[Sysadmin] LogWatch for tempest
root
root at tempest.evolt.org
Thu May 13 06:26:08 CDT 2010
################### LogWatch 5.2.2 (06/23/04) ####################
Processing Initiated: Thu May 13 06:25:26 2010
Date Range Processed: yesterday
Detail Level of Output: 10
Logfiles for Host: tempest
################################################################
--------------------- Cron Begin ------------------------
Commands Run:
User dmah:
/home/dmah/bin/article_reminder.pl: 1 Time(s)
/home/dmah/bin/comment_reminder.pl: 1 Time(s)
/home/dmah/bin/user_reminder.pl: 13 Time(s)
personal crontab reloaded: 1 Time(s)
User mailman:
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/checkdbs: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/disabled: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/gate_news: 288 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/nightly_gzip: 1 Time(s)
/usr/bin/python -S /home/mailman/lists.evolt.org/cron/senddigests: 1 Time(s)
User neuro:
~neuro/beo/oldbeo/mkarchivesize >/dev/null 2>&1: 1 Time(s)
User root:
run-parts --report /etc/cron.hourly: 24 Time(s)
[ -d /var/lib/php4 ] && find /var/lib/php4/ -type f -cmin +$(/usr/lib/php4/maxlifetime) -print0 | xargs -r -0 rm: 48 Time(s)
/home/dmah/bin/qmail-kill.sh 1> /dev/null 2>&1: 144 Time(s)
/store/host/browsers.evolt.org/mkarchivesize: 1 Time(s)
/usr/bin/freshclam --quiet -l /var/log/clam-update.log: 1 Time(s)
/usr/sbin/ntpdate -su us.pool.ntp.org us.pool.ntp.org: 1 Time(s)
/var/qmail/bin/qmailstats 1>/dev/null 2>/dev/null: 1 Time(s)
if [ -x /usr/bin/vnstat ] && [ `ls /var/lib/vnstat/ | wc -l` -ge 1 ]; then /usr/bin/vnstat -u; fi: 288 Time(s)
test -x /usr/sbin/anacron || run-parts --report /etc/cron.daily: 1 Time(s)
test -x /usr/sbin/cron-apt && /usr/sbin/cron-apt: 1 Time(s)
User www-data:
[ -x /usr/lib/cgi-bin/awstats.pl -a -f /etc/awstats/awstats.conf -a -r /var/log/apache/access.log ] && /usr/lib/cgi-bin/awstats.pl -config=awstats -update >/dev/null: 144 Time(s)
---------------------- Cron End -------------------------
--------------------- EXIM Begin ------------------------
--- Messages history ---
4 messages delivered immediately to 4 total recipients
---------------------- EXIM End -------------------------
--------------------- httpd Begin ------------------------
18.02 MB transfered in 312 responses (1xx 0, 2xx 6, 3xx 36, 4xx 270, 5xx 0)
20 Images (0.01 MB),
18 Documents (0.01 MB),
2 Archives (0.00 MB),
1 Movies files (0.00 MB),
190 Content pages (17.99 MB),
1 Redirects (0.00 MB),
1 Program source files (0.00 MB),
79 Other (0.02 MB)
A total of 39 unidentified 'other' records logged
GET /djc/stdio/index.cfm/daddy/show/mommy/94 HTTP/1.1 with response code(s) 1 404 responses
GET /artlung/using_form_fieldnames_cold_fusion.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /PHP-Login-System-with-Admin-Features/ll tell you. If you look in constants.php you HTTP/1.1 with response code(s) 1 400 responses
GET /tos.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /gsws/license.kwd HTTP/1.1 with response code(s) 1 404 responses
GET /signup.cfm HTTP/1.1 with response code(s) 4 404 responses
GET /djc/stdio/index.cfm/daddy/show/mommy/137 HTTP/1.1 with response code(s) 1 404 responses
GET /jswiders HTTP/1.1 with response code(s) 2 404 responses
GET /PHP-Login-System-with-Admin-Features/, make sure your database name and password information is specified correctly in constants.php. If you still can HTTP/1.1 with response code(s) 1 400 responses
GET /signup.cfm HTTP/1.0 with response code(s) 2 404 responses
GET /winddancer HTTP/1.1 with response code(s) 1 404 responses
GET /mwarden HTTP/1.1 with response code(s) 1 404 responses
GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1 with response code(s) 9 400 responses
GET /jeff/code/dhtml_form_rollover/index.cfm HTTP/1.1 with response code(s) 3 404 responses
GET /djc/stdio/index.cfm/daddy/show/mommy/116 HTTP/1.1 with response code(s) 1 404 responses
GET /seb HTTP/1.1 with response code(s) 1 404 responses
GET /signup.cfm;\" HTTP/1.0 with response code(s) 2 404 responses
GET /dshadovi/traffic.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /djc/stdio HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/preload_n_rollover HTTP/1.0 with response code(s) 1 404 responses
GET /matthewo HTTP/1.0 with response code(s) 1 404 responses
GET /mantruc/blog HTTP/1.0 with response code(s) 1 404 responses
GET /waggener/TOVBlog HTTP/1.1 with response code(s) 1 404 responses
OPTIONS * HTTP/1.0 with response code(s) 3 200 responses
- with response code(s) 14 408 responses
GET /cgi-bin/viewcvs.cgi/beo_ng/mkarchivesize?rev=1.12 HTTP/1.0 with response code(s) 1 404 responses
GET /mantruc/blog HTTP/1.1 with response code(s) 3 404 responses
GET /~shannon HTTP/1.1 with response code(s) 1 404 responses
GET /mwarden/weblog HTTP/1.1 with response code(s) 2 404 responses
GET /matthewo HTTP/1.1 with response code(s) 2 404 responses
GET /PHP-Login-System-with-Admin-Features/re having, it works when you register but just not on the first time you load the page? It gives you that error. Look at register() function in session.php, that HTTP/1.1 with response code(s) 1 400 responses
GET /jeff/code/imagemap_rollover/index.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /arijit HTTP/1.1 with response code(s) 2 404 responses
GET /manager/html HTTP/1.1 with response code(s) 3 404 responses
GET /djc HTTP/1.1 with response code(s) 1 404 responses
GET /jeff/code/link_accessibility_usability.cfm HTTP/1.1 with response code(s) 1 404 responses
GET /garrett/site/books/factual HTTP/1.1 with response code(s) 2 404 responses
GET /node/60180 with response code(s) 2 404 responses
GET /turkif HTTP/1.1 with response code(s) 1 404 responses
A total of 14 ROBOTS were logged
nu_tch-princeton/Nu_tch-1.0-dev (princeton crawler for cass project; http://www.cs.princeton.edu/cass/; zhewang a_t cs ddot princeton dot edu) 1 time(s)
Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp) 3 time(s)
Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html) 1 time(s)
GeoHasher/Nutch-1.0 (GeoHasher Web Search Engine; geohasher.gotdns.org; geo_hasher at yahoo * com) 1 time(s)
Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; SV1; .NET CLR 2.0.50727) 1 time(s)
Yandex/1.01.001 (compatible; Win16; I) 4 time(s)
Mozilla/5.0 (compatible; DotBot/1.1; http://www.dotnetdotcom.org/, crawler at dotnetdotcom.org) 6 time(s)
Mozilla/5.0 (compatible; spbot/2.0.2; +http://www.seoprofiler.com/bot/ ) 3 time(s)
T-Mobile Dash Mozilla/4.0 (compatible; MSIE 4.01; Windows CE; Smartphone; 320x240; MSNBOT-MOBILE/1.1; +http://search.msn.com/msnbot.htm) 1 time(s)
msnbot/2.0b (+http://search.msn.com/msnbot.htm) 11 time(s)
Baiduspider+(+http://www.baidu.com/search/spider.htm) 2 time(s)
Mozilla/5.0 (Twiceler-0.9 http://www.cuil.com/twiceler/robot.html) 12 time(s)
Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) Speedy Spider (http://www.entireweb.com/about/search_tech/speedy_spider/) 1 time(s)
Mozilla/5.0 (compatible; Exabot/3.0; +http://www.exabot.com/go/robot) 1 time(s)
---------------------- httpd End -------------------------
--------------------- Kernel Begin ------------------------
1 Time(s): device eth0 entered promiscuous mode
1 Time(s): device eth0 left promiscuous mode
---------------------- Kernel End -------------------------
--------------------- pam_unix Begin ------------------------
cron:
Sessions Opened:
root: 510 Time(s)
mailman: 292 Time(s)
www-data: 144 Time(s)
dmah: 15 Time(s)
neuro: 1 Time(s)
sshd:
Sessions Opened:
dmah: 1 Time(s)
su:
Sessions Opened:
(uid=0) -> nobody: 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- sendmail Begin ------------------------
ERROR: Could not open /etc/mail/local-host-names
ERROR: Could not open /etc/mail/access
Message Size Distribution:
Range # Msgs KBytes
0 - 10k 0 0
10k - 20k 0 0
20k - 50k 0 0
50k - 100k 0 0
100k - 500k 0 0
500k - 1Mb 0 0
1Mb - 2Mb 0 0
2Mb - 5Mb 0 0
5Mb - 10Mb 0 0
10Mb+ 0 0
----------------------------------
TOTAL 0 0
---------------------- sendmail End -------------------------
--------------------- SSHD Begin ------------------------
Argument "UNKNOWN" isn't numeric in pack at /usr/share/logwatch//lib/Logwatch.pm line 311, <STDIN> line 1496.
Couldn't resolve these IPs:
187-10-207-55.dsl.telesp.net.br: 20 Time(s)
187-10-93-236.dsl.telesp.net.br: 13 Time(s)
187-2-108-171-sj.cpe.vivax.com.br: 4 Time(s)
187-34-225-221.dsl.telesp.net.br: 17 Time(s)
187-35-56-115.dsl.telesp.net.br: 49 Time(s)
187-4-1xx-4.xxx.ipd.brasiltelecom.net.br: 4 Time(s)
187-71-116-81.3g.claro.net.br: 6 Time(s)
187-74-68-82.dsl.telesp.net.br: 4 Time(s)
18713179054.user.veloxzone.com.br: 5 Time(s)
189104100105.user.veloxzone.com.br: 10 Time(s)
189106059003.user.veloxzone.com.br: 7 Time(s)
189106128224.user.veloxzone.com.br: 9 Time(s)
18925086169.user.veloxzone.com.br: 6 Time(s)
190-49-166-183.speedy.com.ar: 10 Time(s)
201-255-157-202.mrse.com.ar: 33 Time(s)
20119066031.user.veloxzone.com.br: 4 Time(s)
223-134-192-190.cab.prima.net.ar: 4 Time(s)
246.53.37.58.broad.xw.sh.dynamic.163data.com.cn: 11 Time(s)
26-28-124-92.pppoe.irtel.ru: 4 Time(s)
78.static.118-96-20.astinet.telkom.net.id: 41 Time(s)
8.174.168.188.retail.ttk.ru: 3 Time(s)
akyos.com(88.191.41.203): 115 Time(s)
bb151e03.virtua.com.br: 4 Time(s)
bb171308.virtua.com.br: 5 Time(s)
bb17135d.virtua.com.br: 4 Time(s)
bb2502ae.virtua.com.br: 4 Time(s)
bb4069b1.virtua.com.br: 5 Time(s)
bd06bd6e.virtua.com.br: 30 Time(s)
bd64e4c5.virtua.com.br: 93 Time(s)
cpe-41.233.18.186.in-addr.arpa: 4 Time(s)
datacenter.absamhost.com.br: 62 Time(s)
delhi-203.200.81-104.static.vsnl.net.in: 27 Time(s)
dsl-187-134-159-8-dyn.prod-infinitum.com.mx: 25 Time(s)
dsl-189-134-88-96-dyn.prod-infinitum.com.mx: 73 Time(s)
dsl-201-102-170-252-dyn.prod-infinitum.com.mx: 6 Time(s)
dsl88-247-21859.ttnet.net.tr: 15 Time(s)
dynamic-ip-1868141104.cable.net.co: 8 Time(s)
ev1s-216-40-255-10.theplanet.com: 12 Time(s)
host5.190-139-255.telecom.net.ar: 2 Time(s)
pi49-253-42.cn.ru: 26 Time(s)
Didn't receive an ident from these IPs:
059149151023.ctinets.com (59.149.151.23): 5 Time(s)
102-131-132-95.pool.ukrtel.net (95.132.131.102): 1 Time(s)
104-145-93-178.pool.ukrtel.net (178.93.145.104): 5 Time(s)
109.87.34.207: 1 Time(s)
112.203.178.35.pldt.net (112.203.178.35): 1 Time(s)
113.60.149.44: 5 Time(s)
114.81.170.91: 2 Time(s)
117.254.161.90: 1 Time(s)
118-168-74-116.dynamic.hinet.net (118.168.74.116): 5 Time(s)
118-168-87-184.dynamic.hinet.net (118.168.87.184): 4 Time(s)
122.43.38.92: 5 Time(s)
123.Red-79-154-216.dynamicIP.rima-tde.net (79.154.216.123): 4 Time(s)
134.115.in-addr.arpa (115.134.250.247): 3 Time(s)
151.67.207.124: 3 Time(s)
151.81.187.170: 2 Time(s)
151.82.194.3: 2 Time(s)
178.122.13.241: 1 Time(s)
180.191.19.190: 4 Time(s)
180.191.41.184: 3 Time(s)
186-57-147-119.speedy.com.ar (186.57.147.119): 2 Time(s)
186.14.8.247: 2 Time(s)
186.42.102.162: 4 Time(s)
187-10-207-55.dsl.telesp.net.br (187.10.207.55): 2 Time(s)
187-10-93-236.dsl.telesp.net.br (187.10.93.236): 3 Time(s)
187-2-108-171-sj.cpe.vivax.com.br (187.2.108.171): 4 Time(s)
187-27-225-201.3g.claro.net.br (187.27.225.201): 1 Time(s)
187-27-75-190.3g.claro.net.br (187.27.75.190): 4 Time(s)
187-34-225-221.dsl.telesp.net.br (187.34.225.221): 4 Time(s)
187-35-56-115.dsl.telesp.net.br (187.35.56.115): 6 Time(s)
187-4-1xx-4.xxx.ipd.brasiltelecom.net.br (187.4.136.148): 4 Time(s)
187-44-7-144.cpe.moc.mastercabo.com.br (187.44.7.144): 3 Time(s)
187-71-116-81.3g.claro.net.br (187.71.116.81): 3 Time(s)
187-74-68-82.dsl.telesp.net.br (187.74.68.82): 3 Time(s)
187.52.124.191: 1 Time(s)
18713179054.user.veloxzone.com.br (187.13.179.54): 5 Time(s)
188-193-203-52-dynip.superkabel.de (188.193.203.52): 5 Time(s)
188.16.204.240: 5 Time(s)
189-18-238-146.dsl.telesp.net.br (189.18.238.146): 3 Time(s)
189-19-208-233.dsl.telesp.net.br (189.19.208.233): 7 Time(s)
189-69-89-238.dsl.telesp.net.br (189.69.89.238): 3 Time(s)
189104100105.user.veloxzone.com.br (189.104.100.105): 3 Time(s)
189106059003.user.veloxzone.com.br (189.106.59.3): 2 Time(s)
189106128224.user.veloxzone.com.br (189.106.128.224): 2 Time(s)
18925086169.user.veloxzone.com.br (189.25.86.169): 3 Time(s)
190-49-166-183.speedy.com.ar (190.49.166.183): 4 Time(s)
190-95-103-3.bk22-dsl.surnet.cl (190.95.103.3): 1 Time(s)
190-95-120-233.bk23-dsl.surnet.cl (190.95.120.233): 1 Time(s)
190.107.134.202: 2 Time(s)
190.42.86.49: 2 Time(s)
200-42-112-192.dup.prima.net.ar (200.42.112.192): 2 Time(s)
200.175.53.231.static.gvt.net.br (200.175.53.231): 4 Time(s)
201-0-55-92.dsl.telesp.net.br (201.0.55.92): 8 Time(s)
201-11-174-215.gnace701.dsl.brasiltelecom.net.br (201.11.174.215): 6 Time(s)
201-13-57-210.dsl.telesp.net.br (201.13.57.210): 4 Time(s)
201-255-157-202.mrse.com.ar (201.255.157.202): 5 Time(s)
201-33-234-162.wln.net.br (201.33.234.162): 1 Time(s)
201-75-197-164-am.cpe.vivax.com.br (201.75.197.164): 3 Time(s)
20119066031.user.veloxzone.com.br (201.19.66.31): 3 Time(s)
20119083082.user.veloxzone.com.br (201.19.83.82): 5 Time(s)
20158192009.user.veloxzone.com.br (201.58.192.9): 2 Time(s)
207-153-22-190.adsl.terra.cl (190.22.153.207): 7 Time(s)
213.110.17.65: 4 Time(s)
218.248.80.49: 4 Time(s)
223-134-192-190.cab.prima.net.ar (190.192.134.223): 2 Time(s)
246.53.37.58.broad.xw.sh.dynamic.163data.com.cn (58.37.53.246): 5 Time(s)
26-28-124-92.pppoe.irtel.ru (92.124.28.26): 3 Time(s)
27.54.25.158: 5 Time(s)
41.104.42.209: 2 Time(s)
41.105.121.38: 5 Time(s)
41.105.80.179: 5 Time(s)
41.140.69.55: 1 Time(s)
41.248.200.53: 1 Time(s)
41.250.209.21: 4 Time(s)
58-3-118-40.ppp.bbiq.jp (58.3.118.40): 1 Time(s)
77-22-223-247-dynip.superkabel.de (77.22.223.247): 5 Time(s)
77-23-110-247-dynip.superkabel.de (77.23.110.247): 3 Time(s)
77-255-30-165.adsl.inetia.pl (77.255.30.165): 2 Time(s)
78.84.66.85: 4 Time(s)
78.static.118-96-20.astinet.telkom.net.id (118.96.20.78): 4 Time(s)
8.174.168.188.retail.ttk.ru (188.168.174.8): 1 Time(s)
87-205-129-39.adsl.inetia.pl (87.205.129.39): 1 Time(s)
87.250.101.60: 2 Time(s)
9-142-133-95.pool.ukrtel.net (95.133.142.9): 3 Time(s)
91-66-152-131-dynip.superkabel.de (91.66.152.131): 1 Time(s)
92-249-136-54.pool.digikabel.hu (92.249.136.54): 1 Time(s)
93-136-214-155.adsl.net.t-com.hr (93.136.214.155): 2 Time(s)
93.85.24.82: 4 Time(s)
94-75-107-101.home.aster.pl (94.75.107.101): 5 Time(s)
95-28-18-228.broadband.corbina.ru (95.28.18.228): 5 Time(s)
95.170.181.251: 5 Time(s)
95.58.130.4: 1 Time(s)
95.58.133.2: 1 Time(s)
95.65.173.51: 4 Time(s)
AAubervilliers-151-1-21-50.w83-114.abo.wanadoo.fr (83.114.140.50): 1 Time(s)
Dynamic-IP-1868141104.cable.net.co (186.81.41.104): 2 Time(s)
KHP059134162056.ppp-bb.dion.ne.jp (59.134.162.56): 2 Time(s)
UNKNOWN: 1 Time(s)
acmc61.neoplus.adsl.tpnet.pl (83.10.130.61): 2 Time(s)
apn-94-44-46-11.vodafone.hu (94.44.46.11): 3 Time(s)
bb151e03.virtua.com.br (187.21.30.3): 1 Time(s)
bb171308.virtua.com.br (187.23.19.8): 1 Time(s)
bb2502ae.virtua.com.br (187.37.2.174): 3 Time(s)
bb4069b1.virtua.com.br (187.64.105.177): 5 Time(s)
bd06bd6e.virtua.com.br (189.6.189.110): 5 Time(s)
bd3e050d.virtua.com.br (189.62.5.13): 1 Time(s)
bd3e0e84.virtua.com.br (189.62.14.132): 4 Time(s)
bd3eb233.virtua.com.br (189.62.178.51): 2 Time(s)
bd64e4c5.virtua.com.br (189.100.228.197): 3 Time(s)
bzq-79-182-108-189.red.bezeqint.net (79.182.108.189): 1 Time(s)
c9062ca1.virtua.com.br (201.6.44.161): 4 Time(s)
c9343867.virtua.com.br (201.52.56.103): 1 Time(s)
c9349c78.virtua.com.br (201.52.156.120): 3 Time(s)
c953767e.virtua.com.br (201.83.118.126): 5 Time(s)
cable-188-2-48-120.dynamic.sbb.rs (188.2.48.120): 1 Time(s)
cpe-41.233.18.186.in-addr.arpa (186.18.233.41): 5 Time(s)
delhi-203.200.81-104.static.vsnl.net.in (203.200.81.104): 3 Time(s)
dsl-187-134-159-8-dyn.prod-infinitum.com.mx (187.134.159.8): 4 Time(s)
dsl-189-134-88-96-dyn.prod-infinitum.com.mx (189.134.88.96): 5 Time(s)
dsl-201-102-170-252-dyn.prod-infinitum.com.mx (201.102.170.252): 3 Time(s)
dsl-88-218-74-206.customers.vivodi.gr (88.218.74.206): 1 Time(s)
dsl51B6442C.pool.t-online.hu (81.182.68.44): 4 Time(s)
dsl88-247-21859.ttnet.net.tr (88.247.85.99): 1 Time(s)
host-185-166.xdsl.telecet.ru (87.117.185.166): 3 Time(s)
host149-6-dynamic.20-79-r.retail.telecomitalia.it (79.20.6.149): 4 Time(s)
host166-15-dynamic.244-95-r.retail.telecomitalia.it (95.244.15.166): 5 Time(s)
host172-193-static.224-95-b.business.telecomitalia.it (95.224.193.172): 1 Time(s)
host188-212-dynamic.5-87-r.retail.telecomitalia.it (87.5.212.188): 3 Time(s)
host192-19-dynamic.51-82-r.retail.telecomitalia.it (82.51.19.192): 4 Time(s)
host38-133-dynamic.233-95-r.retail.telecomitalia.it (95.233.133.38): 5 Time(s)
host5.190-139-255.telecom.net.ar (190.139.255.5): 2 Time(s)
host82-195-dynamic.11-87-r.retail.telecomitalia.it (87.11.195.82): 3 Time(s)
ip-95-220-6-146.bb.netbynet.ru (95.220.6.146): 4 Time(s)
pD951F1C9.dip.t-dialin.net (217.81.241.201): 5 Time(s)
pcd393250.netvigator.com (203.218.183.250): 4 Time(s)
pi49-253-42.cn.ru (178.49.253.42): 5 Time(s)
r186-49-79-250.dialup.adsl.anteldata.net.uy (186.49.79.250): 1 Time(s)
zaq7d04edfa.zaq.ne.jp (125.4.237.250): 1 Time(s)
Failed logins from these:
!@#$%/password from 69.162.112.116: 1 Time(s)
!@#$%^&*/password from 69.162.112.116: 1 Time(s)
!@#$%^&/password from 69.162.112.116: 1 Time(s)
!@#$%^/password from 69.162.112.116: 1 Time(s)
*/password from 69.162.112.116: 1 Time(s)
0/password from 69.162.112.116: 1 Time(s)
00000000/password from 69.162.112.116: 1 Time(s)
01porn/password from 69.162.112.116: 1 Time(s)
0246/password from 69.162.112.116: 1 Time(s)
0987654321/password from 69.162.112.116: 1 Time(s)
1/password from 69.162.112.116: 1 Time(s)
10/password from 69.162.112.116: 1 Time(s)
100/password from 69.162.112.116: 1 Time(s)
101/password from 69.162.112.116: 1 Time(s)
102/password from 69.162.112.116: 1 Time(s)
1022/password from 69.162.112.116: 1 Time(s)
103/password from 69.162.112.116: 1 Time(s)
104/password from 69.162.112.116: 1 Time(s)
105/password from 69.162.112.116: 1 Time(s)
106/password from 69.162.112.116: 1 Time(s)
10sne1/password from 69.162.112.116: 1 Time(s)
11/password from 69.162.112.116: 1 Time(s)
110/password from 69.162.112.116: 1 Time(s)
1111/password from 69.162.112.116: 1 Time(s)
11111/password from 69.162.112.116: 1 Time(s)
111111/password from 69.162.112.116: 1 Time(s)
11111111/password from 69.162.112.116: 1 Time(s)
12/password from 69.162.112.116: 1 Time(s)
121/password from 69.162.112.116: 1 Time(s)
1212/password from 69.162.112.116: 1 Time(s)
121212/password from 69.162.112.116: 1 Time(s)
1213/password from 69.162.112.116: 1 Time(s)
1214/password from 69.162.112.116: 1 Time(s)
122/password from 69.162.112.116: 1 Time(s)
1225/password from 69.162.112.116: 1 Time(s)
123/password from 69.162.112.116: 3 Time(s)
123123/password from 69.162.112.116: 1 Time(s)
123321/password from 69.162.112.116: 1 Time(s)
1234/password from 69.162.112.116: 2 Time(s)
12345/password from 69.162.112.116: 2 Time(s)
123456/password from 69.162.112.116: 2 Time(s)
1234567/password from 69.162.112.116: 1 Time(s)
12345678/password from 69.162.112.116: 2 Time(s)
1234567890/password from 69.162.112.116: 1 Time(s)
1234qwer/password from 69.162.112.116: 1 Time(s)
123abc/password from 69.162.112.116: 1 Time(s)
4444/password from 69.162.112.116: 1 Time(s)
44444/password from 69.162.112.116: 1 Time(s)
444444/password from 69.162.112.116: 1 Time(s)
4444444/password from 69.162.112.116: 1 Time(s)
555/password from 69.162.112.116: 1 Time(s)
5555/password from 69.162.112.116: 1 Time(s)
55555/password from 69.162.112.116: 1 Time(s)
555555/password from 69.162.112.116: 1 Time(s)
5555555/password from 69.162.112.116: 1 Time(s)
@#$%^&/password from 69.162.112.116: 1 Time(s)
andrew/password from 203.200.81.104: 3 Time(s)
apple/password from 203.200.81.104: 3 Time(s)
brian/password from 203.200.81.104: 3 Time(s)
evolt/password from 216.40.255.10: 4 Time(s)
newsroom/password from 203.200.81.104: 3 Time(s)
org/password from 216.40.255.10: 4 Time(s)
root/password from 109.87.34.207: 4 Time(s)
root/password from 113.60.149.44: 62 Time(s)
root/password from 114.81.170.91: 4 Time(s)
root/password from 117.254.161.90: 5 Time(s)
root/password from 118.168.74.116: 38 Time(s)
root/password from 118.168.87.184: 13 Time(s)
root/password from 118.96.20.78: 41 Time(s)
root/password from 122.102.64.54: 73 Time(s)
root/password from 122.43.38.92: 5 Time(s)
root/password from 125.4.237.250: 16 Time(s)
root/password from 151.67.207.124: 15 Time(s)
root/password from 151.81.187.170: 5 Time(s)
root/password from 151.82.194.3: 4 Time(s)
root/password from 178.49.253.42: 26 Time(s)
root/password from 178.93.145.104: 21 Time(s)
root/password from 180.191.19.190: 5 Time(s)
root/password from 180.191.41.184: 6 Time(s)
root/password from 186.14.8.247: 5 Time(s)
root/password from 186.18.233.41: 4 Time(s)
root/password from 186.42.102.162: 18 Time(s)
root/password from 186.49.79.250: 6 Time(s)
root/password from 186.81.41.104: 8 Time(s)
root/password from 187.10.207.55: 20 Time(s)
root/password from 187.10.93.236: 13 Time(s)
root/password from 187.13.179.54: 5 Time(s)
root/password from 187.134.159.8: 25 Time(s)
root/password from 187.2.108.171: 4 Time(s)
root/password from 187.21.30.3: 4 Time(s)
root/password from 187.23.19.8: 5 Time(s)
root/password from 187.23.19.93: 4 Time(s)
root/password from 187.27.225.201: 15 Time(s)
root/password from 187.34.225.221: 17 Time(s)
root/password from 187.35.56.115: 49 Time(s)
root/password from 187.37.2.174: 4 Time(s)
root/password from 187.4.136.148: 4 Time(s)
root/password from 187.44.7.144: 5 Time(s)
root/password from 187.52.124.191: 5 Time(s)
root/password from 187.64.105.177: 5 Time(s)
root/password from 187.71.116.81: 6 Time(s)
root/password from 187.74.68.82: 4 Time(s)
root/password from 188.16.204.240: 2 Time(s)
root/password from 188.168.174.8: 3 Time(s)
root/password from 188.193.203.52: 6 Time(s)
root/password from 188.2.48.120: 9 Time(s)
root/password from 189.100.228.197: 93 Time(s)
root/password from 189.104.100.105: 10 Time(s)
root/password from 189.106.128.224: 9 Time(s)
root/password from 189.106.59.3: 7 Time(s)
root/password from 189.134.88.96: 73 Time(s)
root/password from 189.18.238.146: 2 Time(s)
root/password from 189.19.208.233: 15 Time(s)
root/password from 189.25.86.169: 6 Time(s)
root/password from 189.33.193.170: 40 Time(s)
root/password from 189.6.189.110: 30 Time(s)
root/password from 189.69.89.238: 77 Time(s)
root/password from 190.107.134.202: 6 Time(s)
root/password from 190.139.255.5: 2 Time(s)
root/password from 190.148.99.236: 4 Time(s)
root/password from 190.192.134.223: 4 Time(s)
root/password from 190.242.24.14: 8 Time(s)
root/password from 190.49.166.183: 10 Time(s)
root/password from 190.95.120.233: 5 Time(s)
root/password from 200.175.53.231: 22 Time(s)
root/password from 200.42.112.192: 9 Time(s)
root/password from 200.89.50.238: 1 Time(s)
root/password from 201.0.55.92: 27 Time(s)
root/password from 201.102.170.252: 6 Time(s)
root/password from 201.13.57.210: 5 Time(s)
root/password from 201.158.91.122: 8 Time(s)
root/password from 201.19.66.31: 4 Time(s)
root/password from 201.255.157.202: 33 Time(s)
root/password from 201.52.156.120: 1 Time(s)
root/password from 201.52.56.103: 2 Time(s)
root/password from 201.58.192.9: 4 Time(s)
root/password from 201.6.44.161: 4 Time(s)
root/password from 201.75.197.164: 5 Time(s)
root/password from 201.83.118.126: 7 Time(s)
root/password from 201.92.17.38: 15 Time(s)
root/password from 201.93.227.209: 5 Time(s)
root/password from 203.200.81.104: 15 Time(s)
root/password from 203.218.183.250: 7 Time(s)
root/password from 213.110.17.65: 8 Time(s)
root/password from 217.81.241.201: 8 Time(s)
root/password from 218.248.80.49: 4 Time(s)
root/password from 221.127.140.214: 6 Time(s)
root/password from 27.54.25.158: 4 Time(s)
root/password from 41.104.42.209: 5 Time(s)
root/password from 41.105.121.38: 5 Time(s)
root/password from 41.105.80.179: 24 Time(s)
root/password from 41.248.200.53: 3 Time(s)
root/password from 41.250.209.21: 12 Time(s)
root/password from 58.20.125.165: 51 Time(s)
root/password from 58.3.118.40: 5 Time(s)
root/password from 58.37.53.246: 11 Time(s)
root/password from 59.134.162.56: 10 Time(s)
root/password from 59.149.151.23: 25 Time(s)
root/password from 77.22.223.247: 21 Time(s)
root/password from 77.23.128.59: 6 Time(s)
root/password from 78.84.66.85: 22 Time(s)
root/password from 79.154.216.123: 42 Time(s)
root/password from 79.20.6.149: 26 Time(s)
root/password from 81.182.68.44: 24 Time(s)
root/password from 82.51.19.192: 11 Time(s)
root/password from 83.10.130.61: 6 Time(s)
root/password from 87.11.195.82: 10 Time(s)
root/password from 87.117.185.166: 14 Time(s)
root/password from 87.250.101.60: 21 Time(s)
root/password from 87.5.212.188: 4 Time(s)
root/password from 87.99.27.177: 8 Time(s)
root/password from 88.191.41.203: 115 Time(s)
root/password from 88.218.74.206: 4 Time(s)
root/password from 88.247.85.99: 15 Time(s)
root/password from 89.232.105.184: 6 Time(s)
root/password from 91.66.152.131: 6 Time(s)
root/password from 92.124.28.26: 4 Time(s)
root/password from 92.249.136.54: 12 Time(s)
root/password from 93.136.214.155: 7 Time(s)
root/password from 93.85.24.82: 21 Time(s)
root/password from 94.44.46.11: 18 Time(s)
root/password from 94.75.107.101: 6 Time(s)
root/password from 95.133.142.9: 33 Time(s)
root/password from 95.170.181.251: 7 Time(s)
root/password from 95.224.193.172: 14 Time(s)
root/password from 95.28.18.228: 40 Time(s)
root/password from 95.65.173.51: 29 Time(s)
root/password from 96.13.112.158: 10 Time(s)
tempest/password from 216.40.255.10: 4 Time(s)
Illegal users from these:
!@#$%/none from 69.162.112.116: 1 Time(s)
!@#$%/password from 69.162.112.116: 1 Time(s)
!@#$%^&*/none from 69.162.112.116: 1 Time(s)
!@#$%^&*/password from 69.162.112.116: 1 Time(s)
!@#$%^&/none from 69.162.112.116: 1 Time(s)
!@#$%^&/password from 69.162.112.116: 1 Time(s)
!@#$%^/none from 69.162.112.116: 1 Time(s)
!@#$%^/password from 69.162.112.116: 1 Time(s)
*/none from 69.162.112.116: 1 Time(s)
*/password from 69.162.112.116: 1 Time(s)
0/none from 69.162.112.116: 1 Time(s)
0/password from 69.162.112.116: 1 Time(s)
00000000/none from 69.162.112.116: 1 Time(s)
00000000/password from 69.162.112.116: 1 Time(s)
01porn/none from 69.162.112.116: 1 Time(s)
01porn/password from 69.162.112.116: 1 Time(s)
0246/none from 69.162.112.116: 1 Time(s)
0246/password from 69.162.112.116: 1 Time(s)
0987654321/none from 69.162.112.116: 1 Time(s)
0987654321/password from 69.162.112.116: 1 Time(s)
1/none from 69.162.112.116: 1 Time(s)
1/password from 69.162.112.116: 1 Time(s)
10/none from 69.162.112.116: 1 Time(s)
10/password from 69.162.112.116: 1 Time(s)
100/none from 69.162.112.116: 1 Time(s)
100/password from 69.162.112.116: 1 Time(s)
101/none from 69.162.112.116: 1 Time(s)
101/password from 69.162.112.116: 1 Time(s)
102/none from 69.162.112.116: 1 Time(s)
102/password from 69.162.112.116: 1 Time(s)
1022/none from 69.162.112.116: 1 Time(s)
1022/password from 69.162.112.116: 1 Time(s)
103/none from 69.162.112.116: 1 Time(s)
103/password from 69.162.112.116: 1 Time(s)
104/none from 69.162.112.116: 1 Time(s)
104/password from 69.162.112.116: 1 Time(s)
105/none from 69.162.112.116: 1 Time(s)
105/password from 69.162.112.116: 1 Time(s)
106/none from 69.162.112.116: 1 Time(s)
106/password from 69.162.112.116: 1 Time(s)
10sne1/none from 69.162.112.116: 1 Time(s)
10sne1/password from 69.162.112.116: 1 Time(s)
11/none from 69.162.112.116: 1 Time(s)
11/password from 69.162.112.116: 1 Time(s)
110/none from 69.162.112.116: 1 Time(s)
110/password from 69.162.112.116: 1 Time(s)
1111/none from 69.162.112.116: 1 Time(s)
1111/password from 69.162.112.116: 1 Time(s)
11111/none from 69.162.112.116: 1 Time(s)
11111/password from 69.162.112.116: 1 Time(s)
111111/none from 69.162.112.116: 1 Time(s)
111111/password from 69.162.112.116: 1 Time(s)
11111111/none from 69.162.112.116: 1 Time(s)
11111111/password from 69.162.112.116: 1 Time(s)
12/none from 69.162.112.116: 1 Time(s)
12/password from 69.162.112.116: 1 Time(s)
121/none from 69.162.112.116: 1 Time(s)
121/password from 69.162.112.116: 1 Time(s)
1212/none from 69.162.112.116: 1 Time(s)
1212/password from 69.162.112.116: 1 Time(s)
121212/none from 69.162.112.116: 1 Time(s)
121212/password from 69.162.112.116: 1 Time(s)
1213/none from 69.162.112.116: 1 Time(s)
1213/password from 69.162.112.116: 1 Time(s)
1214/none from 69.162.112.116: 1 Time(s)
1214/password from 69.162.112.116: 1 Time(s)
122/none from 69.162.112.116: 1 Time(s)
122/password from 69.162.112.116: 1 Time(s)
1225/none from 69.162.112.116: 1 Time(s)
1225/password from 69.162.112.116: 1 Time(s)
123/none from 69.162.112.116: 3 Time(s)
123/password from 69.162.112.116: 3 Time(s)
123123/none from 69.162.112.116: 1 Time(s)
123123/password from 69.162.112.116: 1 Time(s)
123321/none from 69.162.112.116: 1 Time(s)
123321/password from 69.162.112.116: 1 Time(s)
1234/none from 69.162.112.116: 2 Time(s)
1234/password from 69.162.112.116: 2 Time(s)
12345/none from 69.162.112.116: 2 Time(s)
12345/password from 69.162.112.116: 2 Time(s)
123456/none from 69.162.112.116: 2 Time(s)
123456/password from 69.162.112.116: 2 Time(s)
1234567/none from 69.162.112.116: 1 Time(s)
1234567/password from 69.162.112.116: 1 Time(s)
12345678/none from 69.162.112.116: 2 Time(s)
12345678/password from 69.162.112.116: 2 Time(s)
1234567890/none from 69.162.112.116: 1 Time(s)
1234567890/password from 69.162.112.116: 1 Time(s)
1234qwer/none from 69.162.112.116: 1 Time(s)
1234qwer/password from 69.162.112.116: 1 Time(s)
123abc/none from 69.162.112.116: 1 Time(s)
123abc/password from 69.162.112.116: 1 Time(s)
4444/none from 69.162.112.116: 1 Time(s)
4444/password from 69.162.112.116: 1 Time(s)
44444/none from 69.162.112.116: 1 Time(s)
44444/password from 69.162.112.116: 1 Time(s)
444444/none from 69.162.112.116: 1 Time(s)
444444/password from 69.162.112.116: 1 Time(s)
4444444/none from 69.162.112.116: 1 Time(s)
4444444/password from 69.162.112.116: 1 Time(s)
555/none from 69.162.112.116: 1 Time(s)
555/password from 69.162.112.116: 1 Time(s)
5555/none from 69.162.112.116: 1 Time(s)
5555/password from 69.162.112.116: 1 Time(s)
55555/none from 69.162.112.116: 1 Time(s)
55555/password from 69.162.112.116: 1 Time(s)
555555/none from 69.162.112.116: 1 Time(s)
555555/password from 69.162.112.116: 1 Time(s)
5555555/none from 69.162.112.116: 1 Time(s)
5555555/password from 69.162.112.116: 1 Time(s)
@#$%^&/none from 69.162.112.116: 1 Time(s)
@#$%^&/password from 69.162.112.116: 1 Time(s)
andrew/none from 203.200.81.104: 3 Time(s)
andrew/password from 203.200.81.104: 3 Time(s)
apple/none from 203.200.81.104: 3 Time(s)
apple/password from 203.200.81.104: 3 Time(s)
brian/none from 203.200.81.104: 3 Time(s)
brian/password from 203.200.81.104: 3 Time(s)
evolt/none from 216.40.255.10: 4 Time(s)
evolt/password from 216.40.255.10: 4 Time(s)
newsroom/none from 203.200.81.104: 3 Time(s)
newsroom/password from 203.200.81.104: 3 Time(s)
org/none from 216.40.255.10: 4 Time(s)
org/password from 216.40.255.10: 4 Time(s)
tempest/none from 216.40.255.10: 4 Time(s)
tempest/password from 216.40.255.10: 4 Time(s)
Users logging in through sshd:
dmah:
S01060014d1c755f4.cg.shawcable.net (70.72.36.38): 1 time
Received disconnect:
11: disconnected by user
70.72.36.38 : 1 Time(s)
**Unmatched Entries**
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
error: Could not get shadow information for NOUSER
warning: can't get client address: Connection reset by peer
---------------------- SSHD End -------------------------
--------------------- Syslogd Begin ------------------------
Syslogd started 1 Time(s)
---------------------- Syslogd End -------------------------
--------------------- vpopmail Begin ------------------------
No Such User Found:
cbird@ - 1 Time(s)
---------------------- vpopmail End -------------------------
------------------ Disk Space --------------------
/dev/hda3 72G 57G 12G 84% /
/dev/hda1 92M 6.3M 81M 8% /boot
###################### LogWatch End #########################
More information about the Sysadmin
mailing list