Fwd: Cron <root at linode01> /root/bin/send_stats.sh

Karsten 'quaid' Wade kwade at redhat.com
Sun Dec 15 19:05:26 UTC 2013 

I presume I'm not the only one getting this. I believe the script is one
that I wrote to backup the stats to another machine.

Is this something we can safely turn off? Meaning, stats are now being
gathered and backed-up in another way?


-------- Original Message --------
Subject: Cron <root at linode01> /root/bin/send_stats.sh
Date: Sat, 14 Dec 2013 18:00:02 -0500 (EST)
From: root at linode01.ovirt.org (Cron Daemon)
To: root at linode01.ovirt.org

Sending logs to a host far far away
Processing logfile /var/log/httpd/access_log-20131213.gz
Pseudo-terminal will not be allocated because stdin is not a terminal.
Address 31.15.26.3 maps to lists.ovirt.org, but this does not map back
to the address - POSSIBLE BREAK-IN ATTEMPT!
Last failed login: Sat Dec 14 22:52:02 UTC 2013 from 61.147.74.149 on
ssh:notty
There were 10940 failed login attempts since the last successful login.
Address 31.15.26.3 maps to lists.ovirt.org, but this does not map back
to the address - POSSIBLE BREAK-IN ATTEMPT!
/var/log/httpd/access_log-20131213.gz sent to
stats.ovirt.org:/var/log/awstats/linode01.ovirt.org/
Processing logfile /var/log/httpd/lists.ovirt.org-access_log-20131213.gz
Pseudo-terminal will not be allocated because stdin is not a terminal.
Address 31.15.26.3 maps to lists.ovirt.org, but this does not map back
to the address - POSSIBLE BREAK-IN ATTEMPT!
Last failed login: Sat Dec 14 22:52:02 UTC 2013 from 61.147.74.149 on
ssh:notty
There were 10940 failed login attempts since the last successful login.
Address 31.15.26.3 maps to lists.ovirt.org, but this does not map back
to the address - POSSIBLE BREAK-IN ATTEMPT!
/var/log/httpd/lists.ovirt.org-access_log-20131213.gz sent to
stats.ovirt.org:/var/log/awstats/lists.ovirt.org/
Processing logfile /var/log/httpd/resources.ovirt.org-access_log-20131213.gz
Pseudo-terminal will not be allocated because stdin is not a terminal.
Address 31.15.26.3 maps to lists.ovirt.org, but this does not map back
to the address - POSSIBLE BREAK-IN ATTEMPT!
Last failed login: Sat Dec 14 22:52:02 UTC 2013 from 61.147.74.149 on
ssh:notty
There were 10940 failed login attempts since the last successful login.
Address 31.15.26.3 maps to lists.ovirt.org, but this does not map back
to the address - POSSIBLE BREAK-IN ATTEMPT!
/var/log/httpd/resources.ovirt.org-access_log-20131213.gz sent to
stats.ovirt.org:/var/log/awstats/resources.ovirt.org/
And they lived happily ever after



-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 255 bytes
Desc: OpenPGP digital signature
URL: <http://lists.ovirt.org/pipermail/infra/attachments/20131215/c09c5421/attachment.sig>

More information about the Infra mailing list