[Sysadmin] LogWatch for tempest
root
root at tempest.evolt.org
Wed Oct 7 06:25:29 CDT 2009
################### LogWatch 5.2.2 (06/23/04) ####################
Processing Initiated: Wed Oct 7 06:25:14 2009
Date Range Processed: yesterday
Detail Level of Output: 10
Logfiles for Host: tempest
################################################################
--------------------- Cron Begin ------------------------
Commands Run:
User dmah:
/home/dmah/bin/article_reminder.pl: 1 Time(s)
/home/dmah/bin/comment_reminder.pl: 1 Time(s)
User mailman:
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/checkdbs: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/disabled: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/gate_news: 288 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/nightly_gzip: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/senddigests: 1 Time(s)
User neuro:
~neuro/beo/oldbeo/mkarchivesize >/dev/null 2>&1: 1 Time(s)
User root:
run-parts --report /etc/cron.hourly: 24 Time(s)
[ -d /var/lib/php4 ] && find /var/lib/php4/ -type f -cmin +$(/usr/lib/php4/maxlifetime) -print0 | xargs -r -0 rm: 48 Time(s)
/store/host/browsers.evolt.org/mkarchivesize: 1 Time(s)
/usr/bin/freshclam --quiet -l /var/log/clam-update.log: 1 Time(s)
/usr/sbin/ntpdate -su us.pool.ntp.org us.pool.ntp.org: 1 Time(s)
/var/qmail/bin/qmailstats 1>/dev/null 2>/dev/null: 1 Time(s)
if [ -x /usr/bin/vnstat ] && [ `ls /var/lib/vnstat/ | wc -l` -ge 1 ]; then /usr/bin/vnstat -u; fi: 288 Time(s)
test -x /usr/sbin/anacron || run-parts --report /etc/cron.daily: 1 Time(s)
test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt: 1 Time(s)
User www-data:
[ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.conf -a -r /var/log/apache/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=awstats -update >/dev/null: 144 Time(s)
---------------------- Cron End -------------------------
--------------------- EXIM Begin ------------------------
--- Messages history ---
-MsgID: 1Mv9ht-0001am-00:
2009-10-06 08:09:57 <= root at tempest.evolt.org U=root P=local S=902
2009-10-06 08:13:08 lists.evolt.org [67.19.100.195]: Connection timed out
2009-10-06 08:13:08 == root at lists.evolt.org <root at tempest.evolt.org> T=local_smtp defer (110): Connection timed out
2009-10-06 08:13:08 failed to open DB file /var/spool/exim/db/retry: File exists
2 messages delivered immediately to 2 total recipients
---------------------- EXIM End -------------------------
--------------------- httpd Begin ------------------------
0.10 MB transfered in 660 responses (1xx 0, 2xx 3, 3xx 278, 4xx 379, 5xx 0)
32 Images (0.01 MB),
7 Documents (0.00 MB),
2 Archives (0.00 MB),
1 Movies files (0.00 MB),
455 Content pages (0.05 MB),
163 Other (0.04 MB)
Attempts to use 1 known hacks were logged 7 time(s)
phpmyadmin by
195.69.226.71 6 time(s)
208.115.111.245 1 time(s)
A total of 2 sites probed the server
195.69.226.71
208.115.111.245
A total of 61 unidentified 'other' records logged
GET /cgi-bin/viewcvs.cgi/weo_theme/atom03.gif?rev=1.1&hideattic=0&sortby=date&view=auto HTTP/1.0 with response code(s) 1 404 responses
GET /signup.cfm;\"?action=viewpro&uid=207752?authorid=207752?op=NewMedia HTTP/1.0 with response code(s) 3 404 responses
GET /signup.cfm;\"?club=3&groupid=111:10024&messageid=347106\")\" HTTP/1.0 with response code(s) 3 404 responses
GET /php_login_script_with_remember_me_feature#comment-67600 HTTP/1.1 with response code(s) 3 404 responses
GET /djc/stdio/index.cfm/daddy/show/mommy/40 HTTP/1.1 with response code(s) 1 404 responses
GET /signup.cfm;\"?club=3&groupid=111:10024&messageid=347106\")\"?op=NewMedia HTTP/1.0 with response code(s) 3 404 responses
GET /signup.cfm;\"?action=viewpro&uid=207752?authorid=207752 HTTP/1.0 with response code(s) 3 404 responses
GET /mccreath/potatosalad/archives/~amnsnow.mpe HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/chmod.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /signup.cfm HTTP/1.1 with response code(s) 5 404 responses
GET /cgi-bin/viewcvs.cgi/beo_ng/beodl/Attic/mirrors-withdeouk.csv?hideattic=0&sortby=author&sortdir=down&view=graph HTTP/1.0 with response code(s) 1 404 responses
GET /signup.cfm;\"?club=3&groupid=111:10024&messageid=347106\")\"?authorid=207752 HTTP/1.0 with response code(s) 3 404 responses
GET /signup.cfm;\"?action=viewpro&uid=207752?op=NewMedia HTTP/1.0 with response code(s) 3 404 responses
GET /jswiders HTTP/1.1 with response code(s) 2 404 responses
GET /signup.cfm HTTP/1.0 with response code(s) 3 404 responses
GET /signup.cfm;\"?club=3&groupid=111:10024&messageid=347106\")\"?club=3&groupid=111:10024&messageid=347106\")\"?club=3&groupid=111:10024&messageid=347106\")\" HTTP/1.0 with response code(s) 3 404 responses
GET //node/28241 HTTP/1.1 with response code(s) 3 404 responses
GET /winddancer HTTP/1.1 with response code(s) 1 404 responses
GET /mwarden HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/dhtml_form_rollover/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1 with response code(s) 14 400 responses
GET /w00tw00t.at.ISC.SANS.test0:) HTTP/1.1 with response code(s) 3 400 responses
GET /php_login_script_with_remember_me_feature#comment-67601 HTTP/1.1 with response code(s) 3 404 responses
GET /signup.cfm;\"?action=viewpro&uid=207752 HTTP/1.0 with response code(s) 3 404 responses
GET /signup.cfm;\"?authorid=207752?action=viewpro&uid=207752 HTTP/1.0 with response code(s) 3 404 responses
GET /signup.cfm;\" HTTP/1.0 with response code(s) 3 404 responses
GET /signup.cfm;\"?authorid=207752?op=NewMedia HTTP/1.0 with response code(s) 3 404 responses
GET /dshadovi/traffic.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /PHP-Login-System-with-Admin-Features#comment-67575 HTTP/1.1 with response code(s) 3 404 responses
GET /signup.cfm;\"?club=3&groupid=111:10024&messageid=347106\")\"?club=3&groupid=111:10024&messageid=347106\")\" HTTP/1.0 with response code(s) 3 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/Attic/red-cube.png?rev=1.3&hideattic=0&sortby=date&view=auto HTTP/1.0 with response code(s) 1 404 responses
GET /greg/weblog HTTP/1.1 with response code(s) 1 404 responses
GET /signup.cfm;\"?authorid=207752?authorid=207752?op=NewMedia HTTP/1.0 with response code(s) 3 404 responses
GET /cgi-bin/viewcvs.cgi/weo_theme/Attic/green-cube.gif?hideattic=0&sortby=date&view=graph HTTP/1.0 with response code(s) 1 404 responses
GET /signup.cfm;\"?authorid=207752?op=NewMedia?op=NewMedia HTTP/1.0 with response code(s) 3 404 responses
GET /jeff/code/preload_n_rollover HTTP/1.0 with response code(s) 1 404 responses
OPTIONS * HTTP/1.0 with response code(s) 3 200 responses
GET /PHP-Login-System-with-Admin-Features#comment-67588 HTTP/1.1 with response code(s) 3 404 responses
- with response code(s) 18 408 responses
GET /signup.cfm;\"?action=viewpro&uid=207752?action=viewpro&uid=207752 HTTP/1.0 with response code(s) 3 404 responses
GET /signup.cfm;\"?authorid=207752?authorid=207752 HTTP/1.0 with response code(s) 3 404 responses
GET /signup.cfm;\"?club=3&groupid=111:10024&messageid=347106\")\"?op=NewMedia?op=NewMedia HTTP/1.0 with response code(s) 3 404 responses
GET /mantruc/blog HTTP/1.1 with response code(s) 2 404 responses
GET /jeff/code/calendar/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/js_url_variables/index.cfm HTTP/1.1 with response code(s) 2 404 responses
GET /jeff/code/form_to_window/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /burhankhalid HTTP/1.1 with response code(s) 1 404 responses
GET /elfur HTTP/1.1 with response code(s) 1 404 responses
GET /mwarden/weblog HTTP/1.1 with response code(s) 2 404 responses
GET /dshadovi/MM_resources.cfm HTTP/1.1 with response code(s) 2 404 responses
GET /PHP-Login-System-with-Admin-Features#comment-67611 HTTP/1.1 with response code(s) 3 404 responses
GET /matthewo HTTP/1.1 with response code(s) 1 404 responses
GET //node/60265 HTTP/1.1 with response code(s) 3 404 responses
GET /isaac/photos/index.cfm?currentnum=46 HTTP/1.0 with response code(s) 1 404 responses
GET /isaac/photos/index.cfm?currentnum=46 HTTP/1.1 with response code(s) 1 404 responses
GET /signup.cfm;\"?authorid=207752?authorid=207752?authorid=207752 HTTP/1.0 with response code(s) 3 404 responses
GET /jeff/code/checkbox_check_all.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /signup.cfm;\"?authorid=207752 HTTP/1.0 with response code(s) 3 404 responses
GET /garrett/site/books/factual HTTP/1.1 with response code(s) 2 404 responses
GET /turkif HTTP/1.1 with response code(s) 1 404 responses
GET /node/60180 with response code(s) 5 404 responses
A total of 13 ROBOTS were logged
Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) 2 time(s)
DoCoMo/2.0 N905i(c100;TB;W24H16) (compatible; Googlebot-Mobile/2.1; +http://www.google.com/bot.html) 1 time(s)
Qseero v1.0.0 1 time(s)
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) 2 time(s)
Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1) VoilaBot BETA 1.2 (support.voilabot at orange-ftgroup.com) 1 time(s)
Mozilla/5.0 (compatible; KaloogaBot; http://www.kalooga.com/info.html?page=crawler) 2 time(s)
Mozilla/5.0 (compatible; DotBot/1.1; http://www.dotnetdotcom.org/, crawler at dotnetdotcom.org) 9 time(s)
Mozilla/4.0 1 time(s)
msnbot/2.0b (+http://search.msn.com/msnbot.htm) 55 time(s)
Speedy Spider (http://www.entireweb.com/about/search_tech/speedy_spider/) 1 time(s)
msnbot/1.1 (+http://search.msn.com/msnbot.htm) 3 time(s)
Mozilla/5.0 (Twiceler-0.9 http://www.cuil.com/twiceler/robot.html) 4 time(s)
Baiduspider+(+http://www.baidu.com/search/spider.htm) 1 time(s)
---------------------- httpd End -------------------------
--------------------- Kernel Begin ------------------------
1 Time(s): device eth0 entered promiscuous mode
1 Time(s): device eth0 left promiscuous mode
---------------------- Kernel End -------------------------
--------------------- pam_unix Begin ------------------------
cron:
Sessions Opened:
root: 366 Time(s)
mailman: 292 Time(s)
www-data: 144 Time(s)
dmah: 2 Time(s)
neuro: 1 Time(s)
sshd:
Authentication Failures:
root (www.ropsa.com.mx): 34 Time(s)
root (s15290850.onlinehome-server.info): 28 Time(s)
root (www.pbs-hosting.net): 24 Time(s)
root (116.10.195.5): 22 Time(s)
root (200.187.175.38): 20 Time(s)
root (212.45.26.229): 20 Time(s)
root (58.60.106.119): 20 Time(s)
root (222.211.93.81): 18 Time(s)
root (58.60.106.199): 18 Time(s)
root (82.207.106.77): 18 Time(s)
root (cbl212-235-9-35.bb.netvision.net.il): 18 Time(s)
root (cbl212-235-9-44.bb.netvision.net.il): 18 Time(s)
root (static-71-242-245-111.phlapa.east.verizon.net): 18 Time(s)
root (82.76.170.45): 17 Time(s)
root (190.146.69.104): 16 Time(s)
root (200.21.104.66): 16 Time(s)
root (202.100.98.13): 16 Time(s)
root (218.248.69.185): 16 Time(s)
root (219.143.161.64): 16 Time(s)
root (222.210.17.151): 16 Time(s)
root (61.131.208.44): 16 Time(s)
root (academia.gda.itesm.mx): 16 Time(s)
root (rl80.1blu.de): 16 Time(s)
root (218.248.66.185): 15 Time(s)
root (121.157.1.238): 14 Time(s)
root (190.146.68.247): 14 Time(s)
root (218.30.57.219): 14 Time(s)
root (59.53.51.178): 14 Time(s)
root (60.170.80.198): 14 Time(s)
root (83.229.48.146): 14 Time(s)
root (84-55-112-13.customers.ownit.se): 14 Time(s)
root (189-112-076-005.static.ctbctelecom.com.br): 12 Time(s)
root (202.100.241.61): 12 Time(s)
root (211.154.254.120): 12 Time(s)
root (218.246.127.104): 12 Time(s)
root (218.249.3.139): 12 Time(s)
root (219.148.203.3): 12 Time(s)
root (59.37.75.11): 12 Time(s)
root (bcl02861.empresas.ya.com): 12 Time(s)
root (mailserver.embchile.org.br): 12 Time(s)
root (122.160.184.171): 10 Time(s)
root (122.224.128.197): 10 Time(s)
root (195.242.89.99): 10 Time(s)
root (200.102.77.173): 10 Time(s)
root (200.119.14.242): 10 Time(s)
root (200.146.104.143.static.gvt.net.br): 10 Time(s)
root (202.109.10.204): 10 Time(s)
root (203.197.128.198): 10 Time(s)
root (218.249.195.165): 10 Time(s)
root (222.128.48.222): 10 Time(s)
root (58.254.200.60): 10 Time(s)
root (69.198.73.82): 10 Time(s)
root (70-91-124-193-michigan.hfc.comcastbusiness.net): 10 Time(s)
root (83-65-166-74.work.xdsl-line.inode.at): 10 Time(s)
root (89-96-140-154.ip12.fastwebnet.it): 10 Time(s)
root (host190-58-static.54-88-b.business.telecomitalia.it): 10 Time(s)
root (host5.200-45-251.telecom.net.ar): 10 Time(s)
root (mail.tidestar.net): 10 Time(s)
root (211.99.146.43): 9 Time(s)
root (ip-213-135-245-254.static.luxdsl.pt.lu): 9 Time(s)
root (mail.webcash.co.kr): 9 Time(s)
root (121.200.67.50): 8 Time(s)
root (122.205.6.21): 8 Time(s)
root (189.26.115.174): 8 Time(s)
root (194.224.118.61): 8 Time(s)
root (200.49.168.86): 8 Time(s)
root (201.red-80-32-236.staticip.rima-tde.net): 8 Time(s)
root (202.111.157.52): 8 Time(s)
root (203.141.150.153.static.zoot.jp): 8 Time(s)
root (203.169.195.31): 8 Time(s)
root (203.197.128.205): 8 Time(s)
root (207.47.36.57.static.nextweb.net): 8 Time(s)
root (211.227.67.205): 8 Time(s)
root (217.147.21.166): 8 Time(s)
root (218.65.103.253): 8 Time(s)
root (220.165.9.233): 8 Time(s)
root (220.194.48.231): 8 Time(s)
root (238.191.195-77.rev.gaoland.net): 8 Time(s)
root (242.red-80-24-81.staticip.rima-tde.net): 8 Time(s)
root (58.26.82.165): 8 Time(s)
root (61.166.150.245): 8 Time(s)
root (adsl-99-63-133-121.dsl.lsan03.sbcglobal.net): 8 Time(s)
root (gve82.internetdsl.tpnet.pl): 8 Time(s)
root (host178-84-static.58-217-b.business.telecomitalia.it): 8 Time(s)
root (ipe-iptva03.man.newskies.net): 8 Time(s)
root (lacteos.freskaleche.com.co): 8 Time(s)
root (mail.dahmerpower.com): 8 Time(s)
root (p54a71a35.dip0.t-ipconnect.de): 8 Time(s)
root (201.64.234.10): 7 Time(s)
root (p4fda2ebe.dip0.t-ipconnect.de): 7 Time(s)
root (12.152.56.50): 6 Time(s)
root (124.232.131.156): 6 Time(s)
root (187.0.197.67): 6 Time(s)
root (200.162.9.91): 6 Time(s)
root (200.21.228.80): 6 Time(s)
root (200.241.61.130): 6 Time(s)
root (200.51.40.154): 6 Time(s)
root (200.93.164.53): 6 Time(s)
root (201-26-144-186.dial-up.telesp.net.br): 6 Time(s)
root (201-26-172-213.dial-up.telesp.net.br): 6 Time(s)
root (201-34-136-18.jvece701.t.brasiltelecom.net.br): 6 Time(s)
root (203.141.159.25.static.zoot.jp): 6 Time(s)
root (213.215.191.170): 6 Time(s)
root (217.113.78.55): 6 Time(s)
root (218.65.103.254): 6 Time(s)
root (222.252.28.112): 6 Time(s)
root (222.73.231.88): 6 Time(s)
root (225-102-207-82.ip.ukrtel.net): 6 Time(s)
root (41.250.251.67): 6 Time(s)
root (59.40.185.208): 6 Time(s)
root (61.158.154.11): 6 Time(s)
root (75-149-192-2-illinois.hfc.comcastbusiness.net): 6 Time(s)
root (83.red-80-38-111.staticip.rima-tde.net): 6 Time(s)
root (87-194-180-28.bethere.co.uk): 6 Time(s)
root (akq2.internetdsl.tpnet.pl): 6 Time(s)
root (bul138.internetdsl.tpnet.pl): 6 Time(s)
root (dyz82.internetdsl.tpnet.pl): 6 Time(s)
root (fnttkyo001003.tkyo.fnt.ngn.ppp.infoweb.ne.jp): 6 Time(s)
root (host186-20-static.5-79-b.business.telecomitalia.it): 6 Time(s)
root (p54a720ae.dip0.t-ipconnect.de): 6 Time(s)
root (shiftconsult-s0-1-2-acc01.bru.embratel.net.br): 6 Time(s)
root (ipe-iptva02.man.newskies.net): 5 Time(s)
root (179.26-246-81.adsl-static.isp.belgacom.be): 4 Time(s)
root (188-193-80-46-dynip.superkabel.de): 4 Time(s)
root (189.73.172.5): 4 Time(s)
root (190.188.233.225): 4 Time(s)
root (190.25.132.95): 4 Time(s)
root (196.211.112.186): 4 Time(s)
root (196.211.154.74): 4 Time(s)
root (200.11.197.122): 4 Time(s)
root (201-26-169-3.dial-up.telesp.net.br): 4 Time(s)
root (210.48.67.75): 4 Time(s)
root (212.81.215.74): 4 Time(s)
root (212.92.194.5): 4 Time(s)
root (218.248.79.251): 4 Time(s)
root (219.134.65.39): 4 Time(s)
root (220.194.66.56): 4 Time(s)
root (41.222.209.65): 4 Time(s)
root (58.233.219.99): 4 Time(s)
root (59.37.75.17): 4 Time(s)
root (60-240-249-92.tpgi.com.au): 4 Time(s)
root (60.red-213-97-79.staticip.rima-tde.net): 4 Time(s)
root (61.235.143.134): 4 Time(s)
root (7.231.60.213.static.mundo-r.com): 4 Time(s)
root (70.54.247.51): 4 Time(s)
root (72.54.20.41): 4 Time(s)
root (74-93-92-173-illinois.hfc.comcastbusiness.net): 4 Time(s)
root (80.244.113.11): 4 Time(s)
root (83.132.104.248): 4 Time(s)
root (85.185.74.218): 4 Time(s)
root (99-2-106-147.lightspeed.tukrga.sbcglobal.net): 4 Time(s)
root (adsl-69-213-134-19.dsl.chcgil.ameritech.net): 4 Time(s)
root (dsl-200-67-184-101.prod-empresarial.com.mx): 4 Time(s)
root (dzu194.internetdsl.tpnet.pl): 4 Time(s)
root (hagen.kdb.hr): 4 Time(s)
root (host11-174-static.29-79-b.business.telecomitalia.it): 4 Time(s)
root (mail.copycat.co.tz): 4 Time(s)
root (rrcs-74-218-172-158.midsouth.biz.rr.com): 4 Time(s)
root (222.211.88.108): 3 Time(s)
root (79.red-80-38-190.staticip.rima-tde.net): 3 Time(s)
root (80.51.31.84): 3 Time(s)
root (110.253-244-81.adsl-static.isp.belgacom.be): 2 Time(s)
root (119-210-96-87.cust.blixtvik.se): 2 Time(s)
root (120.195.80.139): 2 Time(s)
root (121.139.193.125): 2 Time(s)
root (154.red-217-125-104.staticip.rima-tde.net): 2 Time(s)
root (190.210.29.149): 2 Time(s)
root (190.24.210.198): 2 Time(s)
root (190.41.166.113): 2 Time(s)
root (196.218.47.219): 2 Time(s)
root (200.111.188.178): 2 Time(s)
root (200.123.174.145): 2 Time(s)
root (200.41.65.4): 2 Time(s)
root (201.82.225.140): 2 Time(s)
root (202.78.239.203): 2 Time(s)
root (202.97.0.76): 2 Time(s)
root (209.203.36.67): 2 Time(s)
root (220.194.201.208): 2 Time(s)
root (59.108.85.26): 2 Time(s)
root (59.162.166.210): 2 Time(s)
root (61.172.200.198): 2 Time(s)
root (64-51-76-14.client.dsl.net): 2 Time(s)
root (66.165.162.246): 2 Time(s)
root (78.38.243.135): 2 Time(s)
root (81.24.80.245): 2 Time(s)
root (87.226.171.20): 2 Time(s)
root (89.129.246.135): 2 Time(s)
root (adsl-99-97.globonet.hu): 2 Time(s)
root (aya202.internetdsl.tpnet.pl): 2 Time(s)
root (host-62-245-152-237.customer.m-online.net): 2 Time(s)
root (iml178.internetdsl.tpnet.pl): 2 Time(s)
root (lewel.pl): 2 Time(s)
root (linux1.gym-leoben.asn-graz.ac.at): 2 Time(s)
root (lpointe-a-pitre-151-11-11.w81-248.abo.wanadoo.fr): 2 Time(s)
root (mail.longueira-sa.com.ar): 2 Time(s)
root (router.ad-tel.com): 2 Time(s)
root (200-204-51-147.dial-up.telesp.net.br): 1 Time(s)
root (200.87.234.170): 1 Time(s)
root (61.190.88.141): 1 Time(s)
root (61.190.88.147): 1 Time(s)
root (rrcs-76-79-9-66.west.biz.rr.com): 1 Time(s)
su:
Sessions Opened:
(uid=0) -> nobody: 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- sendmail Begin ------------------------
ERROR: Could not open /etc/mail/local-host-names
ERROR: Could not open /etc/mail/access
Message Size Distribution:
Range # Msgs KBytes
0 - 10k 0 0
10k - 20k 0 0
20k - 50k 0 0
50k - 100k 0 0
100k - 500k 0 0
500k - 1Mb 0 0
1Mb - 2Mb 0 0
2Mb - 5Mb 0 0
5Mb - 10Mb 0 0
10Mb+ 0 0
----------------------------------
TOTAL 0 0
---------------------- sendmail End -------------------------
--------------------- SSHD Begin ------------------------
Couldn't resolve these IPs:
11.113.244.80.in-addr.arpa: 4 Time(s)
11.154.158.61.ha.cnc: 6 Time(s)
189-73-172-5.cslce701.e.brasiltelecom.net.br: 4 Time(s)
200-102-77-173.paemt706.e.brasiltelecom.net.br: 10 Time(s)
200-11-197-122.dyn.dsl.cantv.net: 4 Time(s)
200-41-65-4.static.impsat.net.ar: 2 Time(s)
212_81_215_74_adai0001.gignu_adsl_ma_ma.ips.sarenet.es: 4 Time(s)
225-233-188-190.cab.prima.net.ar: 4 Time(s)
41-222-209-65.galaxybackbone.com: 4 Time(s)
52.157.111.202.ha.cnc: 8 Time(s)
59.162.166.210.static.vsnl.net.in: 2 Time(s)
67.197.0.187.static.alog.com.br: 6 Time(s)
82-76-170-45.rdsnet.ro: 17 Time(s)
abts-north-static-171.184.160.122.airtelbroadband.in: 10 Time(s)
adsl-mi4-170.it.colt.net: 6 Time(s)
adsl190-24210198.sta.etb.net.co: 2 Time(s)
barsik.0t.ru: 16 Time(s)
c952e18c.virtua.com.br: 2 Time(s)
corporat190-025132095.sta.etb.net.co: 4 Time(s)
corporat200-093164053.sta.etb.net.co: 6 Time(s)
corporat200-119014242.sta.etb.net.co: 10 Time(s)
cust83.telwestnet.net(64.201.132.83): 18 Time(s)
customer-static-123-174-145.iplannetworks.net: 2 Time(s)
customer-static-210-29-149.iplannetworks.net: 2 Time(s)
gobox.com.br(189.26.115.174): 8 Time(s)
host-196.218.47.219-static.tedata.net: 2 Time(s)
host154.advance.com.ar: 6 Time(s)
illchn-static-203.197.128.198.static.vsnl.net.in: 10 Time(s)
illchn-static-203.197.128.205.static.vsnl.net.in: 8 Time(s)
mail.iesmos.ru: 8 Time(s)
mail.outres.co.za: 4 Time(s)
mail.sankyuvn.com(222.252.28.112): 6 Time(s)
mail.securedata.co.za: 4 Time(s)
map86.network49.168.tigo.net.gt: 8 Time(s)
static-ip-cr19014668247.cable.net.co: 14 Time(s)
static-ip-cr19014669104.cable.net.co: 16 Time(s)
static41-67-251-250-251.static41-16.iam.net.ma: 6 Time(s)
tm.net.my: 8 Time(s)
vp195031.kln.uac68.hknet.com: 8 Time(s)
vps.norsys.co.nz: 4 Time(s)
webhost.dacra.biz: 2 Time(s)
www.twg.co.za(209.203.36.67): 2 Time(s)
Didn't receive an ident from these IPs:
vps.norsys.co.nz (210.48.67.75): 2 Time(s)
Failed logins from these:
oracle/password from 212.72.132.166: 1 Time(s)
root/password from 212.72.132.166: 15 Time(s)
root/password from 64.201.132.83: 18 Time(s)
test/password from 212.72.132.166: 3 Time(s)
Illegal users from these:
oracle/none from 212.72.132.166: 1 Time(s)
oracle/password from 212.72.132.166: 1 Time(s)
test/none from 212.72.132.166: 3 Time(s)
test/password from 212.72.132.166: 3 Time(s)
Error in PAM authentication:
Authentication failure for root from 110.253-244-81.adsl-static.isp.belgacom.be : 2 Time(s)
Authentication failure for root from 116.10.195.5 : 22 Time(s)
Authentication failure for root from 119-210-96-87.cust.blixtvik.se : 2 Time(s)
Authentication failure for root from 12.152.56.50 : 6 Time(s)
Authentication failure for root from 120.195.80.139 : 2 Time(s)
Authentication failure for root from 121.139.193.125 : 2 Time(s)
Authentication failure for root from 121.157.1.238 : 14 Time(s)
Authentication failure for root from 121.200.67.50 : 8 Time(s)
Authentication failure for root from 122.160.184.171 : 10 Time(s)
Authentication failure for root from 122.205.6.21 : 8 Time(s)
Authentication failure for root from 122.224.128.197 : 10 Time(s)
Authentication failure for root from 124.232.131.156 : 6 Time(s)
Authentication failure for root from 154.red-217-125-104.staticip.rima-tde.net : 2 Time(s)
Authentication failure for root from 179.26-246-81.adsl-static.isp.belgacom.be : 4 Time(s)
Authentication failure for root from 187.0.197.67 : 6 Time(s)
Authentication failure for root from 188-193-80-46-dynip.superkabel.de : 4 Time(s)
Authentication failure for root from 189-112-076-005.static.ctbctelecom.com.br : 12 Time(s)
Authentication failure for root from 189.26.115.174 : 8 Time(s)
Authentication failure for root from 189.73.172.5 : 4 Time(s)
Authentication failure for root from 190.146.68.247 : 14 Time(s)
Authentication failure for root from 190.146.69.104 : 16 Time(s)
Authentication failure for root from 190.188.233.225 : 4 Time(s)
Authentication failure for root from 190.210.29.149 : 2 Time(s)
Authentication failure for root from 190.24.210.198 : 2 Time(s)
Authentication failure for root from 190.25.132.95 : 4 Time(s)
Authentication failure for root from 190.41.166.113 : 2 Time(s)
Authentication failure for root from 194.224.118.61 : 8 Time(s)
Authentication failure for root from 195.242.89.99 : 10 Time(s)
Authentication failure for root from 196.211.112.186 : 4 Time(s)
Authentication failure for root from 196.211.154.74 : 4 Time(s)
Authentication failure for root from 196.218.47.219 : 2 Time(s)
Authentication failure for root from 200-204-51-147.dial-up.telesp.net.br : 1 Time(s)
Authentication failure for root from 200.102.77.173 : 10 Time(s)
Authentication failure for root from 200.11.197.122 : 4 Time(s)
Authentication failure for root from 200.111.188.178 : 2 Time(s)
Authentication failure for root from 200.119.14.242 : 10 Time(s)
Authentication failure for root from 200.123.174.145 : 2 Time(s)
Authentication failure for root from 200.146.104.143.static.gvt.net.br : 10 Time(s)
Authentication failure for root from 200.162.9.91 : 6 Time(s)
Authentication failure for root from 200.187.175.38 : 20 Time(s)
Authentication failure for root from 200.21.104.66 : 16 Time(s)
Authentication failure for root from 200.21.228.80 : 6 Time(s)
Authentication failure for root from 200.241.61.130 : 6 Time(s)
Authentication failure for root from 200.41.65.4 : 2 Time(s)
Authentication failure for root from 200.49.168.86 : 8 Time(s)
Authentication failure for root from 200.51.40.154 : 6 Time(s)
Authentication failure for root from 200.87.234.170 : 1 Time(s)
Authentication failure for root from 200.93.164.53 : 6 Time(s)
Authentication failure for root from 201-26-144-186.dial-up.telesp.net.br : 6 Time(s)
Authentication failure for root from 201-26-169-3.dial-up.telesp.net.br : 4 Time(s)
Authentication failure for root from 201-26-172-213.dial-up.telesp.net.br : 6 Time(s)
Authentication failure for root from 201-34-136-18.jvece701.t.brasiltelecom.net.br : 6 Time(s)
Authentication failure for root from 201.64.234.10 : 7 Time(s)
Authentication failure for root from 201.82.225.140 : 2 Time(s)
Authentication failure for root from 201.red-80-32-236.staticip.rima-tde.net : 8 Time(s)
Authentication failure for root from 202.100.241.61 : 12 Time(s)
Authentication failure for root from 202.100.98.13 : 16 Time(s)
Authentication failure for root from 202.109.10.204 : 10 Time(s)
Authentication failure for root from 202.111.157.52 : 8 Time(s)
Authentication failure for root from 202.78.239.203 : 2 Time(s)
Authentication failure for root from 202.97.0.76 : 2 Time(s)
Authentication failure for root from 203.141.150.153.static.zoot.jp : 8 Time(s)
Authentication failure for root from 203.141.159.25.static.zoot.jp : 6 Time(s)
Authentication failure for root from 203.169.195.31 : 8 Time(s)
Authentication failure for root from 203.197.128.198 : 10 Time(s)
Authentication failure for root from 203.197.128.205 : 8 Time(s)
Authentication failure for root from 207.47.36.57.static.nextweb.net : 8 Time(s)
Authentication failure for root from 209.203.36.67 : 2 Time(s)
Authentication failure for root from 210.48.67.75 : 4 Time(s)
Authentication failure for root from 211.154.254.120 : 12 Time(s)
Authentication failure for root from 211.227.67.205 : 8 Time(s)
Authentication failure for root from 211.99.146.43 : 9 Time(s)
Authentication failure for root from 212.45.26.229 : 20 Time(s)
Authentication failure for root from 212.81.215.74 : 4 Time(s)
Authentication failure for root from 212.92.194.5 : 4 Time(s)
Authentication failure for root from 213.215.191.170 : 6 Time(s)
Authentication failure for root from 217.113.78.55 : 6 Time(s)
Authentication failure for root from 217.147.21.166 : 8 Time(s)
Authentication failure for root from 218.246.127.104 : 12 Time(s)
Authentication failure for root from 218.248.66.185 : 15 Time(s)
Authentication failure for root from 218.248.69.185 : 16 Time(s)
Authentication failure for root from 218.248.79.251 : 4 Time(s)
Authentication failure for root from 218.249.195.165 : 10 Time(s)
Authentication failure for root from 218.249.3.139 : 12 Time(s)
Authentication failure for root from 218.30.57.219 : 14 Time(s)
Authentication failure for root from 218.65.103.253 : 8 Time(s)
Authentication failure for root from 218.65.103.254 : 6 Time(s)
Authentication failure for root from 219.134.65.39 : 4 Time(s)
Authentication failure for root from 219.143.161.64 : 16 Time(s)
Authentication failure for root from 219.148.203.3 : 12 Time(s)
Authentication failure for root from 220.165.9.233 : 8 Time(s)
Authentication failure for root from 220.194.201.208 : 2 Time(s)
Authentication failure for root from 220.194.48.231 : 8 Time(s)
Authentication failure for root from 220.194.66.56 : 4 Time(s)
Authentication failure for root from 222.128.48.222 : 10 Time(s)
Authentication failure for root from 222.210.17.151 : 16 Time(s)
Authentication failure for root from 222.211.88.108 : 3 Time(s)
Authentication failure for root from 222.211.93.81 : 18 Time(s)
Authentication failure for root from 222.252.28.112 : 6 Time(s)
Authentication failure for root from 222.73.231.88 : 6 Time(s)
Authentication failure for root from 225-102-207-82.ip.ukrtel.net : 6 Time(s)
Authentication failure for root from 238.191.195-77.rev.gaoland.net : 8 Time(s)
Authentication failure for root from 242.red-80-24-81.staticip.rima-tde.net : 8 Time(s)
Authentication failure for root from 41.222.209.65 : 4 Time(s)
Authentication failure for root from 41.250.251.67 : 6 Time(s)
Authentication failure for root from 58.233.219.99 : 4 Time(s)
Authentication failure for root from 58.254.200.60 : 10 Time(s)
Authentication failure for root from 58.26.82.165 : 8 Time(s)
Authentication failure for root from 58.60.106.119 : 20 Time(s)
Authentication failure for root from 58.60.106.199 : 18 Time(s)
Authentication failure for root from 59.108.85.26 : 2 Time(s)
Authentication failure for root from 59.162.166.210 : 2 Time(s)
Authentication failure for root from 59.37.75.11 : 12 Time(s)
Authentication failure for root from 59.37.75.17 : 4 Time(s)
Authentication failure for root from 59.40.185.208 : 6 Time(s)
Authentication failure for root from 59.53.51.178 : 14 Time(s)
Authentication failure for root from 60-240-249-92.tpgi.com.au : 4 Time(s)
Authentication failure for root from 60.170.80.198 : 14 Time(s)
Authentication failure for root from 60.red-213-97-79.staticip.rima-tde.net : 4 Time(s)
Authentication failure for root from 61.131.208.44 : 16 Time(s)
Authentication failure for root from 61.158.154.11 : 6 Time(s)
Authentication failure for root from 61.166.150.245 : 8 Time(s)
Authentication failure for root from 61.172.200.198 : 2 Time(s)
Authentication failure for root from 61.190.88.141 : 1 Time(s)
Authentication failure for root from 61.190.88.147 : 1 Time(s)
Authentication failure for root from 61.235.143.134 : 4 Time(s)
Authentication failure for root from 64-51-76-14.client.dsl.net : 2 Time(s)
Authentication failure for root from 66.165.162.246 : 2 Time(s)
Authentication failure for root from 69.198.73.82 : 10 Time(s)
Authentication failure for root from 7.231.60.213.static.mundo-r.com : 4 Time(s)
Authentication failure for root from 70-91-124-193-michigan.hfc.comcastbusiness.net : 10 Time(s)
Authentication failure for root from 70.54.247.51 : 4 Time(s)
Authentication failure for root from 72.54.20.41 : 4 Time(s)
Authentication failure for root from 74-93-92-173-illinois.hfc.comcastbusiness.net : 4 Time(s)
Authentication failure for root from 75-149-192-2-illinois.hfc.comcastbusiness.net : 6 Time(s)
Authentication failure for root from 78.38.243.135 : 2 Time(s)
Authentication failure for root from 79.red-80-38-190.staticip.rima-tde.net : 3 Time(s)
Authentication failure for root from 80.244.113.11 : 4 Time(s)
Authentication failure for root from 80.51.31.84 : 3 Time(s)
Authentication failure for root from 81.24.80.245 : 2 Time(s)
Authentication failure for root from 82.207.106.77 : 18 Time(s)
Authentication failure for root from 82.76.170.45 : 17 Time(s)
Authentication failure for root from 83-65-166-74.work.xdsl-line.inode.at : 10 Time(s)
Authentication failure for root from 83.132.104.248 : 4 Time(s)
Authentication failure for root from 83.229.48.146 : 14 Time(s)
Authentication failure for root from 83.red-80-38-111.staticip.rima-tde.net : 6 Time(s)
Authentication failure for root from 84-55-112-13.customers.ownit.se : 14 Time(s)
Authentication failure for root from 85.185.74.218 : 4 Time(s)
Authentication failure for root from 87-194-180-28.bethere.co.uk : 6 Time(s)
Authentication failure for root from 87.226.171.20 : 2 Time(s)
Authentication failure for root from 89-96-140-154.ip12.fastwebnet.it : 10 Time(s)
Authentication failure for root from 89.129.246.135 : 2 Time(s)
Authentication failure for root from 99-2-106-147.lightspeed.tukrga.sbcglobal.net : 4 Time(s)
Authentication failure for root from academia.gda.itesm.mx : 16 Time(s)
Authentication failure for root from adsl-69-213-134-19.dsl.chcgil.ameritech.net : 4 Time(s)
Authentication failure for root from adsl-99-63-133-121.dsl.lsan03.sbcglobal.net : 8 Time(s)
Authentication failure for root from adsl-99-97.globonet.hu : 2 Time(s)
Authentication failure for root from akq2.internetdsl.tpnet.pl : 6 Time(s)
Authentication failure for root from aya202.internetdsl.tpnet.pl : 2 Time(s)
Authentication failure for root from bcl02861.empresas.ya.com : 12 Time(s)
Authentication failure for root from bul138.internetdsl.tpnet.pl : 6 Time(s)
Authentication failure for root from cbl212-235-9-35.bb.netvision.net.il : 18 Time(s)
Authentication failure for root from cbl212-235-9-44.bb.netvision.net.il : 18 Time(s)
Authentication failure for root from dsl-200-67-184-101.prod-empresarial.com.mx : 4 Time(s)
Authentication failure for root from dyz82.internetdsl.tpnet.pl : 6 Time(s)
Authentication failure for root from dzu194.internetdsl.tpnet.pl : 4 Time(s)
Authentication failure for root from fnttkyo001003.tkyo.fnt.ngn.ppp.infoweb.ne.jp : 6 Time(s)
Authentication failure for root from gve82.internetdsl.tpnet.pl : 8 Time(s)
Authentication failure for root from hagen.kdb.hr : 4 Time(s)
Authentication failure for root from host-62-245-152-237.customer.m-online.net : 2 Time(s)
Authentication failure for root from host11-174-static.29-79-b.business.telecomitalia.it : 4 Time(s)
Authentication failure for root from host178-84-static.58-217-b.business.telecomitalia.it : 8 Time(s)
Authentication failure for root from host186-20-static.5-79-b.business.telecomitalia.it : 6 Time(s)
Authentication failure for root from host190-58-static.54-88-b.business.telecomitalia.it : 10 Time(s)
Authentication failure for root from host5.200-45-251.telecom.net.ar : 10 Time(s)
Authentication failure for root from iml178.internetdsl.tpnet.pl : 2 Time(s)
Authentication failure for root from ip-213-135-245-254.static.luxdsl.pt.lu : 9 Time(s)
Authentication failure for root from ipe-iptva02.man.newskies.net : 5 Time(s)
Authentication failure for root from ipe-iptva03.man.newskies.net : 8 Time(s)
Authentication failure for root from lacteos.freskaleche.com.co : 8 Time(s)
Authentication failure for root from lewel.pl : 2 Time(s)
Authentication failure for root from linux1.gym-leoben.asn-graz.ac.at : 2 Time(s)
Authentication failure for root from lpointe-a-pitre-151-11-11.w81-248.abo.wanadoo.fr : 2 Time(s)
Authentication failure for root from mail.copycat.co.tz : 4 Time(s)
Authentication failure for root from mail.dahmerpower.com : 8 Time(s)
Authentication failure for root from mail.longueira-sa.com.ar : 2 Time(s)
Authentication failure for root from mail.tidestar.net : 10 Time(s)
Authentication failure for root from mail.webcash.co.kr : 9 Time(s)
Authentication failure for root from mailserver.embchile.org.br : 12 Time(s)
Authentication failure for root from p4fda2ebe.dip0.t-ipconnect.de : 7 Time(s)
Authentication failure for root from p54a71a35.dip0.t-ipconnect.de : 8 Time(s)
Authentication failure for root from p54a720ae.dip0.t-ipconnect.de : 6 Time(s)
Authentication failure for root from rl80.1blu.de : 16 Time(s)
Authentication failure for root from router.ad-tel.com : 2 Time(s)
Authentication failure for root from rrcs-74-218-172-158.midsouth.biz.rr.com : 4 Time(s)
Authentication failure for root from rrcs-76-79-9-66.west.biz.rr.com : 1 Time(s)
Authentication failure for root from s15290850.onlinehome-server.info : 28 Time(s)
Authentication failure for root from shiftconsult-s0-1-2-acc01.bru.embratel.net.br : 6 Time(s)
Authentication failure for root from static-71-242-245-111.phlapa.east.verizon.net : 18 Time(s)
Authentication failure for root from www.pbs-hosting.net : 24 Time(s)
Authentication failure for root from www.ropsa.com.mx : 34 Time(s)
**Unmatched Entries**
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
---------------------- SSHD End -------------------------
--------------------- Syslogd Begin ------------------------
Syslogd started 1 Time(s)
---------------------- Syslogd End -------------------------
------------------ Disk Space --------------------
/dev/hda3 72G 55G 13G 82% /
/dev/hda1 92M 6.3M 81M 8% /boot
###################### LogWatch End #########################
More information about the Sysadmin
mailing list