Logwatch for linode01.ovirt.org (Linux)
logwatch at lists.ovirt.org
logwatch at lists.ovirt.org
Sat Dec 28 08:14:46 UTC 2013
################### Logwatch 7.3.6 (05/19/07) ####################
Processing Initiated: Sat Dec 28 03:14:46 2013
Date Range Processed: yesterday
( 2013-Dec-27 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: linode01.ovirt.org
##################################################################
--------------------- httpd Begin ------------------------
A total of 1 sites probed the server
212.90.148.101
A total of 3 possible successful probes were detected (the following URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):
/user.php?caselist[bad_file.txt][path]=http://www.google.com/humans.txt?&command=cat%20/etc/passwd HTTP Response 302
/sid=XXXXXXXXXXXXXXXXXXXXXXXXXXXX&shopid=http://www.google.com/humans.txt? HTTP Response 302
/gepi/gestion/savebackup.php?filename=http://www.google.com/humans.txt?&cmd=cat/etc/passwd HTTP Response 302
Requests with error response codes
403 Forbidden
/wordpress/wp-admin/: 2 Time(s)
404 Not Found
//administrator/components/com_jinc/classe ... pload_image.php: 6 Time(s)
//components/com_jinc/classes/graphics/php ... pload_image.php: 5 Time(s)
//components/com_jnews/includes/openflashc ... pload_image.php: 1 Time(s)
//images/stories/3xp.php: 2 Time(s)
/_______: 1 Time(s)
/__mailman/listinfo/users: 1 Time(s)
/admin.php: 1 Time(s)
/admin/: 1 Time(s)
/admin/banner_manager.php/login.php: 1 Time(s)
/admin/board: 4 Time(s)
/admin/categories.php/login.php: 1 Time(s)
/admin/categories.php/login.php?cPath=&act ... product_preview: 1 Time(s)
/admin/file_manager.php/login.php: 1 Time(s)
/admin/login.php: 1 Time(s)
/admin/sqlpatch.php/password_forgotten.php?action=execute: 1 Time(s)
/administrator/index.php: 1 Time(s)
/bitrix/admin/index.php?lang=en: 1 Time(s)
/blog/wp-admin/: 2 Time(s)
/board: 8 Time(s)
/category/news/feed: 1 Time(s)
/category/news/feed/: 15 Time(s)
/favicon.ico: 442 Time(s)
/fckeditor/editor/filemanager/upload/test.html: 1 Time(s)
/listinfo/board: 4 Time(s)
/mailman/project-planning/2011-September/000283.html: 1 Time(s)
/meetings/ovirt/2012/ovirt.2013-01-09-15.01.html: 2 Time(s)
/meetings/ovirt/2012/ovirt.2013-01-09-15.01.log.html: 2 Time(s)
/pipermail/infra/2012-December/001733.html ... voiy.ru//xp.php: 4 Time(s)
/pipermail/infra/2012-December/wp-content/ ... voiy.ru//xp.php: 1 Time(s)
/pipermail/infra/2012-October/001166.html& ... ?action=execute: 1 Time(s)
/pipermail/infra/2012-October/001233.html& ... r.php/login.php: 2 Time(s)
/pipermail/infra/2012-October/001233.html& ... s.php/login.php: 1 Time(s)
/pipermail/infra/2012-October/admin/banner ... r.php/login.php: 1 Time(s)
/pipermail/infra/2012-October/admin/catego ... product_preview: 1 Time(s)
/pipermail/infra/2012-October/admin/categories.php/login.php: 1 Time(s)
/pipermail/infra/2012-October/admin/file_m ... r.php/login.php: 1 Time(s)
/pipermail/infra/2012-October/admin/sqlpat ... ?action=execute: 1 Time(s)
/pipermail/infra/2013-December//administra ... pload_image.php: 5 Time(s)
/pipermail/infra/2013-December//components ... pload_image.php: 6 Time(s)
/pipermail/infra/2013-December/004585.html ... pload_image.php: 10 Time(s)
/pipermail/infra/2013-February/001992.html ... cl%2Fspydee.php: 2 Time(s)
/pipermail/infra/2013-February/002129.html ... voiy.ru//xp.php: 2 Time(s)
/pipermail/infra/2013-February/wp-content/ ... cl%2Fspydee.php: 1 Time(s)
/pipermail/infra/2013-February/wp-content/ ... voiy.ru//xp.php: 1 Time(s)
/pipermail/infra/2013-March/tiki-register.php: 3 Time(s)
/pipermail/infra/2013-May/002991.html& ... rd.php?id=byroe: 1 Time(s)
/pipermail/infra/2013-May/003102.html& ... voiy.ru//xp.php: 2 Time(s)
/pipermail/infra/2013-May/wp-content/theme ... voiy.ru//xp.php: 1 Time(s)
/pipermail/infra/2013-May/zboard.php?id=byroe: 1 Time(s)
/pipermail/infra/2013-October//administrat ... pload_image.php: 1 Time(s)
/pipermail/infra/2013-October//components/ ... pload_image.php: 1 Time(s)
/pipermail/infra/2013-October/004039.html& ... pload_image.php: 10 Time(s)
/pipermail/node-patches/2013-march/004623.html: 1 Time(s)
/pipermail/user/register: 2 Time(s)
/pipermail/users/2012-April//images/stories/3xp.php: 2 Time(s)
/pipermail/users/2012-April/007177.html+++ ... F0%E0%E2%EA%E8;: 3 Time(s)
/releases//3.3/rpm/EL/6Server/repodata/695 ... -primary.xml.gz: 1 Time(s)
/releases/3.2/rpm/EL/20/repodata/repomd.xml: 7 Time(s)
/releases/3.3.2/rpm/Fedora/16/repodata/repomd.xml: 1 Time(s)
/releases/3.3.2/rpm/Fedora/17/repodata/repomd.xml: 10 Time(s)
/releases/3.3.2/rpm/Fedora/19/repodata/1ea ... ists.sqlite.bz2: 1 Time(s)
/releases/3.3.2/rpm/Fedora/20/repodata/repomd.xml: 218 Time(s)
/releases/alpha/rpm/Fedora/20/repodata/repomd.xml: 48 Time(s)
/releases/beta/rpm/Fedora/$releasever/: 1 Time(s)
/releases/beta/rpm/Fedora/18/repodata/repomd.xml: 4 Time(s)
/releases/beta/rpm/Fedora/20/repodata/repomd.xml: 91 Time(s)
/releases/nightly/RHEL/6/repodata/repomd.xml: 2 Time(s)
/releases/nightly/fedora/16/: 1 Time(s)
/releases/nightly/fedora/16/ovirt-engine.repo: 1 Time(s)
/releases/nightly/fedora/16/repodata/repomd.xml: 240 Time(s)
/releases/nightly/fedora/17: 1 Time(s)
/releases/nightly/rpm/EL/6/SRPMS/ovirt-eng ... 912.el6.src.rpm: 1 Time(s)
/releases/nightly/rpm/EL/6/SRPMS/ovirt-eng ... 953.el6.src.rpm: 1 Time(s)
/releases/nightly/rpm/EL/6/SRPMS/vdsm-4.13 ... a97.el6.src.rpm: 1 Time(s)
/releases/nightly/rpm/EL/6/hooks/vdsm-hook ... .el6.noarch.rpm: 1 Time(s)
/releases/nightly/rpm/Fedora/17/noarch/: 1 Time(s)
/releases/nightly/rpm/Fedora/17/repodata/repomd.xml: 2 Time(s)
/releases/nightly/rpm/Fedora/19/SRPMS/ovir ... 07.fc19.src.rpm: 1 Time(s)
/releases/nightly/rpm/Fedora/19/SRPMS/ovir ... 50.fc19.src.rpm: 1 Time(s)
/releases/nightly/rpm/Fedora/19/SRPMS/ovir ... f7.fc19.src.rpm: 1 Time(s)
/releases/nightly/rpm/Fedora/19/SRPMS/vdsm ... 1e.fc19.src.rpm: 1 Time(s)
/releases/nightly/rpm/Fedora/19/SRPMS/vdsm ... 4d.fc19.src.rpm: 1 Time(s)
/releases/nightly/rpm/Fedora/19/repodata/0 ... ther.sqlite.bz2: 6 Time(s)
/releases/nightly/rpm/Fedora/19/repodata/8 ... -primary.xml.gz: 1 Time(s)
/releases/nightly/rpm/el/6/repodata/repomd.xml: 13 Time(s)
/releases/o: 1 Time(s)
/releases/ovirt-fedora.noarch.rpm: 1 Time(s)
/releases/ovirt-release-centos.noarch.rpm: 1 Time(s)
/releases/ovirt-release-el6-8-1.noarch.rpm: 7 Time(s)
/releases/ovirt-release-el6.noarch.rpm: 1 Time(s)
/releases/ovirt-release-fedora-4-2.noarch.rpm: 1 Time(s)
/releases/ovirt-release-fedora.noarch.rpm%e2%80%9d: 1 Time(s)
/releases/ovirt-release-fedora.noarch.rpm/ ... data/repomd.xml: 2 Time(s)
/releases/stable/binary/: 5 Time(s)
/releases/stable/fedora/16/repodata/filelists.xml.gz: 24 Time(s)
/releases/stable/fedora/16/repodata/repomd.xml: 250 Time(s)
/releases/stable/ovirt-engine.repo: 1 Time(s)
/releases/stable/rpm/EL/$releaserver: 1 Time(s)
/releases/stable/rpm/EL/6.2/repodata/repomd.xml: 2 Time(s)
/releases/stable/rpm/EL/6/images/pxeboot/: 1 Time(s)
/releases/stable/rpm/EL/6/repodata/69581d4 ... -primary.xml.gz: 1 Time(s)
/releases/stable/rpm/EL/6Workstation/repodata/repomd.xml: 2 Time(s)
/releases/stable/rpm/EL6/6/repodata/repomd.xml: 2 Time(s)
/releases/stable/rpm/EL6/6Workstation/repodata/repomd.xml: 2 Time(s)
/releases/stable/rpm/Fedora//repodata/repomd.xml: 1 Time(s)
/releases/stable/rpm/Fedora/15/repodata/repomd.xml: 14 Time(s)
/releases/stable/rpm/Fedora/16/repodata/repomd.xml: 16 Time(s)
/releases/stable/rpm/Fedora/19/repodata/51 ... ists.sqlite.bz2: 1 Time(s)
/releases/stable/rpm/Fedora/20/repodata/re ... 5bErrno%2014%5d: 2 Time(s)
/releases/stable/rpm/Fedora/20/repodata/repomd.xml: 420 Time(s)
/releases/stable/rpm/Fedora/repodata/repomd.xml: 8 Time(s)
/releases/updates-testing/rpm/Fedora/20/repodata/repomd.xml: 72 Time(s)
/releases/user/register: 1 Time(s)
/robots.txt: 81 Time(s)
/user/: 1 Time(s)
/user/register: 2 Time(s)
/wp-admin/: 2 Time(s)
/wp-content/themes/multidesign/scripts/ima ... voiy.ru//xp.php: 1 Time(s)
/wp-content/themes/welcome_inn/thumb.php?s ... cl%2Fspydee.php: 1 Time(s)
/wp-login.php: 6 Time(s)
/wp-login.php?action=register: 8 Time(s)
/wp/wp-admin/: 2 Time(s)
/zboard.php?id=byroe: 1 Time(s)
416 Request Range Not Satisfiable
/releases/stable/rpm/Fedora/18/noarch/ovir ... -7-1.noarch.rpm: 1 Time(s)
/releases/stable/rpm/Fedora/18/noarch/ovir ... fc18.noarch.rpm: 4 Time(s)
---------------------- httpd End -------------------------
--------------------- Postfix Begin ------------------------
14 *Warning: Pre-queue content-filter connection overload
11.955M Bytes accepted 12,535,300
74.876M Bytes delivered 78,513,420
======== ================================================
827 Accepted 99.40%
5 Rejected 0.60%
-------- ------------------------------------------------
832 Total 100.00%
======== ================================================
2 Reject relay denied 40.00%
3 Reject unknown user 60.00%
-------- ------------------------------------------------
5 Total Rejects 100.00%
======== ================================================
690 Connections made
690 Disconnections
817 Removed from queue
428 Delivered
8437 Sent via SMTP
7 Forwarded
40 Deferred
333 Deferrals
1 Bounce (local)
1 Bounce (remote)
2 Expired and returned to sender
4 DSNs undeliverable
245 Connection failure (outbound)
16 Timeout (inbound)
98 Hostname verification errors
55 Enabled PIX workaround
**Unmatched Entries**
1 Dec 27 13:21:18 linode01 postfix/smtp[10751]: 5FB1AC263: host emailgw02.pnnl.gov[2620:0:50f0:2309:192:101:109:63] refused to talk to me: 554 emailgw02.pnnl.gov
1 Dec 27 23:09:13 linode01 postfix/smtp[19545]: 33FC5C1E2: host emailgw02.pnnl.gov[2620:0:50f0:2309:192:101:109:63] refused to talk to me: 554 emailgw02.pnnl.gov
1 Dec 27 06:10:12 linode01 postfix/smtp[4587]: 86B2FC181: host emailgw01.pnnl.gov[2620:0:50f0:2309:192:101:109:61] refused to talk to me: 554 Emailgw01.pnnl.gov
1 Dec 27 07:47:38 linode01 postfix/smtp[5928]: D48ABC1DB: host emailgw01.pnnl.gov[2620:0:50f0:2309:192:101:109:61] refused to talk to me: 554 Emailgw01.pnnl.gov
1 Dec 27 23:09:13 linode01 postfix/smtp[19604]: 33FC5C1E2: host mailgateway.anl.gov[2620:0:dc0:1805::28] refused to talk to me: 554-mailgateway.anl.gov 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
1 Dec 27 13:20:17 linode01 postfix/smtp[10731]: D98DDC1E0: host mailfilter2.netspot.com.au[2400:7d00:110:2::202] refused to talk to me: 554-int-mailfilter-prod-ame1a.ame1.netspot.com.au 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
1 Dec 27 07:47:38 linode01 postfix/smtp[5949]: D48ABC1DB: host mailgateway.anl.gov[2620:0:dc0:1805::28] refused to talk to me: 554-mailgateway.anl.gov 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
1 Dec 27 16:54:20 linode01 postfix/smtp[13708]: AB57BC1E0: host emailgw01.pnnl.gov[2620:0:50f0:2309:192:101:109:61] refused to talk to me: 554 Emailgw01.pnnl.gov
1 Dec 27 13:21:28 linode01 postfix/smtp[10784]: 073B4C266: host emailgw02.pnnl.gov[2620:0:50f0:2309:192:101:109:63] refused to talk to me: 554 emailgw02.pnnl.gov
1 Dec 27 13:21:18 linode01 postfix/smtp[10761]: 5FB1AC263: host mailgateway.anl.gov[2620:0:dc0:1805::28] refused to talk to me: 554-mailgateway.anl.gov 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
1 Dec 27 13:21:28 linode01 postfix/smtp[10724]: 073B4C266: host mailgateway.anl.gov[2620:0:dc0:1805::28] refused to talk to me: 554-mailgateway.anl.gov 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
1 Dec 27 23:09:13 linode01 postfix/smtp[19545]: 33FC5C1E2: host emailgw01.pnnl.gov[2620:0:50f0:2309:192:101:109:61] refused to talk to me: 554 Emailgw01.pnnl.gov
1 Dec 27 06:10:12 linode01 postfix/smtp[4587]: 86B2FC181: host emailgw02.pnnl.gov[2620:0:50f0:2309:192:101:109:63] refused to talk to me: 554 emailgw02.pnnl.gov
1 Dec 27 13:21:10 linode01 postfix/smtp[10751]: C7EACC213: host emailgw02.pnnl.gov[2620:0:50f0:2309:192:101:109:63] refused to talk to me: 554 emailgw02.pnnl.gov
1 Dec 27 07:47:38 linode01 postfix/smtp[5928]: D48ABC1DB: host emailgw02.pnnl.gov[2620:0:50f0:2309:192:101:109:63] refused to talk to me: 554 emailgw02.pnnl.gov
1 Dec 27 07:47:40 linode01 postfix/smtp[5963]: 1FA6AC215: host mailgateway.anl.gov[2620:0:dc0:1805::28] refused to talk to me: 554-mailgateway.anl.gov 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
1 Dec 27 13:21:09 linode01 postfix/smtp[10750]: C7EACC213: host mailgateway.anl.gov[2620:0:dc0:1805::28] refused to talk to me: 554-mailgateway.anl.gov 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
1 Dec 27 13:21:10 linode01 postfix/smtp[10751]: C7EACC213: host emailgw01.pnnl.gov[2620:0:50f0:2309:192:101:109:61] refused to talk to me: 554 Emailgw01.pnnl.gov
1 Dec 27 13:21:28 linode01 postfix/smtp[10784]: 073B4C266: host emailgw01.pnnl.gov[2620:0:50f0:2309:192:101:109:61] refused to talk to me: 554 Emailgw01.pnnl.gov
1 Dec 27 13:21:18 linode01 postfix/smtp[10751]: 5FB1AC263: host emailgw01.pnnl.gov[2620:0:50f0:2309:192:101:109:61] refused to talk to me: 554 Emailgw01.pnnl.gov
1 Dec 27 16:54:20 linode01 postfix/smtp[13708]: AB57BC1E0: host emailgw02.pnnl.gov[2620:0:50f0:2309:192:101:109:63] refused to talk to me: 554 emailgw02.pnnl.gov
1 Dec 27 06:10:11 linode01 postfix/smtp[4669]: 86B2FC181: host mailgateway.anl.gov[2620:0:dc0:1805::28] refused to talk to me: 554-mailgateway.anl.gov 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
1 Dec 27 16:54:19 linode01 postfix/smtp[13723]: AB57BC1E0: host mailgateway.anl.gov[2620:0:dc0:1805::28] refused to talk to me: 554-mailgateway.anl.gov 554 Your access to this mail system has been rejected due to the sending MTA's poor reputation. If you believe that this failure is in error, please contact the intended recipient via alternate means.
---------------------- Postfix End -------------------------
--------------------- sendmail-largeboxes (large mail spool files) Begin ------------------------
Large Mailbox threshold: 40MB (41943040 bytes)
Warning: Large mailbox: jenkins (45687666)
---------------------- sendmail-largeboxes (large mail spool files) End -------------------------
--------------------- SSHD Begin ------------------------
Users logging in through sshd:
gerrit-backup:
107.22.212.69 (gerrit.ovirt.org): 2 times
jenkins:
66.187.237.11 (nat-pool-tlv-u1.redhat.com): 1 time
Received disconnect:
11: Bye Bye : 390 Time(s)
11: Goodbye : 2 Time(s)
11: disconnected by user : 2 Time(s)
SFTP subsystem requests: 1 Time(s)
**Unmatched Entries**
reverse mapping checking getaddrinfo for dsl-187-139-26-169-dyn.prod-infinitum.com.mx [187.139.26.169] failed - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/xvda 59G 52G 7.8G 87% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
More information about the Infra
mailing list