[Sysadmin] LogWatch for tempest
root
root at tempest.evolt.org
Fri Jan 1 06:25:29 CST 2010
################### LogWatch 5.2.2 (06/23/04) ####################
Processing Initiated: Fri Jan 1 06:25:16 2010
Date Range Processed: yesterday
Detail Level of Output: 10
Logfiles for Host: tempest
################################################################
--------------------- Cron Begin ------------------------
Commands Run:
User dmah:
/home/dmah/bin/article_reminder.pl: 1 Time(s)
/home/dmah/bin/comment_reminder.pl: 1 Time(s)
User mailman:
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/checkdbs: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/disabled: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/gate_news: 288 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/nightly_gzip: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/senddigests: 1 Time(s)
User neuro:
~neuro/beo/oldbeo/mkarchivesize >/dev/null 2>&1: 1 Time(s)
User root:
run-parts --report /etc/cron.hourly: 24 Time(s)
[ -d /var/lib/php4 ] && find /var/lib/php4/ -type f -cmin +$(/usr/lib/php4/maxlifetime) -print0 | xargs -r -0 rm: 48 Time(s)
/home/dmah/bin/qmail-kill.sh 1> /dev/null 2>&1: 144 Time(s)
/store/host/browsers.evolt.org/mkarchivesize: 1 Time(s)
/usr/bin/freshclam --quiet -l /var/log/clam-update.log: 1 Time(s)
/usr/sbin/ntpdate -su us.pool.ntp.org us.pool.ntp.org: 1 Time(s)
/var/qmail/bin/qmailstats 1>/dev/null 2>/dev/null: 1 Time(s)
if [ -x /usr/bin/vnstat ] && [ `ls /var/lib/vnstat/ | wc -l` -ge 1 ]; then /usr/bin/vnstat -u; fi: 288 Time(s)
test -x /usr/sbin/anacron || run-parts --report /etc/cron.daily: 1 Time(s)
test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt: 1 Time(s)
User www-data:
[ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.conf -a -r /var/log/apache/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=awstats -update >/dev/null: 144 Time(s)
---------------------- Cron End -------------------------
--------------------- EXIM Begin ------------------------
--- Messages history ---
3 messages delivered immediately to 3 total recipients
---------------------- EXIM End -------------------------
--------------------- httpd Begin ------------------------
0.06 MB transfered in 285 responses (1xx 0, 2xx 0, 3xx 73, 4xx 212, 5xx 0)
11 Images (0.00 MB),
9 Documents (0.00 MB),
2 Archives (0.00 MB),
2 Movies files (0.00 MB),
193 Content pages (0.03 MB),
4 Redirects (0.00 MB),
1 Program source files (0.00 MB),
63 Other (0.02 MB)
A total of 30 unidentified 'other' records logged
GET /djc/stdio/index.cfm/daddy/show/mommy/94 HTTP/1.1 with response code(s) 1 404 responses
GET /djc/stdio HTTP/1.1 with response code(s) 1 404 responses
GET /luminosity HTTP/1.1 with response code(s) 2 404 responses
GET /shaggy/javascript/create_slideshow HTTP/1.1 with response code(s) 1 404 responses
GET /lindsay/nav HTTP/1.1 with response code(s) 1 404 responses
GET /rss/articles.rss HTTP/1.0 with response code(s) 1 404 responses
GET /mccreath/potatosalad/archives/~amnsnow.mpe HTTP/1.1 with response code(s) 1 404 responses
- with response code(s) 10 408 responses
GET /php_login_script_with_remember_<b>me</b>_feature HTTP/1.0 with response code(s) 1 404 responses
GET /signup.cfm HTTP/1.1 with response code(s) 8 404 responses
GET /mantruc/blog HTTP/1.1 with response code(s) 1 404 responses
GET /burhankhalid HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /dshadovi/MM_resources.cfm HTTP/1.1 with response code(s) 2 404 responses
GET /matthewo HTTP/1.1 with response code(s) 1 404 responses
GET /signup.cfm HTTP/1.0 with response code(s) 3 404 responses
GET /jswiders HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/toggle_tablerows.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /isaac/photos/index.cfm?currentnum=71 HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/imagemap_rollover/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1 with response code(s) 11 400 responses
GET /jeff/code/dhtml_form_rollover/index.cfm HTTP/1.1 with response code(s) 2 404 responses
GET /jeff/code/unchecking_radio_buttons.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /seb HTTP/1.1 with response code(s) 1 404 responses
GET /mpember/afroapix/website/index.php'. HTTP/1.1 with response code(s) 1 404 responses
GET /garrett/site/books/factual HTTP/1.1 with response code(s) 2 404 responses
GET /signup.cfm;\" HTTP/1.0 with response code(s) 1 404 responses
GET /rudy HTTP/1.1 with response code(s) 1 404 responses
GET /php_login_script_with_remember_me_feature HTTP/1.0 with response code(s) 1 404 responses
GET /node/60180 with response code(s) 2 404 responses
A total of 16 ROBOTS were logged
Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) 2 time(s)
Yandex/1.01.001 (compatible; Win16; H) 4 time(s)
Mozilla/5.0 (compatible; xrss; robot; http://www.xrss.eu/robot; version 2.0) 1 time(s)
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) 2 time(s)
Mozilla/5.0 (Windows; U; Windows NT 5.1; fr; rv:1.8.1) VoilaBot BETA 1.2 (support.voilabot at orange-ftgroup.com) 1 time(s)
Mozilla/5.0 (compatible; DotBot/1.1; http://www.dotnetdotcom.org/, crawler at dotnetdotcom.org) 7 time(s)
Nokia6682/2.0 (3.01.1) SymbianOS/8.0 Series60/2.6 Profile/MIDP-2.0 configuration/CLDC-1.1 UP.Link/6.3.0.0.0 (compatible;YahooSeeker/M1A1-R2D2; http://help.yahoo.com/help/us/ysearch/crawling/crawling-01.html) 1 time(s)
Mozilla/4.0 (compatible; NaverBot/1.0; http://help.naver.com/customer_webtxt_02.jsp) 1 time(s)
Mozilla/5.0 (compatible; Exabot/3.0 (BiggerBetter); +http://www.exabot.com/go/robot) 1 time(s)
voyager/2.0 (http://www.kosmix.com/crawler.html) 1 time(s)
T-Mobile Dash Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; Smartphone; 320x240; MSNBOT-MOBILE/1.1; +http://search.msn.com/msnbot.htm) 1 time(s)
msnbot/2.0b (+http://search.msn.com/msnbot.htm) 28 time(s)
Speedy Spider (http://www.entireweb.com/about/search_tech/speedy_spider/) 2 time(s)
Baiduspider+(+http://www.baidu.com/search/spider.htm) 2 time(s)
Mozilla/5.0 (Twiceler-0.9 http://www.cuil.com/twiceler/robot.html) 4 time(s)
FAST Enterprise Crawler 6 / Scirus scirus-crawler at fast.no; http://www.scirus.com/srsapp/contactus/ 1 time(s)
---------------------- httpd End -------------------------
--------------------- Kernel Begin ------------------------
1 Time(s): device eth0 entered promiscuous mode
1 Time(s): device eth0 left promiscuous mode
---------------------- Kernel End -------------------------
--------------------- pam_unix Begin ------------------------
cron:
Sessions Opened:
root: 510 Time(s)
mailman: 292 Time(s)
www-data: 144 Time(s)
dmah: 2 Time(s)
neuro: 1 Time(s)
sshd:
Authentication Failures:
unknown (ip-160-211.sn2.eutelia.it): 35 Time(s)
unknown (211.115.234.143): 30 Time(s)
unknown (219.234.95.164): 29 Time(s)
unknown (190.146.246.36): 25 Time(s)
unknown (121.52.215.180): 20 Time(s)
unknown (194.107.broadband15.iol.cz): 20 Time(s)
unknown (80.169.105.159): 20 Time(s)
unknown (84.246.69.21): 20 Time(s)
unknown (108.48-78-194.adsl-static.isp.belgacom.be): 15 Time(s)
unknown (200.13.253.122): 15 Time(s)
unknown (212.243.41.9): 15 Time(s)
unknown (58.247.222.163): 15 Time(s)
unknown (116.55.226.131): 14 Time(s)
unknown (90.182.107.194): 10 Time(s)
unknown (hsi-kbw-078-043-082-153.hsi4.kabel-badenwuerttemberg.de): 10 Time(s)
unknown (58.60.106.24): 9 Time(s)
unknown (sgd4.accelsa.com.mx): 8 Time(s)
backup (58.247.222.163): 5 Time(s)
unknown (194.51.12.238): 3 Time(s)
Invalid Users:
Unknown Account: 313 Time(s)
su:
Sessions Opened:
(uid=0) -> nobody: 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- sendmail Begin ------------------------
ERROR: Could not open /etc/mail/local-host-names
ERROR: Could not open /etc/mail/access
Message Size Distribution:
Range # Msgs KBytes
0 - 10k 0 0
10k - 20k 0 0
20k - 50k 0 0
50k - 100k 0 0
100k - 500k 0 0
500k - 1Mb 0 0
1Mb - 2Mb 0 0
2Mb - 5Mb 0 0
5Mb - 10Mb 0 0
10Mb+ 0 0
----------------------------------
TOTAL 0 0
---------------------- sendmail End -------------------------
--------------------- SSHD Begin ------------------------
Couldn't resolve these IPs:
131.226.55.116.broad.km.yn.dynamic.163data.com.cn: 14 Time(s)
adsl89-120-203-137.romtelecom.net: 3 Time(s)
fw.tablemac.com: 15 Time(s)
static-ip-cr19014624636.cable.net.co: 25 Time(s)
Didn't receive an ident from these IPs:
adsl89-120-203-137.romtelecom.net (89.120.203.137): 1 Time(s)
bt-212-231.bta.net.cn (202.106.212.231): 1 Time(s)
ool-43561d40.dyn.optonline.net (67.86.29.64): 4 Time(s)
Failed logins from these:
admin/password from 207.111.170.14: 2 Time(s)
ange/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
angel/keyboard-interactive/pam from 212.243.41.9: 5 Time(s)
angelahu/keyboard-interactive/pam from 80.169.105.159: 2 Time(s)
angeline/keyboard-interactive/pam from 121.52.215.180: 5 Time(s)
angelmask/keyboard-interactive/pam from 90.182.107.194: 5 Time(s)
anna/keyboard-interactive/pam from 211.115.234.143: 5 Time(s)
annie/keyboard-interactive/pam from 58.60.106.24: 4 Time(s)
antoine/keyboard-interactive/pam from 219.234.95.164: 5 Time(s)
apedmic/keyboard-interactive/pam from 194.78.48.108: 5 Time(s)
apple/keyboard-interactive/pam from 116.55.226.131: 4 Time(s)
apple/keyboard-interactive/pam from 148.233.140.193: 5 Time(s)
apple/keyboard-interactive/pam from 190.146.246.36: 5 Time(s)
apple/keyboard-interactive/pam from 194.78.48.108: 5 Time(s)
apple/keyboard-interactive/pam from 212.243.41.9: 5 Time(s)
apple/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
apple/keyboard-interactive/pam from 84.246.69.21: 5 Time(s)
apple/keyboard-interactive/pam from 90.182.107.194: 5 Time(s)
apple1/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
aqchen/keyboard-interactive/pam from 78.43.82.153: 5 Time(s)
ara/keyboard-interactive/pam from 84.246.69.21: 5 Time(s)
arfatu/keyboard-interactive/pam from 194.78.48.108: 5 Time(s)
ariel/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
aro/keyboard-interactive/pam from 58.247.222.163: 5 Time(s)
aronjason/keyboard-interactive/pam from 90.182.107.194: 5 Time(s)
art/keyboard-interactive/pam from 211.115.234.143: 5 Time(s)
artcat/keyboard-interactive/pam from 219.234.95.164: 4 Time(s)
artplay/keyboard-interactive/pam from 58.247.222.163: 5 Time(s)
asoft/keyboard-interactive/pam from 219.234.95.164: 5 Time(s)
at/keyboard-interactive/pam from 90.182.107.194: 5 Time(s)
attar/keyboard-interactive/pam from 116.55.226.131: 5 Time(s)
attyuhan/keyboard-interactive/pam from 190.146.246.36: 5 Time(s)
aweis/keyboard-interactive/pam from 211.115.234.143: 5 Time(s)
ba/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
babyliu/keyboard-interactive/pam from 121.52.215.180: 5 Time(s)
basin/keyboard-interactive/pam from 211.115.234.143: 5 Time(s)
bautz/keyboard-interactive/pam from 80.169.105.159: 2 Time(s)
bclow/keyboard-interactive/pam from 121.52.215.180: 5 Time(s)
bdes/keyboard-interactive/pam from 200.13.253.122: 5 Time(s)
bdtseng/keyboard-interactive/pam from 219.234.95.164: 5 Time(s)
bega/keyboard-interactive/pam from 78.43.82.153: 5 Time(s)
bell/keyboard-interactive/pam from 58.60.106.24: 5 Time(s)
belle/keyboard-interactive/pam from 212.243.41.9: 5 Time(s)
benfong/keyboard-interactive/pam from 211.115.234.143: 5 Time(s)
benjamin/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
benson/keyboard-interactive/pam from 84.246.69.21: 5 Time(s)
beryl/keyboard-interactive/pam from 190.146.246.36: 5 Time(s)
beverly/keyboard-interactive/pam from 200.13.253.122: 5 Time(s)
bibrown/keyboard-interactive/pam from 121.52.215.180: 5 Time(s)
bigban/keyboard-interactive/pam from 80.169.105.159: 5 Time(s)
billy/keyboard-interactive/pam from 84.246.69.21: 5 Time(s)
bios/keyboard-interactive/pam from 148.233.140.193: 3 Time(s)
biowater/keyboard-interactive/pam from 219.234.95.164: 5 Time(s)
bird/keyboard-interactive/pam from 90.182.107.194: 5 Time(s)
birkenwu/keyboard-interactive/pam from 211.115.234.143: 5 Time(s)
bjhsu/keyboard-interactive/pam from 200.13.253.122: 5 Time(s)
blchen/keyboard-interactive/pam from 80.169.105.159: 5 Time(s)
blin/keyboard-interactive/pam from 116.55.226.131: 5 Time(s)
blue/keyboard-interactive/pam from 190.146.246.36: 5 Time(s)
bluewinds/keyboard-interactive/pam from 80.169.105.159: 1 Time(s)
bm/keyboard-interactive/pam from 90.182.107.194: 5 Time(s)
bob/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
bonny/keyboard-interactive/pam from 190.146.246.36: 5 Time(s)
box/keyboard-interactive/pam from 194.51.12.238: 3 Time(s)
boy/keyboard-interactive/pam from 58.247.222.163: 5 Time(s)
brianpan/keyboard-interactive/pam from 80.169.105.159: 5 Time(s)
browne/keyboard-interactive/pam from 219.234.95.164: 5 Time(s)
dk/password from 87.118.96.34: 5 Time(s)
dke/password from 87.118.96.34: 5 Time(s)
dl/password from 87.118.96.34: 5 Time(s)
dle/password from 87.118.96.34: 5 Time(s)
dm/password from 87.118.96.34: 4 Time(s)
ellas/password from 207.111.170.14: 2 Time(s)
fenk/password from 87.118.96.34: 1 Time(s)
fenlason/password from 87.118.96.34: 1 Time(s)
fenn/password from 87.118.96.34: 1 Time(s)
fennefoss/password from 87.118.96.34: 1 Time(s)
fennell/password from 87.118.96.34: 1 Time(s)
feodora/password from 87.118.96.34: 1 Time(s)
feorene/password from 87.118.96.34: 1 Time(s)
feorenzo/password from 87.118.96.34: 1 Time(s)
feppon/password from 87.118.96.34: 1 Time(s)
fequiere/password from 87.118.96.34: 1 Time(s)
goldfisher/password from 87.118.96.34: 1 Time(s)
goldi/password from 87.118.96.34: 1 Time(s)
goldia/password from 87.118.96.34: 1 Time(s)
goldie/password from 87.118.96.34: 1 Time(s)
goldina/password from 87.118.96.34: 1 Time(s)
golding/password from 87.118.96.34: 1 Time(s)
goldman/password from 87.118.96.34: 1 Time(s)
goldmann/password from 87.118.96.34: 1 Time(s)
goldner/password from 87.118.96.34: 1 Time(s)
goldney/password from 87.118.96.34: 1 Time(s)
goldrick/password from 87.118.96.34: 1 Time(s)
lamark/password from 207.111.170.14: 2 Time(s)
nikkiand/password from 207.111.170.14: 2 Time(s)
oracle/password from 173.45.230.217: 3 Time(s)
postmaster/password from 173.45.230.217: 3 Time(s)
recruit/password from 89.120.203.137: 1 Time(s)
root/password from 207.111.170.14: 2 Time(s)
sales/password from 89.120.203.137: 1 Time(s)
staff/password from 89.120.203.137: 1 Time(s)
Illegal users from these:
admin/none from 207.111.170.14: 2 Time(s)
admin/password from 207.111.170.14: 2 Time(s)
ange/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
ange/none from 83.211.160.211: 5 Time(s)
angel/keyboard-interactive/pam from 212.243.41.9: 5 Time(s)
angel/none from 212.243.41.9: 5 Time(s)
angelahu/keyboard-interactive/pam from 80.169.105.159: 2 Time(s)
angelahu/none from 80.169.105.159: 2 Time(s)
angeline/keyboard-interactive/pam from 121.52.215.180: 5 Time(s)
angeline/none from 121.52.215.180: 5 Time(s)
angelmask/keyboard-interactive/pam from 90.182.107.194: 5 Time(s)
angelmask/none from 90.182.107.194: 5 Time(s)
anna/keyboard-interactive/pam from 211.115.234.143: 5 Time(s)
anna/none from 211.115.234.143: 5 Time(s)
annie/keyboard-interactive/pam from 58.60.106.24: 4 Time(s)
annie/none from 58.60.106.24: 4 Time(s)
antoine/keyboard-interactive/pam from 219.234.95.164: 5 Time(s)
antoine/none from 219.234.95.164: 5 Time(s)
apedmic/keyboard-interactive/pam from 194.78.48.108: 5 Time(s)
apedmic/none from 194.78.48.108: 5 Time(s)
apple/keyboard-interactive/pam from 116.55.226.131: 4 Time(s)
apple/keyboard-interactive/pam from 148.233.140.193: 5 Time(s)
apple/keyboard-interactive/pam from 190.146.246.36: 5 Time(s)
apple/keyboard-interactive/pam from 194.78.48.108: 5 Time(s)
apple/keyboard-interactive/pam from 212.243.41.9: 5 Time(s)
apple/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
apple/keyboard-interactive/pam from 84.246.69.21: 5 Time(s)
apple/keyboard-interactive/pam from 90.182.107.194: 5 Time(s)
apple/none from 116.55.226.131: 4 Time(s)
apple/none from 148.233.140.193: 5 Time(s)
apple/none from 190.146.246.36: 5 Time(s)
apple/none from 194.78.48.108: 5 Time(s)
apple/none from 212.243.41.9: 5 Time(s)
apple/none from 83.211.160.211: 5 Time(s)
apple/none from 84.246.69.21: 5 Time(s)
apple/none from 90.182.107.194: 5 Time(s)
apple1/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
apple1/none from 83.211.160.211: 5 Time(s)
aqchen/keyboard-interactive/pam from 78.43.82.153: 5 Time(s)
aqchen/none from 78.43.82.153: 5 Time(s)
ara/keyboard-interactive/pam from 84.246.69.21: 5 Time(s)
ara/none from 84.246.69.21: 5 Time(s)
arfatu/keyboard-interactive/pam from 194.78.48.108: 5 Time(s)
arfatu/none from 194.78.48.108: 5 Time(s)
ariel/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
ariel/none from 83.211.160.211: 5 Time(s)
aro/keyboard-interactive/pam from 58.247.222.163: 5 Time(s)
aro/none from 58.247.222.163: 5 Time(s)
aronjason/keyboard-interactive/pam from 90.182.107.194: 5 Time(s)
aronjason/none from 90.182.107.194: 5 Time(s)
art/keyboard-interactive/pam from 211.115.234.143: 5 Time(s)
art/none from 211.115.234.143: 5 Time(s)
artcat/keyboard-interactive/pam from 219.234.95.164: 4 Time(s)
artcat/none from 219.234.95.164: 4 Time(s)
artplay/keyboard-interactive/pam from 58.247.222.163: 5 Time(s)
artplay/none from 58.247.222.163: 5 Time(s)
asoft/keyboard-interactive/pam from 219.234.95.164: 5 Time(s)
asoft/none from 219.234.95.164: 5 Time(s)
at/keyboard-interactive/pam from 90.182.107.194: 5 Time(s)
at/none from 90.182.107.194: 5 Time(s)
attar/keyboard-interactive/pam from 116.55.226.131: 5 Time(s)
attar/none from 116.55.226.131: 5 Time(s)
attyuhan/keyboard-interactive/pam from 190.146.246.36: 5 Time(s)
attyuhan/none from 190.146.246.36: 5 Time(s)
aweis/keyboard-interactive/pam from 211.115.234.143: 5 Time(s)
aweis/none from 211.115.234.143: 5 Time(s)
ba/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
ba/none from 83.211.160.211: 5 Time(s)
babyliu/keyboard-interactive/pam from 121.52.215.180: 5 Time(s)
babyliu/none from 121.52.215.180: 5 Time(s)
basin/keyboard-interactive/pam from 211.115.234.143: 5 Time(s)
basin/none from 211.115.234.143: 5 Time(s)
bautz/keyboard-interactive/pam from 80.169.105.159: 2 Time(s)
bautz/none from 80.169.105.159: 2 Time(s)
bclow/keyboard-interactive/pam from 121.52.215.180: 5 Time(s)
bclow/none from 121.52.215.180: 5 Time(s)
bdes/keyboard-interactive/pam from 200.13.253.122: 5 Time(s)
bdes/none from 200.13.253.122: 5 Time(s)
bdtseng/keyboard-interactive/pam from 219.234.95.164: 5 Time(s)
bdtseng/none from 219.234.95.164: 5 Time(s)
bega/keyboard-interactive/pam from 78.43.82.153: 5 Time(s)
bega/none from 78.43.82.153: 5 Time(s)
bell/keyboard-interactive/pam from 58.60.106.24: 5 Time(s)
bell/none from 58.60.106.24: 5 Time(s)
belle/keyboard-interactive/pam from 212.243.41.9: 5 Time(s)
belle/none from 212.243.41.9: 5 Time(s)
benfong/keyboard-interactive/pam from 211.115.234.143: 5 Time(s)
benfong/none from 211.115.234.143: 5 Time(s)
benjamin/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
benjamin/none from 83.211.160.211: 5 Time(s)
benson/keyboard-interactive/pam from 84.246.69.21: 5 Time(s)
benson/none from 84.246.69.21: 5 Time(s)
beryl/keyboard-interactive/pam from 190.146.246.36: 5 Time(s)
beryl/none from 190.146.246.36: 5 Time(s)
beverly/keyboard-interactive/pam from 200.13.253.122: 5 Time(s)
beverly/none from 200.13.253.122: 5 Time(s)
bibrown/keyboard-interactive/pam from 121.52.215.180: 5 Time(s)
bibrown/none from 121.52.215.180: 5 Time(s)
bigban/keyboard-interactive/pam from 80.169.105.159: 5 Time(s)
bigban/none from 80.169.105.159: 5 Time(s)
billy/keyboard-interactive/pam from 84.246.69.21: 5 Time(s)
billy/none from 84.246.69.21: 5 Time(s)
bios/keyboard-interactive/pam from 148.233.140.193: 3 Time(s)
bios/none from 148.233.140.193: 3 Time(s)
biowater/keyboard-interactive/pam from 219.234.95.164: 5 Time(s)
biowater/none from 219.234.95.164: 5 Time(s)
bird/keyboard-interactive/pam from 90.182.107.194: 5 Time(s)
bird/none from 90.182.107.194: 5 Time(s)
birkenwu/keyboard-interactive/pam from 211.115.234.143: 5 Time(s)
birkenwu/none from 211.115.234.143: 5 Time(s)
bjhsu/keyboard-interactive/pam from 200.13.253.122: 5 Time(s)
bjhsu/none from 200.13.253.122: 5 Time(s)
blchen/keyboard-interactive/pam from 80.169.105.159: 5 Time(s)
blchen/none from 80.169.105.159: 5 Time(s)
blin/keyboard-interactive/pam from 116.55.226.131: 5 Time(s)
blin/none from 116.55.226.131: 5 Time(s)
blue/keyboard-interactive/pam from 190.146.246.36: 5 Time(s)
blue/none from 190.146.246.36: 5 Time(s)
bluewinds/keyboard-interactive/pam from 80.169.105.159: 1 Time(s)
bluewinds/none from 80.169.105.159: 1 Time(s)
bm/keyboard-interactive/pam from 90.182.107.194: 5 Time(s)
bm/none from 90.182.107.194: 5 Time(s)
bob/keyboard-interactive/pam from 83.211.160.211: 5 Time(s)
bob/none from 83.211.160.211: 5 Time(s)
bonny/keyboard-interactive/pam from 190.146.246.36: 5 Time(s)
bonny/none from 190.146.246.36: 5 Time(s)
box/keyboard-interactive/pam from 194.51.12.238: 3 Time(s)
box/none from 194.51.12.238: 3 Time(s)
boy/keyboard-interactive/pam from 58.247.222.163: 5 Time(s)
boy/none from 58.247.222.163: 5 Time(s)
brianpan/keyboard-interactive/pam from 80.169.105.159: 5 Time(s)
brianpan/none from 80.169.105.159: 5 Time(s)
browne/keyboard-interactive/pam from 219.234.95.164: 5 Time(s)
browne/none from 219.234.95.164: 5 Time(s)
dk/none from 87.118.96.34: 5 Time(s)
dk/password from 87.118.96.34: 5 Time(s)
dke/none from 87.118.96.34: 5 Time(s)
dke/password from 87.118.96.34: 5 Time(s)
dl/none from 87.118.96.34: 5 Time(s)
dl/password from 87.118.96.34: 5 Time(s)
dle/none from 87.118.96.34: 5 Time(s)
dle/password from 87.118.96.34: 5 Time(s)
dm/none from 87.118.96.34: 4 Time(s)
dm/password from 87.118.96.34: 4 Time(s)
ellas/none from 207.111.170.14: 2 Time(s)
ellas/password from 207.111.170.14: 2 Time(s)
fenk/none from 87.118.96.34: 1 Time(s)
fenk/password from 87.118.96.34: 1 Time(s)
fenlason/none from 87.118.96.34: 1 Time(s)
fenlason/password from 87.118.96.34: 1 Time(s)
fenn/none from 87.118.96.34: 1 Time(s)
fenn/password from 87.118.96.34: 1 Time(s)
fennefoss/none from 87.118.96.34: 1 Time(s)
fennefoss/password from 87.118.96.34: 1 Time(s)
fennell/none from 87.118.96.34: 1 Time(s)
fennell/password from 87.118.96.34: 1 Time(s)
feodora/none from 87.118.96.34: 1 Time(s)
feodora/password from 87.118.96.34: 1 Time(s)
feorene/none from 87.118.96.34: 1 Time(s)
feorene/password from 87.118.96.34: 1 Time(s)
feorenzo/none from 87.118.96.34: 1 Time(s)
feorenzo/password from 87.118.96.34: 1 Time(s)
feppon/none from 87.118.96.34: 1 Time(s)
feppon/password from 87.118.96.34: 1 Time(s)
fequiere/none from 87.118.96.34: 1 Time(s)
fequiere/password from 87.118.96.34: 1 Time(s)
goldfisher/none from 87.118.96.34: 1 Time(s)
goldfisher/password from 87.118.96.34: 1 Time(s)
goldi/none from 87.118.96.34: 1 Time(s)
goldi/password from 87.118.96.34: 1 Time(s)
goldia/none from 87.118.96.34: 1 Time(s)
goldia/password from 87.118.96.34: 1 Time(s)
goldie/none from 87.118.96.34: 1 Time(s)
goldie/password from 87.118.96.34: 1 Time(s)
goldina/none from 87.118.96.34: 1 Time(s)
goldina/password from 87.118.96.34: 1 Time(s)
golding/none from 87.118.96.34: 1 Time(s)
golding/password from 87.118.96.34: 1 Time(s)
goldman/none from 87.118.96.34: 1 Time(s)
goldman/password from 87.118.96.34: 1 Time(s)
goldmann/none from 87.118.96.34: 1 Time(s)
goldmann/password from 87.118.96.34: 1 Time(s)
goldner/none from 87.118.96.34: 1 Time(s)
goldner/password from 87.118.96.34: 1 Time(s)
goldney/none from 87.118.96.34: 1 Time(s)
goldney/password from 87.118.96.34: 1 Time(s)
goldrick/none from 87.118.96.34: 1 Time(s)
goldrick/password from 87.118.96.34: 1 Time(s)
lamark/none from 207.111.170.14: 2 Time(s)
lamark/password from 207.111.170.14: 2 Time(s)
nikkiand/none from 207.111.170.14: 2 Time(s)
nikkiand/password from 207.111.170.14: 2 Time(s)
oracle/none from 173.45.230.217: 3 Time(s)
oracle/password from 173.45.230.217: 3 Time(s)
postmaster/none from 173.45.230.217: 3 Time(s)
postmaster/password from 173.45.230.217: 3 Time(s)
recruit/none from 89.120.203.137: 1 Time(s)
recruit/password from 89.120.203.137: 1 Time(s)
sales/none from 89.120.203.137: 1 Time(s)
sales/password from 89.120.203.137: 1 Time(s)
staff/none from 89.120.203.137: 1 Time(s)
staff/password from 89.120.203.137: 1 Time(s)
Error in PAM authentication:
Authentication failure for backup from 58.247.222.163 : 5 Time(s)
User not known to the underlying authentication module for illegal user ange from ip-160-211.sn2.eutelia.it : 5 Time(s)
User not known to the underlying authentication module for illegal user angel from 212.243.41.9 : 5 Time(s)
User not known to the underlying authentication module for illegal user angelahu from 80.169.105.159 : 2 Time(s)
User not known to the underlying authentication module for illegal user angeline from 121.52.215.180 : 5 Time(s)
User not known to the underlying authentication module for illegal user angelmask from 194.107.broadband15.iol.cz : 5 Time(s)
User not known to the underlying authentication module for illegal user anna from 211.115.234.143 : 5 Time(s)
User not known to the underlying authentication module for illegal user annie from 58.60.106.24 : 4 Time(s)
User not known to the underlying authentication module for illegal user antoine from 219.234.95.164 : 5 Time(s)
User not known to the underlying authentication module for illegal user apedmic from 108.48-78-194.adsl-static.isp.belgacom.be : 5 Time(s)
User not known to the underlying authentication module for illegal user apple from 108.48-78-194.adsl-static.isp.belgacom.be : 5 Time(s)
User not known to the underlying authentication module for illegal user apple from 116.55.226.131 : 4 Time(s)
User not known to the underlying authentication module for illegal user apple from 190.146.246.36 : 5 Time(s)
User not known to the underlying authentication module for illegal user apple from 194.107.broadband15.iol.cz : 5 Time(s)
User not known to the underlying authentication module for illegal user apple from 212.243.41.9 : 5 Time(s)
User not known to the underlying authentication module for illegal user apple from 84.246.69.21 : 5 Time(s)
User not known to the underlying authentication module for illegal user apple from ip-160-211.sn2.eutelia.it : 5 Time(s)
User not known to the underlying authentication module for illegal user apple from sgd4.accelsa.com.mx : 5 Time(s)
User not known to the underlying authentication module for illegal user apple1 from ip-160-211.sn2.eutelia.it : 5 Time(s)
User not known to the underlying authentication module for illegal user aqchen from hsi-kbw-078-043-082-153.hsi4.kabel-badenwuerttemberg.de : 5 Time(s)
User not known to the underlying authentication module for illegal user ara from 84.246.69.21 : 5 Time(s)
User not known to the underlying authentication module for illegal user arfatu from 108.48-78-194.adsl-static.isp.belgacom.be : 5 Time(s)
User not known to the underlying authentication module for illegal user ariel from ip-160-211.sn2.eutelia.it : 5 Time(s)
User not known to the underlying authentication module for illegal user aro from 58.247.222.163 : 5 Time(s)
User not known to the underlying authentication module for illegal user aronjason from 194.107.broadband15.iol.cz : 5 Time(s)
User not known to the underlying authentication module for illegal user art from 211.115.234.143 : 5 Time(s)
User not known to the underlying authentication module for illegal user artcat from 219.234.95.164 : 4 Time(s)
User not known to the underlying authentication module for illegal user artplay from 58.247.222.163 : 5 Time(s)
User not known to the underlying authentication module for illegal user asoft from 219.234.95.164 : 5 Time(s)
User not known to the underlying authentication module for illegal user at from 194.107.broadband15.iol.cz : 5 Time(s)
User not known to the underlying authentication module for illegal user attar from 116.55.226.131 : 5 Time(s)
User not known to the underlying authentication module for illegal user attyuhan from 190.146.246.36 : 5 Time(s)
User not known to the underlying authentication module for illegal user aweis from 211.115.234.143 : 5 Time(s)
User not known to the underlying authentication module for illegal user ba from ip-160-211.sn2.eutelia.it : 5 Time(s)
User not known to the underlying authentication module for illegal user babyliu from 121.52.215.180 : 5 Time(s)
User not known to the underlying authentication module for illegal user basin from 211.115.234.143 : 5 Time(s)
User not known to the underlying authentication module for illegal user bautz from 80.169.105.159 : 2 Time(s)
User not known to the underlying authentication module for illegal user bclow from 121.52.215.180 : 5 Time(s)
User not known to the underlying authentication module for illegal user bdes from 200.13.253.122 : 5 Time(s)
User not known to the underlying authentication module for illegal user bdtseng from 219.234.95.164 : 5 Time(s)
User not known to the underlying authentication module for illegal user bega from hsi-kbw-078-043-082-153.hsi4.kabel-badenwuerttemberg.de : 5 Time(s)
User not known to the underlying authentication module for illegal user bell from 58.60.106.24 : 5 Time(s)
User not known to the underlying authentication module for illegal user belle from 212.243.41.9 : 5 Time(s)
User not known to the underlying authentication module for illegal user benfong from 211.115.234.143 : 5 Time(s)
User not known to the underlying authentication module for illegal user benjamin from ip-160-211.sn2.eutelia.it : 5 Time(s)
User not known to the underlying authentication module for illegal user benson from 84.246.69.21 : 5 Time(s)
User not known to the underlying authentication module for illegal user beryl from 190.146.246.36 : 5 Time(s)
User not known to the underlying authentication module for illegal user beverly from 200.13.253.122 : 5 Time(s)
User not known to the underlying authentication module for illegal user bibrown from 121.52.215.180 : 5 Time(s)
User not known to the underlying authentication module for illegal user bigban from 80.169.105.159 : 5 Time(s)
User not known to the underlying authentication module for illegal user billy from 84.246.69.21 : 5 Time(s)
User not known to the underlying authentication module for illegal user bios from sgd4.accelsa.com.mx : 3 Time(s)
User not known to the underlying authentication module for illegal user biowater from 219.234.95.164 : 5 Time(s)
User not known to the underlying authentication module for illegal user bird from 90.182.107.194 : 5 Time(s)
User not known to the underlying authentication module for illegal user birkenwu from 211.115.234.143 : 5 Time(s)
User not known to the underlying authentication module for illegal user bjhsu from 200.13.253.122 : 5 Time(s)
User not known to the underlying authentication module for illegal user blchen from 80.169.105.159 : 5 Time(s)
User not known to the underlying authentication module for illegal user blin from 116.55.226.131 : 5 Time(s)
User not known to the underlying authentication module for illegal user blue from 190.146.246.36 : 5 Time(s)
User not known to the underlying authentication module for illegal user bluewinds from 80.169.105.159 : 1 Time(s)
User not known to the underlying authentication module for illegal user bm from 90.182.107.194 : 5 Time(s)
User not known to the underlying authentication module for illegal user bob from ip-160-211.sn2.eutelia.it : 5 Time(s)
User not known to the underlying authentication module for illegal user bonny from 190.146.246.36 : 5 Time(s)
User not known to the underlying authentication module for illegal user box from 194.51.12.238 : 3 Time(s)
User not known to the underlying authentication module for illegal user boy from 58.247.222.163 : 5 Time(s)
User not known to the underlying authentication module for illegal user brianpan from 80.169.105.159 : 5 Time(s)
User not known to the underlying authentication module for illegal user browne from 219.234.95.164 : 5 Time(s)
**Unmatched Entries**
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
---------------------- SSHD End -------------------------
--------------------- Syslogd Begin ------------------------
Syslogd started 1 Time(s)
---------------------- Syslogd End -------------------------
--------------------- vpopmail Begin ------------------------
No Such User Found:
cbird@ - 1 Time(s)
---------------------- vpopmail End -------------------------
------------------ Disk Space --------------------
/dev/hda3 72G 56G 13G 83% /
/dev/hda1 92M 6.3M 81M 8% /boot
###################### LogWatch End #########################
More information about the Sysadmin
mailing list