 Time(s)
/var/qmail/bin/qmailstats 1>/dev/null 2>/dev/null: 1 Time(s)
if [ -x /usr/bin/vnstat ] && [ `ls /var/lib/vnstat/ | wc -l` -ge 1 ]; then /usr/bin/vnstat -u; fi: 288 Time(s)
test -x /usr/sbin/anacron || run-parts --report /etc/cron.daily: 1 Time(s)
test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt: 1 Time(s)
wget -O - -q http://evolt.org/cron.php: 72 Time(s)
User www-data:
[ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.conf -a -r /var/log/apache/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=awstats -update >/dev/null: 144 Time(s)
---------------------- Cron End -------------------------
--------------------- EXIM Begin ------------------------
--- Messages history ---
-MsgID: 1JFqHl-0007d2-00:
2008-01-18 06:25:25 <= root at tempest.evolt.org U=root P=local S=39467
2008-01-18 06:28:34 lists.evolt.org [67.19.100.195]: Connection timed out
2008-01-18 06:28:35 == sysadmin at lists.evolt.org T=local_smtp defer (110): Connection timed out
2008-01-18 06:28:35 failed to open DB file /var/spool/exim/db/retry: File exists
2008-01-18 10:25:25 => sysadmin at lists.evolt.org R=passToQmail T=local_smtp H=lists.evolt.org [67.19.100.195]*
2008-01-18 10:25:25 Completed
-MsgID: 1JFXDJ-00040U-00:
2008-01-18 06:25:56 => root at lists.evolt.org <root at tempest.evolt.org> R=passToQmail T=local_smtp H=lists.evolt.org [67.19.100.195]*
2008-01-18 06:25:56 Completed
-MsgID: 1JFTon-0003zV-00:
2008-01-18 06:26:03 => root at lists.evolt.org <root at tempest.evolt.org> R=passToQmail T=local_smtp H=lists.evolt.org [67.19.100.195]*
2008-01-18 06:26:03 Completed
-MsgID: 1JFTon-0003z7-00:
2008-01-18 06:26:04 => sysadmin at lists.evolt.org R=passToQmail T=local_smtp H=lists.evolt.org [67.19.100.195]*
2008-01-18 06:26:04 Completed
-MsgID: 1JFAcR-0005mF-00:
2008-01-18 06:26:05 => root at lists.evolt.org <root at tempest.evolt.org> R=passToQmail T=local_smtp H=lists.evolt.org [67.19.100.195]*
2008-01-18 06:26:05 Completed
27 messages delivered immediately to 27 total recipients
---------------------- EXIM End -------------------------
--------------------- httpd Begin ------------------------
1.21 MB transfered in 697 responses (1xx 0, 2xx 130, 3xx 55, 4xx 512, 5xx 0)
72 Images (0.02 MB),
8 Documents (0.00 MB),
466 Content pages (0.87 MB),
26 Redirects (0.00 MB),
38 Program source files (0.22 MB),
1 mod_proxy connection attempts (0.00 MB),
86 Other (0.10 MB)
Attempts to use 1 known hacks were logged 106 time(s)
phpmyadmin by
216.98.148.34 15 time(s)
66.249.67.36 1 time(s)
91.102.66.193 90 time(s)
Connection attempts using mod_proxy:
66.17.4.162 -> http://lti-mail01.ltinetworks.com:25 : 1 Time(s)
A total of 3 sites probed the server
216.98.148.34
66.249.67.36
91.102.66.193
A total of 41 unidentified 'other' records logged
GET /turkif HTTP/1.0 with response code(s) 1 404 responses
GET /tweak HTTP/1.1 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/*checkout*/weo_theme/print.module?rev=1.19 HTTP/1.0 with response code(s) 1 200 responses
GET /jesteruk HTTP/1.1 with response code(s) 1 404 responses
GET /signup.cfm HTTP/1.1 with response code(s) 2 404 responses
GET /cgi-bin/viewcvs.cgi/beo_ng/mkarchivesize?rev=1.12&view=log HTTP/1.0 with response code(s) 1 200 responses
GET /jeff/yahoo.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /frymaster HTTP/1.1 with response code(s) 2 404 responses
GET /signup.cfm HTTP/1.0 with response code(s) 1 404 responses
GET /jeff/code/toggle_tablerows.cfm HTTP/1.1 with response code(s) 1 404 responses
HEAD /jeff/code/preload_n_rollover/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/dhtml_form_rollover/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/dhtml_form_rollover/index.cfm HTTP/1.0 with response code(s) 1 404 responses
GET /jeff/code/preload_n_rollover/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /dshadovi/traffic.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/dns/org.evolters?rev=1.7 HTTP/1.1 with response code(s) 1 200 responses
GET /winddancer HTTP/1.0 with response code(s) 1 404 responses
GET /dshadovi HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/navigator_object/index.cfm HTTP/1.0 with response code(s) 1 404 responses
GET /mantruc/blog HTTP/1.0 with response code(s) 3 404 responses
GET /garrett/site/books/factual HTTP/1.0 with response code(s) 1 404 responses
- with response code(s) 36 408 responses
GET /burhankhalid/raymond HTTP/1.0 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/dns/org.evolters?rev=1.7&r1=1.4&view=log HTTP/1.0 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/print.module HTTP/1.1 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/print.module?r1=1.11&r2=1.12 HTTP/1.0 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/print.module?rev=1.25&r1=1.17&view=log HTTP/1.0 with response code(s) 1 200 responses
GET /mantruc/blog HTTP/1.1 with response code(s) 2 404 responses
GET /jeff/code/js_url_variables/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /elfur HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/preload_n_rollover HTTP/1.1 with response code(s) 1 404 responses
GET /matthewo HTTP/1.1 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/*checkout*/weo_theme/user/register HTTP/1.0 with response code(s) 1 404 responses
GET /jeff/code/link_accessibility_usability.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/checkbox_check_all.cfm HTTP/1.1 with response code(s) 3 404 responses
GET /garrett/site/books/factual HTTP/1.1 with response code(s) 3 404 responses
GET /burhankhalid HTTP/1.0 with response code(s) 1 404 responses
GET /jswiders/]. HTTP/1.0 with response code(s) 1 404 responses
GET /jeff/code/capture_window/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /simonc/php/bookmarklet.phps HTTP/1.1 with response code(s) 1 404 responses
GET /turkif HTTP/1.1 with response code(s) 2 404 responses
A total of 12 ROBOTS were logged
Mozilla/5.0 (compatible; Ask Jeeves/Teoma; +http://about.ask.com/en/docs/about/webmasters.shtml) 3 time(s)
Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) 8 time(s)
WebAlta Crawler/2.0 (http://www.webalta.net/ru/about_webmaster.html) (Windows; U; Windows NT 5.1; ru-RU) 3 time(s)
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) 4 time(s)
Mozilla/5.0 (compatible; BecomeBot/3.0; +http://www.become.com/site_owners.html) 1 time(s)
Mozilla/2.0 (compatible; Ask Jeeves/Teoma) 1 time(s)
holmes/3.12 (OnetSzukaj/5.0; +http://szukaj.onet.pl) 1 time(s)
msnbot/1.0 (+http://search.msn.com/msnbot.htm) 10 time(s)
Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1) VoilaBot BETA 1.2 (http://www.voila.com/) 2 time(s)
msnbot-media/1.0 (+http://search.msn.com/msnbot.htm) 8 time(s)
Speedy Spider (http://www.entireweb.com/about/search_tech/speedy_spider/) 1 time(s)
WebImages 0.3 ( http://herbert.groot.jebbink.nl/?app=WebImages ) 1 time(s)
---------------------- httpd End -------------------------
--------------------- Kernel Begin ------------------------
6 Time(s): NET: 1 messages suppressed.
1 Time(s): NET: 10 messages suppressed.
2 Time(s): NET: 107 messages suppressed.
1 Time(s): NET: 11 messages suppressed.
1 Time(s): NET: 113 messages suppressed.
2 Time(s): NET: 12 messages suppressed.
1 Time(s): NET: 122 messages suppressed.
4 Time(s): NET: 13 messages suppressed.
1 Time(s): NET: 138 messages suppressed.
3 Time(s): NET: 14 messages suppressed.
2 Time(s): NET: 15 messages suppressed.
1 Time(s): NET: 16 messages suppressed.
1 Time(s): NET: 17 messages suppressed.
2 Time(s): NET: 18 messages suppressed.
3 Time(s): NET: 20 messages suppressed.
2 Time(s): NET: 21 messages suppressed.
1 Time(s): NET: 22 messages suppressed.
2 Time(s): NET: 23 messages suppressed.
2 Time(s): NET: 24 messages suppressed.
1 Time(s): NET: 25 messages suppressed.
1 Time(s): NET: 27 messages suppressed.
2 Time(s): NET: 28 messages suppressed.
3 Time(s): NET: 29 messages suppressed.
4 Time(s): NET: 3 messages suppressed.
1 Time(s): NET: 30 messages suppressed.
1 Time(s): NET: 31 messages suppressed.
2 Time(s): NET: 32 messages suppressed.
2 Time(s): NET: 33 messages suppressed.
4 Time(s): NET: 34 messages suppressed.
1 Time(s): NET: 35 messages suppressed.
1 Time(s): NET: 36 messages suppressed.
2 Time(s): NET: 37 messages suppressed.
5 Time(s): NET: 4 messages suppressed.
5 Time(s): NET: 41 messages suppressed.
3 Time(s): NET: 42 messages suppressed.
2 Time(s): NET: 44 messages suppressed.
2 Time(s): NET: 47 messages suppressed.
1 Time(s): NET: 48 messages suppressed.
2 Time(s): NET: 5 messages suppressed.
1 Time(s): NET: 50 messages suppressed.
4 Time(s): NET: 51 messages suppressed.
1 Time(s): NET: 54 messages suppressed.
2 Time(s): NET: 55 messages suppressed.
2 Time(s): NET: 57 messages suppressed.
2 Time(s): NET: 58 messages suppressed.
1 Time(s): NET: 59 messages suppressed.
1 Time(s): NET: 6 messages suppressed.
1 Time(s): NET: 60 messages suppressed.
1 Time(s): NET: 61 messages suppressed.
1 Time(s): NET: 62 messages suppressed.
2 Time(s): NET: 64 messages suppressed.
3 Time(s): NET: 65 messages suppressed.
1 Time(s): NET: 66 messages suppressed.
1 Time(s): NET: 67 messages suppressed.
1 Time(s): NET: 68 messages suppressed.
2 Time(s): NET: 7 messages suppressed.
2 Time(s): NET: 72 messages suppressed.
1 Time(s): NET: 74 messages suppressed.
1 Time(s): NET: 75 messages suppressed.
1 Time(s): NET: 76 messages suppressed.
2 Time(s): NET: 77 messages suppressed.
2 Time(s): NET: 78 messages suppressed.
1 Time(s): NET: 8 messages suppressed.
1 Time(s): NET: 84 messages suppressed.
1 Time(s): NET: 87 messages suppressed.
1 Time(s): NET: 89 messages suppressed.
3 Time(s): NET: 9 messages suppressed.
1 Time(s): TCP: drop open request from 12.0.16.70/1518
1 Time(s): TCP: drop open request from 12.166.216.35/37968
1 Time(s): TCP: drop open request from 12.36.148.29/55224
1 Time(s): TCP: drop open request from 12.36.148.29/55225
1 Time(s): TCP: drop open request from 125.24.133.212/2998
1 Time(s): TCP: drop open request from 128.121.64.140/4297
1 Time(s): TCP: drop open request from 128.125.137.209/46507
1 Time(s): TCP: drop open request from 128.163.132.83/35846
1 Time(s): TCP: drop open request from 129.170.16.122/34259
1 Time(s): TCP: drop open request from 129.44.43.102/57126
1 Time(s): TCP: drop open request from 130.149.4.15/37898
1 Time(s): TCP: drop open request from 133.125.1.18/46304
1 Time(s): TCP: drop open request from 133.27.4.128/9980
1 Time(s): TCP: drop open request from 133.30.231.200/60252
1 Time(s): TCP: drop open request from 134.174.120.81/1171
1 Time(s): TCP: drop open request from 134.174.120.81/3883
1 Time(s): TCP: drop open request from 136.142.251.58/12989
1 Time(s): TCP: drop open request from 136.142.251.59/19964
1 Time(s): TCP: drop open request from 142.12.4.50/2508
1 Time(s): TCP: drop open request from 143.239.1.39/43769
1 Time(s): TCP: drop open request from 150.101.196.238/40181
1 Time(s): TCP: drop open request from 151.9.89.227/45931
1 Time(s): TCP: drop open request from 151.9.89.227/45932
1 Time(s): TCP: drop open request from 151.9.89.227/45933
1 Time(s): TCP: drop open request from 153.45.86.17/34854
1 Time(s): TCP: drop open request from 153.48.25.141/3866
1 Time(s): TCP: drop open request from 155.210.1.53/36978
1 Time(s): TCP: drop open request from 161.58.230.108/2014
1 Time(s): TCP: drop open request from 167.219.4.36/43577
1 Time(s): TCP: drop open request from 190.68.18.168/14574
1 Time(s): TCP: drop open request from 192.44.63.135/6453
1 Time(s): TCP: drop open request from 192.89.123.25/59297
1 Time(s): TCP: drop open request from 194.109.24.123/54193
1 Time(s): TCP: drop open request from 194.109.24.218/1968
1 Time(s): TCP: drop open request from 194.134.0.168/65445
1 Time(s): TCP: drop open request from 194.149.72.85/59011
1 Time(s): TCP: drop open request from 194.9.94.3/4703
1 Time(s): TCP: drop open request from 194.9.94.3/4704
1 Time(s): TCP: drop open request from 195.154.194.237/59860
1 Time(s): TCP: drop open request from 195.234.43.23/50739
1 Time(s): TCP: drop open request from 195.241.79.168/54181
1 Time(s): TCP: drop open request from 195.62.11.139/35324
1 Time(s): TCP: drop open request from 195.68.86.12/36715
1 Time(s): TCP: drop open request from 198.63.211.179/37594
1 Time(s): TCP: drop open request from 199.237.251.8/3291
1 Time(s): TCP: drop open request from 200.117.250.39/52575
1 Time(s): TCP: drop open request from 200.69.26.21/46340
1 Time(s): TCP: drop open request from 201.114.202.226/2852
1 Time(s): TCP: drop open request from 202.174.49.10/41574
1 Time(s): TCP: drop open request from 202.181.200.100/41059
1 Time(s): TCP: drop open request from 202.181.243.196/15743
1 Time(s): TCP: drop open request from 202.221.130.162/50211
1 Time(s): TCP: drop open request from 202.231.201.14/54164
1 Time(s): TCP: drop open request from 202.248.141.13/62815
1 Time(s): TCP: drop open request from 202.51.14.117/60829
1 Time(s): TCP: drop open request from 202.60.66.204/45541
1 Time(s): TCP: drop open request from 202.82.38.137/42910
1 Time(s): TCP: drop open request from 203.100.241.66/56709
1 Time(s): TCP: drop open request from 203.110.162.74/6724
1 Time(s): TCP: drop open request from 203.140.81.23/54254
1 Time(s): TCP: drop open request from 203.161.126.21/58865
1 Time(s): TCP: drop open request from 204.101.24.113/50717
1 Time(s): TCP: drop open request from 204.152.11.3/39513
1 Time(s): TCP: drop open request from 204.254.203.59/9223
1 Time(s): TCP: drop open request from 205.179.6.210/5675
1 Time(s): TCP: drop open request from 206.171.125.242/33680
1 Time(s): TCP: drop open request from 207.115.36.44/55996
1 Time(s): TCP: drop open request from 207.155.249.116/35020
1 Time(s): TCP: drop open request from 207.155.249.96/65094
1 Time(s): TCP: drop open request from 207.58.245.154/3285
1 Time(s): TCP: drop open request from 207.97.245.115/50326
1 Time(s): TCP: drop open request from 208.22.58.97/44056
1 Time(s): TCP: drop open request from 209.144.64.3/1441
1 Time(s): TCP: drop open request from 209.191.89.171/40735
1 Time(s): TCP: drop open request from 209.200.27.134/58960
1 Time(s): TCP: drop open request from 209.85.64.169/37370
1 Time(s): TCP: drop open request from 210.133.99.56/53096
1 Time(s): TCP: drop open request from 210.147.8.10/46107
1 Time(s): TCP: drop open request from 210.147.8.13/46449
1 Time(s): TCP: drop open request from 210.147.8.15/40154
1 Time(s): TCP: drop open request from 210.147.8.6/45505
1 Time(s): TCP: drop open request from 210.171.169.140/50257
1 Time(s): TCP: drop open request from 210.238.15.176/37311
1 Time(s): TCP: drop open request from 211.115.80.48/44388
1 Time(s): TCP: drop open request from 211.233.59.7/56647
1 Time(s): TCP: drop open request from 211.49.224.58/44410
1 Time(s): TCP: drop open request from 211.5.210.232/23167
1 Time(s): TCP: drop open request from 211.9.212.11/1471
1 Time(s): TCP: drop open request from 211.9.33.6/41109
1 Time(s): TCP: drop open request from 212.23.51.91/53848
1 Time(s): TCP: drop open request from 212.67.64.6/36752
1 Time(s): TCP: drop open request from 212.74.176.17/37471
1 Time(s): TCP: drop open request from 212.79.253.34/36015
1 Time(s): TCP: drop open request from 212.83.193.25/59022
1 Time(s): TCP: drop open request from 212.88.128.19/55148
1 Time(s): TCP: drop open request from 212.90.199.48/2136
1 Time(s): TCP: drop open request from 213.171.216.117/49621
1 Time(s): TCP: drop open request from 213.203.33.157/1608
1 Time(s): TCP: drop open request from 213.240.181.80/38210
1 Time(s): TCP: drop open request from 213.42.197.55/26847
1 Time(s): TCP: drop open request from 216.180.95.4/60175
1 Time(s): TCP: drop open request from 216.193.201.225/39643
1 Time(s): TCP: drop open request from 216.216.208.12/4825
1 Time(s): TCP: drop open request from 216.218.195.242/2439
1 Time(s): TCP: drop open request from 216.56.25.196/3315
1 Time(s): TCP: drop open request from 216.82.160.221/51841
1 Time(s): TCP: drop open request from 216.84.132.38/37795
1 Time(s): TCP: drop open request from 216.94.60.131/47455
1 Time(s): TCP: drop open request from 216.94.60.131/47456
1 Time(s): TCP: drop open request from 216.94.60.131/47457
1 Time(s): TCP: drop open request from 216.99.193.139/42877
1 Time(s): TCP: drop open request from 217.15.38.198/50905
1 Time(s): TCP: drop open request from 217.19.226.135/58627
1 Time(s): TCP: drop open request from 217.197.244.229/2065
1 Time(s): TCP: drop open request from 217.26.49.142/65044
1 Time(s): TCP: drop open request from 217.33.129.226/25107
1 Time(s): TCP: drop open request from 217.71.121.15/48677
1 Time(s): TCP: drop open request from 217.71.208.169/35275
1 Time(s): TCP: drop open request from 217.97.135.170/43946
1 Time(s): TCP: drop open request from 218.228.19.8/1195
1 Time(s): TCP: drop open request from 218.38.12.226/38293
1 Time(s): TCP: drop open request from 219.163.116.226/4701
1 Time(s): TCP: drop open request from 220.156.141.192/38585
1 Time(s): TCP: drop open request from 222.123.22.181/18263
1 Time(s): TCP: drop open request from 222.146.51.126/44886
1 Time(s): TCP: drop open request from 222.146.51.187/44156
1 Time(s): TCP: drop open request from 222.231.3.17/52584
1 Time(s): TCP: drop open request from 24.115.201.13/17996
1 Time(s): TCP: drop open request from 58.10.128.145/4717
1 Time(s): TCP: drop open request from 61.8.15.162/36117
1 Time(s): TCP: drop open request from 62.108.229.87/1702
1 Time(s): TCP: drop open request from 62.176.155.100/49234
1 Time(s): TCP: drop open request from 62.193.203.44/4890
1 Time(s): TCP: drop open request from 63.174.244.5/57151
1 Time(s): TCP: drop open request from 63.226.138.11/60156
1 Time(s): TCP: drop open request from 63.249.18.13/56407
1 Time(s): TCP: drop open request from 63.79.12.167/26081
1 Time(s): TCP: drop open request from 64.201.37.201/48873
1 Time(s): TCP: drop open request from 64.233.184.246/5074
1 Time(s): TCP: drop open request from 64.233.184.248/5020
1 Time(s): TCP: drop open request from 64.240.184.9/16997
1 Time(s): TCP: drop open request from 64.38.13.162/45980
1 Time(s): TCP: drop open request from 64.38.3.234/45561
1 Time(s): TCP: drop open request from 64.40.109.72/2654
1 Time(s): TCP: drop open request from 64.89.196.189/32918
1 Time(s): TCP: drop open request from 65.162.166.52/37531
1 Time(s): TCP: drop open request from 65.67.43.188/58582
1 Time(s): TCP: drop open request from 65.88.53.14/3587
1 Time(s): TCP: drop open request from 65.88.53.28/1800
1 Time(s): TCP: drop open request from 65.88.55.140/3319
1 Time(s): TCP: drop open request from 66.113.136.247/51585
1 Time(s): TCP: drop open request from 66.128.53.14/52630
1 Time(s): TCP: drop open request from 66.14.128.188/12864
1 Time(s): TCP: drop open request from 66.152.241.147/4681
1 Time(s): TCP: drop open request from 66.18.160.29/61054
1 Time(s): TCP: drop open request from 66.192.94.45/2360
1 Time(s): TCP: drop open request from 66.203.173.173/52639
1 Time(s): TCP: drop open request from 66.246.72.46/33687
1 Time(s): TCP: drop open request from 66.7.197.229/51508
1 Time(s): TCP: drop open request from 66.80.15.196/40285
1 Time(s): TCP: drop open request from 67.103.18.252/59656
1 Time(s): TCP: drop open request from 67.19.48.116/1273
1 Time(s): TCP: drop open request from 67.19.48.116/3126
1 Time(s): TCP: drop open request from 67.77.46.239/35019
1 Time(s): TCP: drop open request from 68.146.16.249/36390
1 Time(s): TCP: drop open request from 68.178.97.94/6005
1 Time(s): TCP: drop open request from 69.10.154.244/47654
1 Time(s): TCP: drop open request from 69.11.180.66/2602
1 Time(s): TCP: drop open request from 69.128.54.38/45415
1 Time(s): TCP: drop open request from 69.19.196.63/48213
1 Time(s): TCP: drop open request from 69.42.89.20/2207
1 Time(s): TCP: drop open request from 69.56.221.2/60288
1 Time(s): TCP: drop open request from 69.72.244.34/55341
1 Time(s): TCP: drop open request from 69.94.56.101/3858
1 Time(s): TCP: drop open request from 70.132.163.138/29887
1 Time(s): TCP: drop open request from 70.89.174.17/50285
1 Time(s): TCP: drop open request from 71.41.55.194/3072
1 Time(s): TCP: drop open request from 72.19.208.158/60276
1 Time(s): TCP: drop open request from 72.21.37.42/60034
1 Time(s): TCP: drop open request from 74.208.67.94/50249
1 Time(s): TCP: drop open request from 74.41.43.102/33672
1 Time(s): TCP: drop open request from 74.92.232.158/8006
1 Time(s): TCP: drop open request from 75.5.16.229/15945
1 Time(s): TCP: drop open request from 76.249.54.6/53726
1 Time(s): TCP: drop open request from 77.42.88.29/3077
1 Time(s): TCP: drop open request from 78.83.225.32/31675
1 Time(s): TCP: drop open request from 80.121.145.85/52797
1 Time(s): TCP: drop open request from 80.177.112.125/9726
1 Time(s): TCP: drop open request from 80.188.113.76/41075
1 Time(s): TCP: drop open request from 80.246.106.3/2918
1 Time(s): TCP: drop open request from 80.246.106.3/2919
1 Time(s): TCP: drop open request from 80.254.188.156/28044
1 Time(s): TCP: drop open request from 80.66.211.211/47003
1 Time(s): TCP: drop open request from 80.67.29.31/36729
1 Time(s): TCP: drop open request from 80.67.29.31/36730
1 Time(s): TCP: drop open request from 80.82.132.246/34893
1 Time(s): TCP: drop open request from 80.85.160.4/56942
1 Time(s): TCP: drop open request from 81.246.5.132/24329
1 Time(s): TCP: drop open request from 81.7.200.81/24321
1 Time(s): TCP: drop open request from 83.103.101.4/10497
1 Time(s): TCP: drop open request from 83.133.111.131/47699
1 Time(s): TCP: drop open request from 84.17.63.10/33135
1 Time(s): TCP: drop open request from 85.12.149.11/46917
1 Time(s): TCP: drop open request from 85.34.162.187/1300
1 Time(s): TCP: drop open request from 85.92.67.121/54048
1 Time(s): TCP: drop open request from 85.92.84.204/34125
1 Time(s): TCP: drop open request from 87.102.31.75/35686
1 Time(s): TCP: drop open request from 89.228.146.70/1370
1 Time(s): UDP: short packet: 12.96.160.115:53 123/107 to 67.19.100.194:33467
1 Time(s): UDP: short packet: 12.96.160.115:53 146/130 to 67.19.100.194:64715
1 Time(s): UDP: short packet: 12.96.160.115:53 177/161 to 67.19.100.194:34171
1 Time(s): UDP: short packet: 12.96.160.115:53 177/161 to 67.19.100.194:35668
1 Time(s): UDP: short packet: 12.96.160.115:53 179/163 to 67.19.100.194:64715
1 Time(s): UDP: short packet: 12.96.160.115:53 183/167 to 67.19.100.194:64715
1 Time(s): UDP: short packet: 12.96.160.115:53 209/193 to 67.19.100.194:49555
1 Time(s): UDP: short packet: 12.96.160.115:53 212/196 to 67.19.100.194:59824
1 Time(s): UDP: short packet: 12.96.160.115:53 213/197 to 67.19.100.194:34592
1 Time(s): UDP: short packet: 12.96.160.115:53 213/197 to 67.19.100.194:40912
1 Time(s): UDP: short packet: 12.96.160.115:53 213/197 to 67.19.100.194:46607
1 Time(s): UDP: short packet: 12.96.160.115:53 213/197 to 67.19.100.194:49544
1 Time(s): UDP: short packet: 12.96.160.115:53 213/197 to 67.19.100.194:60126
1 Time(s): UDP: short packet: 12.96.160.115:53 249/233 to 67.19.100.194:64715
1 Time(s): UDP: short packet: 12.96.160.115:53 286/270 to 67.19.100.194:36264
1 Time(s): UDP: short packet: 12.96.160.115:53 308/292 to 67.19.100.194:38627
1 Time(s): UDP: short packet: 12.96.160.115:53 308/292 to 67.19.100.194:57211
1 Time(s): UDP: short packet: 12.96.160.115:53 309/293 to 67.19.100.194:39382
1 Time(s): UDP: short packet: 12.96.160.115:53 411/395 to 67.19.100.194:36684
1 Time(s): UDP: short packet: 12.96.160.115:53 446/430 to 67.19.100.194:52816
1 Time(s): UDP: short packet: 12.96.160.115:53 502/486 to 67.19.100.194:39428
1 Time(s): UDP: short packet: 12.96.160.115:53 62/46 to 67.19.100.194:58556
1 Time(s): device eth0 entered promiscuous mode
1 Time(s): device eth0 left promiscuous mode
3 Time(s): sending pkt_too_big (len[1500] pmtu[1496]) to self
---------------------- Kernel End -------------------------
--------------------- pam_unix Begin ------------------------
cron:
Sessions Opened:
dkaufman: 1440 Time(s)
root: 462 Time(s)
mailman: 316 Time(s)
www-data: 144 Time(s)
dmah: 2 Time(s)
su:
Sessions Opened:
(uid=0) -> nobody: 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
**Unmatched Entries**
perl: gethostby*.getanswer: asked for "67.13.152.198.in-addr.arpa IN PTR", got type "39"
perl: gethostby*.getanswer: asked for "2.70.152.198.in-addr.arpa IN PTR", got type "39"
---------------------- Connections (secure-log) End -------------------------
--------------------- sendmail Begin ------------------------
ERROR: Could not open /etc/mail/local-host-names
ERROR: Could not open /etc/mail/access
Message Size Distribution:
Range # Msgs KBytes
0 - 10k 0 0
10k - 20k 0 0
20k - 50k 0 0
50k - 100k 0 0
100k - 500k 0 0
500k - 1Mb 0 0
1Mb - 2Mb 0 0
2Mb - 5Mb 0 0
5Mb - 10Mb 0 0
10Mb+ 0 0
----------------------------------
TOTAL 0 0
---------------------- sendmail End -------------------------
--------------------- SSHD Begin ------------------------
Didn't receive an ident from these IPs:
dsl-245-111-100.telkomadsl.co.za (41.245.111.100): 1 Time(s)
Failed logins from these:
alias/password from 41.245.111.100: 1 Time(s)
office/password from 41.245.111.100: 1 Time(s)
recruit/password from 41.245.111.100: 1 Time(s)
sales/password from 41.245.111.100: 1 Time(s)
samba/password from 41.245.111.100: 1 Time(s)
staff/password from 41.245.111.100: 1 Time(s)
tomcat/password from 41.245.111.100: 1 Time(s)
Illegal users from these:
alias/password from 41.245.111.100: 1 Time(s)
office/none from 41.245.111.100: 1 Time(s)
office/password from 41.245.111.100: 1 Time(s)
recruit/none from 41.245.111.100: 1 Time(s)
recruit/password from 41.245.111.100: 1 Time(s)
sales/none from 41.245.111.100: 1 Time(s)
sales/password from 41.245.111.100: 1 Time(s)
samba/none from 41.245.111.100: 1 Time(s)
samba/password from 41.245.111.100: 1 Time(s)
staff/none from 41.245.111.100: 1 Time(s)
staff/password from 41.245.111.100: 1 Time(s)
tomcat/none from 41.245.111.100: 1 Time(s)
tomcat/password from 41.245.111.100: 1 Time(s)
User login attempt failed because:
shell /sbin/nologin does not exist:
alias : 1 Time(s)
**Unmatched Entries**
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
---------------------- SSHD End -------------------------
--------------------- Syslogd Begin ------------------------
Syslogd started 1 Time(s)
---------------------- Syslogd End -------------------------
--------------------- vpopmail Begin ------------------------
No Such User Found:
ho85492 at bigpond.net.au - 1 Time(s)
---------------------- vpopmail End -------------------------
------------------ Disk Space --------------------
/dev/hda3 72G 25G 44G 36% /
/dev/hda1 92M 6.3M 81M 8% /boot
###################### LogWatch End #########################
More information about the Sysadmin
mailing list