[Sysadmin] LogWatch for tempest
root
root at tempest.evolt.org
Sun Jan 20 06:25:47 CST 2008
################### LogWatch 5.2.2 (06/23/04) ####################
Processing Initiated: Sun Jan 20 06:25:12 2008
Date Range Processed: yesterday
Detail Level of Output: 10
Logfiles for Host: tempest
################################################################
--------------------- Cron Begin ------------------------
Commands Run:
User dkaufman:
/bin/date > $HOME/date.txt: 1440 Time(s)
User dmah:
/home/dmah/bin/article_reminder.pl: 1 Time(s)
/home/dmah/bin/comment_reminder.pl: 1 Time(s)
User mailman:
/home/mailman/bin/discardbysubj.pl: 24 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/checkdbs: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/disabled: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/gate_news: 288 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/nightly_gzip: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/senddigests: 1 Time(s)
User root:
run-parts --report /etc/cron.hourly: 24 Time(s)
[ -d /var/lib/php4 ] && find /var/lib/php4/ -type f -cmin +$(/usr/lib/php4/maxlifetime) -print0 | xargs -r -0 rm: 48 Time(s)
/store/host/browsers.evolt.org/mkarchivesize: 1 Time(s)
/usr/bin/freshclam --quiet -l /var/log/clam-update.log: 1 Time(s)
/usr/local/bin/planetupdate 1>/dev/null 2>&1: 24 Time(s)
/usr/sbin/ntpdate -su us.pool.ntp.org us.pool.ntp.org: 1 Time(s)
/var/qmail/bin/qmailstats 1>/dev/null 2>/dev/null: 1 Time(s)
if [ -x /usr/bin/vnstat ] && [ `ls /var/lib/vnstat/ | wc -l` -ge 1 ]; then /usr/bin/vnstat -u; fi: 288 Time(s)
test -x /usr/sbin/anacron || run-parts --report /etc/cron.daily: 1 Time(s)
test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt: 1 Time(s)
wget -O - -q http://evolt.org/cron.php: 72 Time(s)
User www-data:
[ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.conf -a -r /var/log/apache/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=awstats -update >/dev/null: 144 Time(s)
---------------------- Cron End -------------------------
--------------------- EXIM Begin ------------------------
--- Messages history ---
28 messages delivered immediately to 28 total recipients
---------------------- EXIM End -------------------------
--------------------- httpd Begin ------------------------
1.25 MB transfered in 525 responses (1xx 0, 2xx 120, 3xx 10, 4xx 395, 5xx 0)
49 Images (0.01 MB),
8 Documents (0.00 MB),
2 Archives (0.01 MB),
326 Content pages (0.88 MB),
31 Program source files (0.22 MB),
2 mod_proxy connection attempts (0.00 MB),
107 Other (0.12 MB)
Connection attempts using mod_proxy:
208.254.109.248 -> http://lti-mail01.ltinetworks.com:25 : 1 Time(s)
66.17.4.162 -> http://lti-mail01.ltinetworks.com:25 : 1 Time(s)
A total of 56 unidentified 'other' records logged
GET /turkif HTTP/1.0 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/6alt_rating05.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/6alt_rating06.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /jeff/code/js_url_variables/index.cfm?foo=bar&far=boo&cfid=1235908&cftoken=14598715 HTTP/1.1 with response code(s) 2 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/6alt_rating07.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /tos.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /signup.cfm HTTP/1.1 with response code(s) 3 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/6alt_rating03.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/6alt_rating04.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /shaggy/javascript/create_slideshow HTTP/1.0 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/6alt_rating02.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /jeff/code/table_cell_rollover.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /jswiders HTTP/1.1 with response code(s) 1 404 responses
GET /signup.cfm HTTP/1.0 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_html/evoltorg.psd?rev=1.1&content-type=text/vnd.viewcvs-markup HTTP/1.0 with response code(s) 1 200 responses
GET /tweak HTTP/1.0 with response code(s) 1 404 responses
GET /jeff/code/dhtml_form_rollover/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1 with response code(s) 6 400 responses
GET /dshadovi/cf_two_selects.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/6alt_rating11.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /jeff/code/dhtml_form_rollover/index.cfm HTTP/1.0 with response code(s) 2 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/bluecube.gif?rev=1.5 HTTP/1.1 with response code(s) 1 200 responses
HEAD /jeff/code/rank_select.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/js_url_variables/index.cfm?foo=bar&far=bo HTTP/1.1 with response code(s) 1 404 responses
GET /marlene/DC2000 HTTP/1.0 with response code(s) 1 404 responses
GET /signup.cfm%C2%A0%C2%A0 HTTP/1.1 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/6alt_rating12.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /index.cfm?menu=8&cid=389&catid=25 HTTP/1.0 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/nostar.gif?rev=1.3 HTTP/1.1 with response code(s) 1 200 responses
GET /rudy HTTP/1.1 with response code(s) 1 404 responses
GET /dshadovi/cf_columnlist/cf_columnlist_example.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/rank_select.cfm HTTP/1.0 with response code(s) 1 404 responses
GET /mantruc/blog HTTP/1.0 with response code(s) 4 404 responses
GET /burhankhalid/raymond HTTP/1.0 with response code(s) 1 404 responses
- with response code(s) 32 408 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/star.gif?rev=1.3 HTTP/1.1 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/redcube.gif?rev=1.5 HTTP/1.1 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/evoltorg.gif?rev=1.3 HTTP/1.1 with response code(s) 1 200 responses
GET /jeff/code/preload_n_rollover HTTP/1.1 with response code(s) 5 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/6alt_rating10.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /dshadovi/MM_resources.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /Making_clean_URLs_with_Apache_and_PHP?from=50&...%3C/span%3E%20%20-%20%3Cem%3E84k%3C/em%3E%20%20-%20%3Ca%20href=%22http:/216.109.125.130/search/cache?ei=UTF-8&p=index.php%3Fvar2%3D&u=evolt.org/Making_clean_URLs_with_Apache_and_PHP%3Ffrom%3D50%26comments_per_page%3D50&w=index+php+var2&d=Q7F2HrXiQH4k&icp=1&.intl=us%22%3ECached%3C/a%3E%20%3C/div%3E%3C/li%3E%3Cli%3E%3Cdiv%20class=%22res%22%3E%3Cdiv%3E%3Ch3%3E%3Ca%20class=yschttl%20href=%22http:/www.msfn.org/board/index.php?act=ST&f=70&t=21521%22%20%3ENew%20tool!%20Run%20multiple%20programs%20from%20winnt.sif%20-%20MSFN%20Forums%3C/a%3E%3C/h3%3E%3C/div%3E%3Cdiv%20class=abstr%3EPlease%20see%20this%20post:%20http:/www.msfn.org/board/index.php?showto...drivers+devpath%20...%20log:/log%20/var:var1=value1:/var%20/var:var2=value2:/var%20/testingmode:1%20/logging:1%22%20...%3C/div%3E%20%3Cspan%20class=url%3Ewww.msfn.org/board/index.php?act=ST&f=70&t=21521%3C/span%3E%20%20-%20%3Cem%3E166k%3C/em%3E%20%20-%20%3Ca%20href=%22http:/216.109.125.130/search/cache?ei=UTF-8&p=index.php%3Fvar2%3D&u=www.msfn.org/board/index.php%3Fact%3DST%26f%3D70%26t%3D21521&w=index+php+var2&d=Xw7azbXiQCOx&icp=1&.intl=us%22%3ECached%3C/a%3E%20%3C/div%3E%3C/li%3E%3Cli%3E%3Cdiv%20class=%22res%22%3E%3Cdiv%3E%3Ch3%3E%3Ca%20class=yschttl%20href=%22http:/www.noxforum.net/index.php?topic=2496.0%22%20%3EScripting:%20How%20to%20Make%20things%20Move!%3C/a%3E%3C/h3%3E%3C/div%3E%3Cdiv%20class=abstr%3ENox%20Download:%20See%20http:/www.noxforum.net/index.php?topic=3160%20for%20details.%2052337%20Posts%20in%203112%20Topics%20by%201873%20Members%20-%20Latest%20...%20var2[1]%20var3[1]%20var4[1]%20...%3C/div%3E%20%3Cspan%20class=url%3Ewww.noxforum.net/index.php?topic=2496.0%3C/span%3E%20%20-%20%3Cem%3E46k%3C/em%3E%20%20-%20%3Ca%20href=%22http:/216.109.125.130/search/cache?ei=UTF-8&p=index.php%3Fvar2%3D&u=www.noxforum.net/index.php%3Ftopic%3D2496.0&w=index+php+var2&d=BAsunrXiQIOr&icp=1&.intl=us%22%3ECached%3C/a%3E%20%3C/div%3E%3C/li%3E%3Cli%3E%3Cdiv%20class=%22res%22%3E%3Cdiv%3E%3Ch3%3E%3Ca%20class=yschttl%20href=%22http:/www.solarisinternals.com/wiki/index.php/FileBench_Workload_Language%22%20%3EFileBench%20Workload%20Language%20-%20Siwiki%3C/a%3E%3C/h3%3E%3C/div%3E%3Cdiv%20class=abstr%3E...%20stats%20[clear%7Csnap]%20stats%20command%20%22shell%20command%20$var1,$var2...%20from%20%22http:/www.solarisinternals.com/wiki/index.php/FileBench_Workload_Language%22%20...%3C/div%3E%20%3Cspan%20class=url%3Ewww.solarisinternals.com/wiki/index.php/FileBench_Workload_Language%3C/span%3E%20%20-%20%3Cem%3E106k%3C/em%3E%20%20-%20%3Ca%20href=%22http:/216.109.125.130/search/cache?ei=UTF-8&p=index.php%3Fvar2%3D&u=www.solarisinternals.com/wiki/index.php/FileBench_Workload_Language&w=index+php+var2&d=dpezG7XiQHkp&icp=1&.intl=us%22%3ECached%3C/a%3E%20%3C/div%3E%3C/li%3E%3Cli%3E%3Cdiv%20class=%22res%22%3E%3Cdiv%3E%3Ch3%3E%3Ca%20class=yschttl%20href=%22http:/www.phpmyvisites.net/forums/index.php/t/1768/0/%22%20%3EForums%20phpMyVisites%20en%20fran%E7ais:%20VERSION%201%20International%20support%20...%3C/a%3E%3C/h3%3E%3C/div%3E%3Cdiv%20class=abstr%3E...%20page%20'page.php?var1=foo&var2=toto'%20will%20become%20'page.php'%20in%20your%20...%20limit%20in%20safe%20mode%20in%20/home/christiaan/mydomain.com/stats/index.php%20on%20line%2020%20...%3C/div%3E%20%3Cspan%20class=url%3Ewww.phpmyvisites.net/forums/index.php/t/1768/0%3C/span%3E%20%20-%20%3Cem%3E25k%3C/em%3E%20%20-%20%3Ca%20href=%22http:/216.109.125.130/search/cache?ei=UTF-8&p=index.php%3Fvar2%3D&u=www.phpmyvisites.net/forums/index.php/t/1768/0/&w=index+php+var2&d=YhFzmrXiQHYx&icp=1&.intl=us%22%3ECached%3C/a%3E%20%3C/div%3E%3C/li%3E%3Cli%3E%3Cdiv%20class=%22res%22%3E%3Cdiv%3E%3Ch3%3E%3Ca%20class=yschttl%20href=%22http:/php.oregonstate.edu/manual/en/ref.curl.php%22%20%3EPHP:%20CURL%20-%20Manual%3C/a%3E%3C/h3%3E%3C/div%3E%3Cdiv%20class=abstr%3EPHP%20supports%20libcurl,%20a%20library%20created%20by%20Daniel%20Stenberg,%20that%20allows%20you%20to%20...%20CURL%20PHP%20Forum%20(http:/curl.phptrack.com/forum/index.php)%20help%20a%20lot%20for%20...%3C/div%3E%20%3Cspan%20class=url%3Ephp.oregonstate.edu/manual/en/ref.curl.php%3C/span%3E%20%20-%20%3Cem%3E180k%3C/em%3E%20%20-%20%3Ca%20href=%22http:/216.109.125.130/search/cache?ei=UTF-8&p=index.php%3Fvar2%3D&u=php.oregonstate.edu/manual/en/ref.curl.php&w=index+php+var2&d=QWATaLXiQIoT&icp=1&.intl=us%22%3ECached%3C/a%3E%20%3C/div%3E%3C/li%3E%3Cli%3E%3Cdiv%20class=%22res%22%3E%3Cdiv%3E%3Ch3%3E%3Ca%20class=yschttl%20href=%22http:/www.expertrating.com/courseware/PHPcourse/PHP-Functions-5.asp%22%20%3EExpertrating%20-%20PHP%20Tutorial,%20Functions%3C/a%3E%3C/h3%3E%3C/div%3E%3Cdiv%20class=abstr%3E...%20offers%20one%20the%20internet's%20most%20popular%20Free%20PHP%20Tutorials.%20...%20PHP%20Tutorial%20-%20Index.%20PHP%20Tutorial%20-%20Introduction%20to%20PHP.%20PHP%20Tutorial%20-%20Your%20First%20PHP%20Script%20...%3C/div%3E%20%3Cspan%20class=url%3Ewww.expertrating.com/courseware/PHPcourse/PHP-Functions-5.asp%3C/span%3E%20%20-%20%3Cem%3E37k%3C/em%3E%20%20-%20%3Ca%20href=%22http:/216.109.125.130/search/cache?ei=UTF-8&p=index.php%3Fvar2%3D&u=www.expertrating.com/courseware/PHPcourse/PHP-Functions-5.asp&w=index+php+var2&d=X8aFcbXiQIgQ&icp=1&.intl=us%22%3ECached%3C/a%3E%20%3C/div%3E%3C/li%3E%3Cli%3E%3Cdiv%20class=%22res%22%3E%3Cdiv%3E%3Ch3%3E%3Ca%20class=yschttl%20href=%22http:/www.softpanorama.org/Malware/Malicious_web/Bulletin/web_zombies_bulletin070623.shtml%22%20%3EZombies%20bulletin%3C/a%3E%3C/h3%3E%3C/div%3E%3Cdiv%20class=abstr%3E...%20Scripting/%3Cwbr%20/directory/index.php?mode=http:/www.ireo86.com%20...%20[23/Jun/2007:13:46:17%20-0700]%20%22GET%20/index.php?var2=http:/80.201.236.78/~pat/evilx?%20...%3C/div%3E%20%3Cspan%20class=url%3Esoftpanorama.org/Malware/.../Bulletin/web_zombies_bulletin070623.shtml%3C/span%3E%20%20-%20%3Cem%3E66k%3C/em%3E%20%20-%20%3Ca%20href=%22http:/216.109.125.130/search/cache?ei=UTF-8&p=index.php%3Fvar2%3D&u=www.softpanorama.org/Malware/Malicious_web/Bulletin/web_zombies_bulletin070623.shtml&w=index+php+var2&d=edHDl7XiQHr1&icp=1&.intl=us%22%3ECached%3C/a%3E%20%3C/div%3E%3C/li%3E%3Cli%3E%3Cdiv%20class=%22res%22%3E%3Cdiv%3E%3Ch3%3E%3Ca%20class=yschttl%20href=%22http:/www.hitech.com.au/support/faqs.php%22%20%3EHI-TECH%20Software%20Frequently%20Asked%20Questions%3C/a%3E%3C/h3%3E%3C/div%3E%3Cdiv%20class=abstr%3EHI-TECH%20Software%20FAQs%20...%20HI-TECH%20C%20PRO%20for%20the%20PIC32%20MCU%20Family.%20HI-TECH%20C%20PRO%20for%20the%20PIC10/12/16%20MCU%20Family%20...%20HI-TECH%20C%20PRO%20for%20the%20PSoC%20Mixed-Signal%20...%3C/div%3E%20%3Cspan%20class=url%3Ewww.hitech.com.au/support/faqs.php%3C/span%3E%20%20-%20%3Cem%3E160k%3C/em%3E%20%20-%20%3Ca%20href=%22http:/216.109.125.130/search/cache?ei=UTF-8&p=index.php%3Fvar2%3D&u=www.hitech.com.au/support/faqs.php&w=index+php+var2&d=JUsRLrXiQI6q&icp=1&.intl=us%22%3ECached%3C/a%3E%20%3C/div%3E%3C/li%3E%3Cli%3E%3Cdiv%20class=%22res%22%3E%3Cdiv%3E%3Ch3%3E%3Ca%20class=yschttl%20href=%22http:/www.zend.com/code/codex.php?id=375&single=1%22%20%3EZend%20Technologies%20-%20Code%20Galleryredirect%20function%3C/a%3E%3C/h3%3E%3C/div%3E%3Cdiv%20class=abstr%3Eredirect%20will%20result%20in%20/page.php?var1=12&var2=15$var3=78%20...%20pass_val[$index];%20$index++;%20header(%22Location:%20%22.%20$page_path%20.%22?%22%20.%20$values%20)%20...%3C/div%3E%20%3Cspan%20class=url%3Ewww.zend.com/code/codex.php?id=375&single=1%3C/span%3E%20%20-%20%3Cem%3E33k%3C/em%3E%20%20-%20%3Ca%20href=%22http:/216.109.125.130/search/cache?ei=UTF-8&p=index.php%3Fvar2%3D&u=www.zend.com/code/codex.php%3Fid%3D375%26single%3D1&w=index+php+var2&d=N_5ZH7XiQIiD&icp=1&.intl=us%22%3ECached%3C/a%3E%20%3C/div%3E%3C/li%3E%3C/ol%3E%3C/div%3E%3C/div%3E%3Cdiv%20id=%22pg%22%3E%3Ca%20id=%22pg-prev%22%20class=%22pg%22%20href=%22http:/search.yahoo.com/search?p=index.php%3Fvar2%3D&xargs=0&pstart=1&b=121%22%3E%3Cspan%3E<%3C/span%3E%20Prev%3C/a%3E%20%3Ca%20class=%22pg%22%20href=%22http:/search.yahoo.com/search?p=index.php%3Fvar2%3D&xargs=0&pstart=1&b=81%22%20title=%22Results%2081%20-%2090%22%3E9%3C/a%3E%20%3Ca%20class=%22pg%22%20href=%22http:/search.yahoo.com/search?p=index.php%3Fvar2%3D&xargs=0&pstart=1&b=91%22%20title=%22Results%2091%20-%20100%22%3E10%3C/ with response code(s) 4 414 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/6alt_rating09.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /jeff/code/user_defined_colors.cfm HTTP/1.0 with response code(s) 1 404 responses
GET /arijit HTTP/1.1 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/print.module?rev=1.10&view=markup HTTP/1.0 with response code(s) 1 200 responses
GET /djc HTTP/1.1 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/goldcube.gif?rev=1.9 HTTP/1.1 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/6alt_rating08.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/workcube.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /garrett/site/books/factual HTTP/1.1 with response code(s) 2 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/greencube.gif?rev=1.5 HTTP/1.1 with response code(s) 1 200 responses
GET /lindsay/nav HTTP/1.0 with response code(s) 1 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/6alt_rating01.gif?rev=1.2 HTTP/1.1 with response code(s) 1 200 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/screenshot.png?rev=1.3 HTTP/1.1 with response code(s) 1 200 responses
GET /turkif HTTP/1.1 with response code(s) 1 404 responses
A total of 11 ROBOTS were logged
Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) 3 time(s)
WebAlta Crawler/2.0 (http://www.webalta.net/ru/about_webmaster.html) (Windows; U; Windows NT 5.1; ru-RU) 4 time(s)
Mozilla/5.0 (compatible; heritrix/1.12.0 +http://seekda.com) 1 time(s)
Mozilla/5.0 (compatible; BecomeBot/3.0; +http://www.become.com/site_owners.html) 1 time(s)
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) 3 time(s)
Mozilla/2.0 (compatible; Ask Jeeves/Teoma) 1 time(s)
msnbot/1.0 (+http://search.msn.com/msnbot.htm) 10 time(s)
Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html) 1 time(s)
msnbot-media/1.0 (+http://search.msn.com/msnbot.htm) 7 time(s)
larbin_2.6.3 (larbin2.6.3 at unspecified.mail) 1 time(s)
Speedy Spider (http://www.entireweb.com/about/search_tech/speedy_spider/) 1 time(s)
---------------------- httpd End -------------------------
--------------------- Kernel Begin ------------------------
2 Time(s): NET: 1 messages suppressed.
2 Time(s): NET: 10 messages suppressed.
2 Time(s): NET: 11 messages suppressed.
3 Time(s): NET: 12 messages suppressed.
2 Time(s): NET: 13 messages suppressed.
1 Time(s): NET: 15 messages suppressed.
2 Time(s): NET: 17 messages suppressed.
2 Time(s): NET: 18 messages suppressed.
2 Time(s): NET: 19 messages suppressed.
1 Time(s): NET: 2 messages suppressed.
1 Time(s): NET: 20 messages suppressed.
1 Time(s): NET: 22 messages suppressed.
2 Time(s): NET: 23 messages suppressed.
1 Time(s): NET: 25 messages suppressed.
1 Time(s): NET: 26 messages suppressed.
3 Time(s): NET: 27 messages suppressed.
2 Time(s): NET: 28 messages suppressed.
1 Time(s): NET: 29 messages suppressed.
1 Time(s): NET: 31 messages suppressed.
2 Time(s): NET: 32 messages suppressed.
1 Time(s): NET: 33 messages suppressed.
1 Time(s): NET: 35 messages suppressed.
2 Time(s): NET: 37 messages suppressed.
1 Time(s): NET: 38 messages suppressed.
1 Time(s): NET: 4 messages suppressed.
1 Time(s): NET: 43 messages suppressed.
1 Time(s): NET: 45 messages suppressed.
3 Time(s): NET: 49 messages suppressed.
1 Time(s): NET: 5 messages suppressed.
1 Time(s): NET: 54 messages suppressed.
1 Time(s): NET: 55 messages suppressed.
1 Time(s): NET: 57 messages suppressed.
2 Time(s): NET: 6 messages suppressed.
1 Time(s): NET: 61 messages suppressed.
2 Time(s): NET: 67 messages suppressed.
2 Time(s): NET: 7 messages suppressed.
1 Time(s): NET: 72 messages suppressed.
1 Time(s): NET: 77 messages suppressed.
1 Time(s): NET: 82 messages suppressed.
1 Time(s): NET: 86 messages suppressed.
1 Time(s): NET: 9 messages suppressed.
1 Time(s): NET: 98 messages suppressed.
1 Time(s): TCP: drop open request from 12.173.117.98/64816
1 Time(s): TCP: drop open request from 124.34.5.99/33615
1 Time(s): TCP: drop open request from 128.100.132.43/50269
1 Time(s): TCP: drop open request from 134.114.96.39/57042
1 Time(s): TCP: drop open request from 135.196.68.32/32991
1 Time(s): TCP: drop open request from 143.90.14.75/57717
1 Time(s): TCP: drop open request from 157.205.253.195/50301
1 Time(s): TCP: drop open request from 165.76.8.42/36849
1 Time(s): TCP: drop open request from 166.70.122.99/33718
1 Time(s): TCP: drop open request from 193.109.232.225/50253
1 Time(s): TCP: drop open request from 193.194.138.163/37202
1 Time(s): TCP: drop open request from 193.252.22.157/21161
1 Time(s): TCP: drop open request from 193.252.23.21/60259
1 Time(s): TCP: drop open request from 193.254.184.229/44639
1 Time(s): TCP: drop open request from 194.151.226.98/26224
1 Time(s): TCP: drop open request from 194.171.167.220/34785
1 Time(s): TCP: drop open request from 194.242.61.19/60084
1 Time(s): TCP: drop open request from 194.83.243.6/59200
1 Time(s): TCP: drop open request from 195.227.241.1/49619
1 Time(s): TCP: drop open request from 195.243.151.74/52083
1 Time(s): TCP: drop open request from 195.8.232.221/40291
1 Time(s): TCP: drop open request from 195.8.80.20/44708
1 Time(s): TCP: drop open request from 195.95.168.200/8263
1 Time(s): TCP: drop open request from 201.224.86.98/19867
1 Time(s): TCP: drop open request from 202.45.164.59/40748
1 Time(s): TCP: drop open request from 203.174.69.163/33188
1 Time(s): TCP: drop open request from 203.190.60.202/44067
1 Time(s): TCP: drop open request from 204.62.236.25/1815
1 Time(s): TCP: drop open request from 205.147.247.183/4223
1 Time(s): TCP: drop open request from 207.154.75.222/8231
1 Time(s): TCP: drop open request from 207.5.128.131/58045
1 Time(s): TCP: drop open request from 207.58.159.134/1920
1 Time(s): TCP: drop open request from 209.68.1.176/55951
1 Time(s): TCP: drop open request from 209.80.45.3/59997
1 Time(s): TCP: drop open request from 210.138.145.113/35741
1 Time(s): TCP: drop open request from 210.150.29.230/46196
1 Time(s): TCP: drop open request from 210.193.145.27/43676
1 Time(s): TCP: drop open request from 211.0.149.130/2823
1 Time(s): TCP: drop open request from 211.12.22.131/48443
1 Time(s): TCP: drop open request from 211.12.22.131/48444
1 Time(s): TCP: drop open request from 211.9.33.6/57180
1 Time(s): TCP: drop open request from 212.177.170.118/58335
1 Time(s): TCP: drop open request from 212.227.15.26/49500
1 Time(s): TCP: drop open request from 212.27.35.141/50155
1 Time(s): TCP: drop open request from 213.191.73.26/43710
1 Time(s): TCP: drop open request from 213.191.73.26/43712
1 Time(s): TCP: drop open request from 213.191.73.26/43745
1 Time(s): TCP: drop open request from 213.194.149.215/47074
1 Time(s): TCP: drop open request from 213.79.40.176/30802
1 Time(s): TCP: drop open request from 213.94.209.178/2898
1 Time(s): TCP: drop open request from 216.126.201.71/37060
1 Time(s): TCP: drop open request from 216.23.168.198/57397
1 Time(s): TCP: drop open request from 217.147.87.115/35781
1 Time(s): TCP: drop open request from 219.166.242.106/4556
1 Time(s): TCP: drop open request from 220.152.32.167/44075
1 Time(s): TCP: drop open request from 222.15.69.197/15337
1 Time(s): TCP: drop open request from 222.231.3.17/54718
1 Time(s): TCP: drop open request from 222.231.3.18/63520
1 Time(s): TCP: drop open request from 24.123.64.49/36722
1 Time(s): TCP: drop open request from 24.28.204.22/41885
1 Time(s): TCP: drop open request from 62.157.157.66/59368
1 Time(s): TCP: drop open request from 62.168.11.174/35074
1 Time(s): TCP: drop open request from 62.189.58.14/35432
1 Time(s): TCP: drop open request from 62.4.16.106/61587
1 Time(s): TCP: drop open request from 64.233.184.240/2072
1 Time(s): TCP: drop open request from 64.246.18.22/51668
1 Time(s): TCP: drop open request from 64.53.34.98/53831
1 Time(s): TCP: drop open request from 65.124.59.137/4054
1 Time(s): TCP: drop open request from 65.36.215.101/53787
1 Time(s): TCP: drop open request from 65.83.4.162/19816
1 Time(s): TCP: drop open request from 66.103.20.103/47524
1 Time(s): TCP: drop open request from 66.220.1.29/59231
1 Time(s): TCP: drop open request from 66.244.250.104/58223
1 Time(s): TCP: drop open request from 66.98.198.98/53189
1 Time(s): TCP: drop open request from 67.110.181.99/50604
1 Time(s): TCP: drop open request from 69.129.66.242/35836
1 Time(s): TCP: drop open request from 69.20.11.92/54621
1 Time(s): TCP: drop open request from 69.93.190.50/33555
1 Time(s): TCP: drop open request from 71.42.114.62/22006
1 Time(s): TCP: drop open request from 72.3.243.237/56330
1 Time(s): TCP: drop open request from 74.41.18.50/29328
1 Time(s): TCP: drop open request from 74.52.237.82/59372
1 Time(s): TCP: drop open request from 74.8.102.30/26037
1 Time(s): TCP: drop open request from 74.94.208.141/1149
1 Time(s): TCP: drop open request from 80.65.232.115/46275
1 Time(s): TCP: drop open request from 80.94.35.224/39234
1 Time(s): TCP: drop open request from 81.169.176.15/51727
1 Time(s): TCP: drop open request from 82.92.88.92/57184
1 Time(s): TCP: drop open request from 83.235.174.230/25644
1 Time(s): TCP: drop open request from 84.220.84.105/2367
1 Time(s): TCP: drop open request from 84.59.237.223/4299
1 Time(s): TCP: drop open request from 85.43.125.74/23849
1 Time(s): TCP: drop open request from 89.84.2.134/58517
1 Time(s): UDP: bad checksum. From 12.96.160.108:53 to 67.19.100.194:29573 ulen 167
1 Time(s): UDP: short packet: 12.96.160.115:53 178/162 to 67.19.100.194:64715
1 Time(s): UDP: short packet: 12.96.160.115:53 215/199 to 67.19.100.194:64715
1 Time(s): UDP: short packet: 12.96.160.115:53 219/203 to 67.19.100.194:64715
1 Time(s): UDP: short packet: 12.96.160.115:53 222/206 to 67.19.100.194:49725
1 Time(s): UDP: short packet: 12.96.160.115:53 241/225 to 67.19.100.194:15093
1 Time(s): UDP: short packet: 12.96.160.115:53 244/228 to 67.19.100.194:64715
1 Time(s): UDP: short packet: 12.96.160.115:53 316/300 to 67.19.100.194:34602
1 Time(s): UDP: short packet: 12.96.160.115:53 54/38 to 67.19.100.194:51425
1 Time(s): device eth0 entered promiscuous mode
1 Time(s): device eth0 left promiscuous mode
---------------------- Kernel End -------------------------
--------------------- pam_unix Begin ------------------------
cron:
Sessions Opened:
dkaufman: 1440 Time(s)
root: 462 Time(s)
mailman: 316 Time(s)
www-data: 144 Time(s)
dmah: 2 Time(s)
sshd:
Authentication Failures:
root (host-148-117-2-96.midco.net): 242 Time(s)
unknown (host-148-117-2-96.midco.net): 4 Time(s)
Invalid Users:
Unknown Account: 4 Time(s)
su:
Sessions Opened:
(uid=0) -> nobody: 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- sendmail Begin ------------------------
ERROR: Could not open /etc/mail/local-host-names
ERROR: Could not open /etc/mail/access
Message Size Distribution:
Range # Msgs KBytes
0 - 10k 0 0
10k - 20k 0 0
20k - 50k 0 0
50k - 100k 0 0
100k - 500k 0 0
500k - 1Mb 0 0
1Mb - 2Mb 0 0
2Mb - 5Mb 0 0
5Mb - 10Mb 0 0
10Mb+ 0 0
----------------------------------
TOTAL 0 0
---------------------- sendmail End -------------------------
--------------------- SSHD Begin ------------------------
Couldn't resolve these IPs:
static-ip-55-15-148-203.anlai.com: 23 Time(s)
Didn't receive an ident from these IPs:
200-161-89-34.dsl.telesp.net.br (200.161.89.34): 5 Time(s)
203.38.49.139: 5 Time(s)
211.210.38.22: 5 Time(s)
static-ip-55-15-148-203.anlai.com (203.148.15.55): 5 Time(s)
Failed logins from these:
admin/password from 203.148.15.55: 10 Time(s)
amber/keyboard-interactive/pam from 96.2.117.148: 1 Time(s)
andrew/password from 211.210.38.22: 1 Time(s)
apple/password from 200.161.89.34: 4 Time(s)
apple/password from 211.210.38.22: 1 Time(s)
brian/password from 211.210.38.22: 1 Time(s)
eaguilar/password from 203.38.49.139: 5 Time(s)
erin/keyboard-interactive/pam from 96.2.117.148: 1 Time(s)
magazine/password from 200.161.89.34: 1 Time(s)
magazine/password from 211.210.38.22: 1 Time(s)
newsroom/password from 211.210.38.22: 1 Time(s)
root/password from 200.161.89.34: 13 Time(s)
root/password from 203.148.15.55: 10 Time(s)
root/password from 211.210.38.22: 6 Time(s)
stud/password from 203.148.15.55: 3 Time(s)
tracy/keyboard-interactive/pam from 96.2.117.148: 1 Time(s)
vivian/keyboard-interactive/pam from 96.2.117.148: 1 Time(s)
Illegal users from these:
admin/none from 203.148.15.55: 10 Time(s)
admin/password from 203.148.15.55: 10 Time(s)
amber/keyboard-interactive/pam from 96.2.117.148: 1 Time(s)
amber/none from 96.2.117.148: 1 Time(s)
andrew/none from 211.210.38.22: 1 Time(s)
andrew/password from 211.210.38.22: 1 Time(s)
apple/none from 200.161.89.34: 4 Time(s)
apple/none from 211.210.38.22: 1 Time(s)
apple/password from 200.161.89.34: 4 Time(s)
apple/password from 211.210.38.22: 1 Time(s)
brian/none from 211.210.38.22: 1 Time(s)
brian/password from 211.210.38.22: 1 Time(s)
eaguilar/none from 203.38.49.139: 5 Time(s)
eaguilar/password from 203.38.49.139: 5 Time(s)
erin/keyboard-interactive/pam from 96.2.117.148: 1 Time(s)
erin/none from 96.2.117.148: 1 Time(s)
magazine/none from 200.161.89.34: 1 Time(s)
magazine/none from 211.210.38.22: 1 Time(s)
magazine/password from 200.161.89.34: 1 Time(s)
magazine/password from 211.210.38.22: 1 Time(s)
newsroom/none from 211.210.38.22: 1 Time(s)
newsroom/password from 211.210.38.22: 1 Time(s)
stud/none from 203.148.15.55: 3 Time(s)
stud/password from 203.148.15.55: 3 Time(s)
tracy/keyboard-interactive/pam from 96.2.117.148: 1 Time(s)
tracy/none from 96.2.117.148: 1 Time(s)
vivian/keyboard-interactive/pam from 96.2.117.148: 1 Time(s)
vivian/none from 96.2.117.148: 1 Time(s)
Error in PAM authentication:
Authentication failure for root from host-148-117-2-96.midco.net : 242 Time(s)
User not known to the underlying authentication module for illegal user amber from host-148-117-2-96.midco.net : 1 Time(s)
User not known to the underlying authentication module for illegal user erin from host-148-117-2-96.midco.net : 1 Time(s)
User not known to the underlying authentication module for illegal user tracy from host-148-117-2-96.midco.net : 1 Time(s)
User not known to the underlying authentication module for illegal user vivian from host-148-117-2-96.midco.net : 1 Time(s)
**Unmatched Entries**
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
---------------------- SSHD End -------------------------
--------------------- Syslogd Begin ------------------------
Syslogd started 1 Time(s)
---------------------- Syslogd End -------------------------
--------------------- vpopmail Begin ------------------------
No Such User Found:
@vendormail.prime-vendor.com - 1 Time(s)
username@ - 1 Time(s)
---------------------- vpopmail End -------------------------
------------------ Disk Space --------------------
/dev/hda3 72G 25G 44G 36% /
/dev/hda1 92M 6.3M 81M 8% /boot
###################### LogWatch End #########################
More information about the Sysadmin
mailing list