Logwatch for linode01.ovirt.org (Linux)
logwatch at lists.ovirt.org
logwatch at lists.ovirt.org
Sat Aug 15 07:22:21 UTC 2015
################### Logwatch 7.3.6 (05/19/07) ####################
Processing Initiated: Sat Aug 15 03:22:21 2015
Date Range Processed: yesterday
( 2015-Aug-14 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: linode01.ovirt.org
##################################################################
--------------------- Cron Begin ------------------------
MAIL sending errors 9 Time(s)
---------------------- Cron End -------------------------
--------------------- httpd Begin ------------------------
A total of 2 sites probed the server
119.147.146.192
5.254.112.68
A total of 1 possible successful probes were detected (the following URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):
/\xe8\x81\xbd HTTP Response 302
Requests with error response codes
404 Not Found
/: 536 Time(s)
//wp-admin/admin-ajax.php: 2 Time(s)
//wp-admin/admin-ajax.php?action=showbiz_s ... ./wp-config.php: 1 Time(s)
/____**: 1 Time(s)
/_h5ai/client/images/app-16x16.ico: 13 Time(s)
/admin.php: 1 Time(s)
/admin.php:: 1 Time(s)
/admin/assets/global/plugins/jquery-file-u ... r/php/index.php: 2 Time(s)
/admin/assets/jquery-file-upload/server/php/index.php: 2 Time(s)
/admin/assets/plugins/jquery-file-upload/s ... r/php/index.php: 2 Time(s)
/admin/bigdump.php: 1 Time(s)
/admin/dump/bigdump.php: 2 Time(s)
/admin/elfinder/elfinder.php.html: 2 Time(s)
/admin/global/plugins/jquery-file-upload/s ... r/php/index.php: 2 Time(s)
/admin/jquery-file-upload/server/php/index.php: 2 Time(s)
/admin/js/upload/server/php/index.php: 2 Time(s)
/admin/upload/server/php/index.php: 2 Time(s)
/administrator/: 1 Time(s)
/administrator/lib/elfinder/elfinder.php.html: 1 Time(s)
/apple-touch-icon-precomposed.png: 3 Time(s)
/apple-touch-icon.png: 3 Time(s)
/assets/admin/jquery-file-upload/server/php/index.php: 2 Time(s)
/assets/global/plugins/jquery-file-upload/ ... r/php/index.php: 2 Time(s)
/assets/jquery-file-upload/server/php/index.php: 2 Time(s)
/assets/js/vendor/jquery-file-upload/server/php/index.php: 2 Time(s)
/assets/plugins/jquery-file-upload/server/php/index.php: 1 Time(s)
/backup/bigdump.php: 2 Time(s)
/backup/bigdump/bigdump.php: 2 Time(s)
/bd/bigdump/bigdump.php: 2 Time(s)
/bigdump.php: 2 Time(s)
/bigdump/bigdump.php: 2 Time(s)
/blog/bigdump.php: 2 Time(s)
/blog/wp-admin/: 16 Time(s)
/blog/wp-login.php: 2 Time(s)
/browserconfig.xml: 2 Time(s)
/category/news/feed: 1 Time(s)
/category/news/feed/: 12 Time(s)
/data/bigdump.php: 2 Time(s)
/database/bigdump.php: 2 Time(s)
/database/bigdump/bigdump.php: 1 Time(s)
/db/bigdump.php: 2 Time(s)
/dbreports/dwh: 1 Time(s)
/drupal/sites/all/libraries/elfinder/elfinder.php.html: 2 Time(s)
/dump/bigdump.php: 2 Time(s)
/dump/bigdump/bigdump.php: 2 Time(s)
/elfinder.php.html: 2 Time(s)
/elfinder/elfinder.php.html: 2 Time(s)
/favicon.ico: 579 Time(s)
/files/bigdump.php: 1 Time(s)
/finder/elfinder.php.html: 2 Time(s)
/forum/bigdump.php: 2 Time(s)
/global/plugins/jquery-file-upload/server/php/index.php: 2 Time(s)
/html/lib/elfinder/elfinder.php.html: 2 Time(s)
/incdata/admin_inc_data.asp:: 1 Time(s)
/index.php?gf_page=upload: 2 Time(s)
/index.php?option=com_adsmanager&task=upload&tmpl=component: 2 Time(s)
/js/elfinder/elfinder.php.html: 2 Time(s)
/js/jquery-file-upload/server/php/index.php: 1 Time(s)
/js/lib/upload/server/php/index.php: 2 Time(s)
/js/upload/server/php/index.php: 2 Time(s)
/js/uploader/server/php/index.php: 2 Time(s)
/lib/elfinder/elfinder.php.html: 2 Time(s)
/lists.ovirt.org/pi: 1 Time(s)
/mailman/lis: 1 Time(s)
/market/bigdump.php: 2 Time(s)
/metronic/assets/global/plugins/jquery-fil ... r/php/index.php: 2 Time(s)
/metronic/global/plugins/jquery-file-uploa ... r/php/index.php: 2 Time(s)
/metronic/theme_rtl/assets/global/plugins/ ... r/php/index.php: 2 Time(s)
/mysql/bigdump.php: 2 Time(s)
/mysql/bigdump/bigdump.php: 2 Time(s)
/old/bigdump.php: 2 Time(s)
/old/wp-admin/: 16 Time(s)
/pipermail/Search.action: 1 Time(s)
/pipermail/devel/2012-january/000483.html: 1 Time(s)
/pipermail/download.action: 1 Time(s)
/pipermail/download.do: 1 Time(s)
/pipermail/engine-devel/2011-november/000071.html: 1 Time(s)
/pipermail/engine-patches/2013-November/subject.html: 5 Time(s)
/pipermail/engine-patches/2014-March/subject.html: 4 Time(s)
/pipermail/index.action: 3 Time(s)
/pipermail/infra/2012-August/tiki-register.php: 162 Time(s)
/pipermail/infra/2012-December/tiki-register.php: 295 Time(s)
/pipermail/infra/2012-October/001233.html/trackback/: 1 Time(s)
/pipermail/infra/2013-August/tiki-register.php: 1 Time(s)
/pipermail/infra/2013-December/004645.html ... oder.com/up.php: 1 Time(s)
/pipermail/infra/2013-December/tiki-register.php: 149 Time(s)
/pipermail/infra/2013-December/wp-content/ ... oder.com/up.php: 1 Time(s)
/pipermail/infra/2013-July/003447.html& ... zette/thumb.php: 2 Time(s)
/pipermail/infra/2013-July/wp-content/them ... zette/thumb.php: 2 Time(s)
/pipermail/infra/2013-June/003199.html& ... es/timthumb.php: 2 Time(s)
/pipermail/infra/2013-June/wp-content/them ... es/timthumb.php: 2 Time(s)
/pipermail/infra/2013-June/wp-content/them ... i.com%2Fbad.php: 2 Time(s)
/pipermail/infra/2013-June/xmlrpc.php: 2 Time(s)
/pipermail/infra/2013-March/tiki-register.php: 3 Time(s)
/pipermail/infra/2013-May/003102.html+memb ... isolate&ct=clnk: 1 Time(s)
/pipermail/infra/2013-May/003102.html+memb ... much+as&ct=clnk: 1 Time(s)
/pipermail/infra/2013-May/tiki-register.php: 5 Time(s)
/pipermail/infra/2014-December/xmlrpc.php: 2 Time(s)
/pipermail/infra/2015-February/wp-admin/ad ... ./wp-config.php: 1 Time(s)
/pipermail/infra/2015-January/009041.html& ... oL4kpSvYbI5Spw/: 1 Time(s)
/pipermail/infra/2015-January/009046.html& ... lGPIdBfuKjvLDQ/: 1 Time(s)
/pipermail/infra/2015-January/wp-content/t ... i.com%2Fbad.php: 3 Time(s)
/pipermail/infra/2015-January/xmlrpc.php: 3 Time(s)
/pipermail/infra/2015-June//wp-admin/admin ... ./wp-config.php: 1 Time(s)
/pipermail/infra/2015-March//wp-admin/admin-ajax.php: 2 Time(s)
/pipermail/kimchi-devel/2014-February/002229.html/trackback/: 1 Time(s)
/pipermail/login.action: 1 Time(s)
/pipermail/login.do: 1 Time(s)
/pipermail/users/2012-June/002466.html,: 1 Time(s)
/pipermail/users/2014-January/020652.html/trackback/: 1 Time(s)
/pipermail/users/2014-february/020790.html: 1 Time(s)
/pipermail/users/attachments/20150126/c386 ... 01.html>: 1 Time(s)
/plain/pub/ovirt-3.4-snapshot-static/rpm/f ... 96-other.xml.gz: 1 Time(s)
/plain/pub/ovirt-3.5-snapshot-static/rpm/e ... 3f-other.xml.gz: 1 Time(s)
/plain/pub/ovirt-3.5-snapshot-static/rpm/f ... 52-other.xml.gz: 1 Time(s)
/plain/pub/ovirt-master-snapshot-static/rp ... -primary.xml.gz: 1 Time(s)
/plain/pub/ovirt-master-snapshot/rpm/centos/SRPMS/: 1 Time(s)
/plain/pub/ovirt-master-snapshot/rpm/fc22/ ... 4a-other.xml.gz: 1 Time(s)
/plugin/jquery-file-upload/server/php/index.php: 2 Time(s)
/plugins/jquery-file-upload/server/php/index.php: 2 Time(s)
/pub/ovirt-3.4-snapshot-: 1 Time(s)
/pub/ovirt-3.4-snapshot-static/rpm/fc19/re ... 96-other.xml.gz: 1 Time(s)
/pub/ovirt-3.4-snapshot/src/ovirt-engine-a ... 0140518.tar.gz/: 1 Time(s)
/pub/ovirt-3.4/rpm/el6//.treeinfo: 6 Time(s)
/pub/ovirt-3.4/rpm/el6//treeinfo: 6 Time(s)
/pub/ovirt-3.5-pre/iso/ovirt-node-iso-3.5. ... 0140630.el6.iso: 2 Time(s)
/pub/ovirt-3.5-pre/rpm/el7/ppc64/: 2 Time(s)
/pub/ovirt-3.5-pre/src/kexec-tools/: 1 Time(s)
/pub/ovirt-3.5-pre/src/qemu-kvm-ev/kvm-uhc ... atch/trackback/: 4 Time(s)
/pub/ovirt-3.5-snapshot-static/rpm/el6/rep ... -primary.xml.gz: 1 Time(s)
/pub/ovirt-3.5-snapshot-static/rpm/el6/rep ... 3f-other.xml.gz: 1 Time(s)
/pub/ovirt-3.5-snapshot-static/rpm/fc19/re ... 52-other.xml.gz: 1 Time(s)
/pub/ovirt-3.5-snapshot/rpm/el$releasever/: 1 Time(s)
/pub/ovirt-3.5-snapshot/rpm/el6/repodata/repomd.xml: 2 Time(s)
/pub/ovirt-3.5-snapshot/rpm/el7/repodata/6 ... ther.sqlite.bz2: 4 Time(s)
/pub/ovirt-3.5-snapshot/rpm/el7/repodata/repomd.xml: 2 Time(s)
/pub/ovirt-3.5-snapshot/rpm/fc21/repodata/repomd.xml: 2 Time(s)
/pub/ovirt-3.5-snapshot/src/ovirt-engine-a ... 0140924.tar.gz/: 1 Time(s)
/pub/ovirt-3.5-snapshot/src/ovirt-engine-a ... 0141222.tar.gz/: 1 Time(s)
/pub/ovirt-3.5-snapshot/src/ovirt-engine-a ... 0150717.tar.gz/: 1 Time(s)
/pub/ovirt-3.5/rpm/el6.6/noarch.rpm: 1 Time(s)
/pub/ovirt-3.5/rpm/el6/.treeinfo: 7 Time(s)
/pub/ovirt-3.5/rpm/el6/treeinfo: 7 Time(s)
/pub/ovirt-3.5/rpm/el7/.treeinfo: 4 Time(s)
/pub/ovirt-3.5/rpm/el7/repodata/76575f5d66 ... mary.sqlite.bz2: 1 Time(s)
/pub/ovirt-3.5/rpm/el7/treeinfo: 4 Time(s)
/pub/ovirt-3.5/rpm/el7Server/.treeinfo: 2 Time(s)
/pub/ovirt-3.5/rpm/el7Server/treeinfo: 2 Time(s)
/pub/ovirt-3.6-pre/iso/ovirt-node/>: 2 Time(s)
/pub/ovirt-3.6-pre/rpm/el7/.treeinfo: 2 Time(s)
/pub/ovirt-3.6-pre/rpm/el7/treeinfo: 2 Time(s)
/pub/ovirt-3.6-pre/rpm/fc: 1 Time(s)
/pub/ovirt-3.6-pre/rpm/fc$releasever/: 1 Time(s)
/pub/ovirt-3.6-pre/rpm/fc20/repodata/repomd.xml: 3 Time(s)
/pub/ovirt-3.6-snapshot-static/rpm/el6Work ... ilelists.xml.gz: 1 Time(s)
/pub/ovirt-3.6-snapshot/rpm/el6Workstation ... data/repomd.xml: 1 Time(s)
/pub/ovirt-master-snapshot-static/iso/ovir ... tools-3.5_5.iso: 26 Time(s)
/pub/ovirt-master-snapshot-static/rpm/%40d ... data/repomd.xml: 1 Time(s)
/pub/ovirt-master-snapshot-static/rpm/fc19 ... data/repomd.xml: 1 Time(s)
/pub/ovirt-master-snapshot-static/rpm/fc20: 1 Time(s)
/pub/ovirt-master-snapshot-static/rpm/fc20 ... data/repomd.xml: 35 Time(s)
/pub/ovirt-master-snapshot-static/rpm/fc20 ... mary.sqlite.bz2: 2 Time(s)
/pub/ovirt-master-snapshot-static/rpm/fc20 ... ther.sqlite.bz2: 1 Time(s)
/pub/ovirt-master-snapshot-static/rpm/fc20/noarch/: 1 Time(s)
/pub/ovirt-master-snapshot-static/rpm/fc22 ... -primary.xml.gz: 1 Time(s)
/pub/ovirt-master-snapshot-static/rpm/fc7/ ... data/repomd.xml: 1 Time(s)
/pub/ovirt-master-snapshot-static/rpm/fc at 2 ... data/repomd.xml: 3 Time(s)
/pub/ovirt-master-snapshot/rpm/%40distro%4 ... data/repomd.xml: 2 Time(s)
/pub/ovirt-master-snapshot/rpm/centos/SRPMS/: 1 Time(s)
/pub/ovirt-master-snapshot/rpm/el6/repodat ... ists.sqlite.bz2: 2 Time(s)
/pub/ovirt-master-snapshot/rpm/el7/noarch/ ... ntos.noarch.rpm: 13 Time(s)
/pub/ovirt-master-snapshot/rpm/el7/repodat ... ther.sqlite.bz2: 1 Time(s)
/pub/ovirt-master-snapshot/rpm/fc19/repodata/repomd.xml: 23 Time(s)
/pub/ovirt-master-snapshot/rpm/fc22/repoda ... 4a-other.xml.gz: 1 Time(s)
/pub/ovirt-master-snapshot/rpm/fc7/repodata/repomd.xml: 1 Time(s)
/pub/ovirt-master-snapshot/src/ovirt-engin ... 0150528.tar.gz/: 1 Time(s)
/pub/ovirt-master-snapshot/src/ovirt-engin ... 0150725.tar.gz/: 1 Time(s)
/pub/ovirt-master-snapshot/src/ovirt-engin ... tar.gz/?C=D;O=A: 1 Time(s)
/pub/ovirt-master-snapshot/src/ovirt-engin ... tar.gz/?C=D;O=D: 2 Time(s)
/pub/ovirt-master-snapshot/src/ovirt-engin ... tar.gz/?C=M;O=A: 3 Time(s)
/pub/ovirt-master-snapshot/src/ovirt-engin ... tar.gz/?C=M;O=D: 1 Time(s)
/pub/ovirt-master-snapshot/src/ovirt-engin ... tar.gz/?C=N;O=A: 6 Time(s)
/pub/ovirt-master-snapshot/src/ovirt-engin ... tar.gz/?C=N;O=D: 2 Time(s)
/pub/ovirt-master-snapshot/src/ovirt-engin ... tar.gz/?C=S;O=A: 2 Time(s)
/pub/ovirt-master-snapshot/src/ovirt-engin ... tar.gz/?C=S;O=D: 1 Time(s)
/pub/ovirt-snapshot-static/rpm/el6/repodata/repomd.xml: 2 Time(s)
/pub/ovirt-snapshot/rpm/el6/noarch/otopi-1 ... .el6.noarch.rpm: 1 Time(s)
/pub/ovirt-snapshot/rpm/el6/noarch/otopi-j ... .el6.noarch.rpm: 1 Time(s)
/pub/ovirt-snapshot/rpm/el6/noarch/ovirt-e ... .el6.noarch.rpm: 14 Time(s)
/pub/ovirt-snapshot/rpm/el6/noarch/ovirt-h ... .el6.noarch.rpm: 2 Time(s)
/pub/ovirt-snapshot/rpm/el6/repodata/repomd.xml: 2 Time(s)
/pub/yum-repo/oivrt-release35.rpm: 2 Time(s)
/pub/yum-repo/ovirt-releaseXY.rpm: 1 Time(s)
/public/scripts/elfinder/elfinder.php.html: 2 Time(s)
/qq416080927/html.php: 1 Time(s)
/repos/ci-tools/fc21/repodata/b2f755afdc04 ... 8f-other.xml.gz: 2 Time(s)
/repos/clean_pub/ovirt-3.4-rc/rpm/fc20/repodata/: 1 Time(s)
/repos/clean_pub/ovirt-3.4-rc/src/: 1 Time(s)
/repos/clean_pub/ovirt-3.4/rpm/el6/i386/: 1 Time(s)
/repos/ovirt-3.4.old/src/jasperreports-server/: 1 Time(s)
/repos/ovirt-3.5-backup-2015-02-23/rpm/el7/ppc64/: 1 Time(s)
/repos/ovirt-3.5-backup-2015-03-19/rpm/: 1 Time(s)
/repos/ovirt-3.5-backup-2015-04-28/: 1 Time(s)
/repos/ovirt-3.5-bak-2015-06-15/rpm/el7Workstation/ppc64/: 1 Time(s)
/repos/ovirt-3.5-bak-2015-06-15/rpm/fc20/: 1 Time(s)
/repos/ovirt-3.5-pre-3.5.0backup-2015-01-16/iso/: 1 Time(s)
/repos/ovirt-3.5-pre.old/rpm/el7/repodata/ ... 7d-other.xml.gz: 1 Time(s)
/repos/ovirt-3.6-pre-bak-2015-06-09/iso/: 2 Time(s)
/repos/ovirt-3.6-pre-bak-2015-06-09/iso/ovirt-guest-tools/: 2 Time(s)
/repos/ovirt-3.6-pre-bak-2015-06-09/rpm/: 1 Time(s)
/robots.txt: 106 Time(s)
/root/passwords: 1 Time(s)
/scripts/elfinder/elfinder.php.html: 2 Time(s)
/scripts/upload/server/php/index.php: 2 Time(s)
/scripts/uploader/server/php/index.php: 2 Time(s)
/shop/bigdump.php: 2 Time(s)
/sitemap.xml: 1 Time(s)
/sites/all/libraries/elfinder/elfinder.php.html: 2 Time(s)
/sites/all/modules/elfinder/elfinder.php.html: 2 Time(s)
/store/bigdump.php: 2 Time(s)
/test/assets/plugins/jquery-file-upload/server/php/index.php: 2 Time(s)
/test/wp-admin/: 15 Time(s)
/wordpress/wp-admin/: 16 Time(s)
/wp-admin/: 16 Time(s)
/wp-admin/admin-ajax.php?action=revslider_ ... ./wp-config.php: 1 Time(s)
/wp-admin/admin-ajax.php?action=revslider_ajax_action: 2 Time(s)
/wp-content/plugins/formcraft/file-upload/ ... r/php/index.php: 2 Time(s)
/wp-content/plugins/wysija-newsletters/readme.txt: 3 Time(s)
/wp-content/themes/Avenue/timthumb.php?web ... i.com%2Fbad.php: 4 Time(s)
/wp-content/themes/Nyke/timthumb.php?src=h ... oder.com/up.php: 1 Time(s)
/wp-content/themes/gazette/thumb.php: 2 Time(s)
/wp-content/themes/headlines/timthumb.php: 2 Time(s)
/wp-login.php: 4 Time(s)
/wp/wp-admin/: 16 Time(s)
/xmlrpc.php: 15 Time(s)
405 Method Not Allowed
/webscan38502863.txt: 2 Time(s)
416 Request Range Not Satisfiable
/pub/ovirt-3.5/rpm/el7/: 1 Time(s)
500 Internal Server Error
/pub/: 5 Time(s)
/pub/ovirt-3.5-pre/: 4 Time(s)
/pub/ovirt-3.5-pre/iso/ovirt-live/el6-3.5.4_rc1/: 7 Time(s)
/pub/ovirt-3.5/: 9 Time(s)
/pub/ovirt-3.5/exe/: 5 Time(s)
/pub/ovirt-3.5/exe/ovirt-guest-tools/: 1 Time(s)
/pub/ovirt-3.5/iso/: 224 Time(s)
/pub/ovirt-3.5/iso/ovirt-guest-tools/: 2 Time(s)
/pub/ovirt-3.5/iso/ovirt-live/: 1 Time(s)
/pub/ovirt-3.5/src/: 1 Time(s)
/pub/ovirt-3.6-pre/iso/ovirt-live/el7-beta1.1/: 1 Time(s)
/pub/ovirt-3.6-pre/iso/ovirt-live/el7-beta2/: 1 Time(s)
/pub/ovirt-node-base-stable/: 2 Time(s)
501 Not Implemented
null: 9 Time(s)
503 Service Unavailable
/favicon.ico: 2 Time(s)
/pub/: 7 Time(s)
/pub/keys/: 3 Time(s)
/pub/ovirt-3.5/: 9 Time(s)
/pub/ovirt-3.5/iso/: 13 Time(s)
/pub/ovirt-3.5/iso/ovirt-live/el6-3.5.3/ov ... e-el6-3.5.3.iso: 34 Time(s)
/pub/ovirt-3.5/rpm/: 53 Time(s)
/pub/ovirt-3.5/rpm/el6.6/: 6 Time(s)
/pub/ovirt-3.5/rpm/el6/: 7 Time(s)
/pub/ovirt-3.5/rpm/el7/: 7 Time(s)
/pub/ovirt-3.5/rpm/el7Server/: 3 Time(s)
/pub/ovirt-3.5/src/ovirt-engine-jboss-as/j ... 7.1.1.Final.zip: 258 Time(s)
/pub/ovirt-node-base-stable/: 3 Time(s)
---------------------- httpd End -------------------------
--------------------- Kernel Begin ------------------------
WARNING: Kernel Errors Present
[<c011f140>] ? mm_fault_error+0xe0/0xe0 ...: 4 Time(s)
[<c06903c6>] ? error_code+0x5a/0x60 ...: 3 Time(s)
---------------------- Kernel End -------------------------
--------------------- pam_unix Begin ------------------------
su-l:
Sessions Opened:
sbonazzo -> root: 11 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
17 *Fatal: General fatal
10 *Warning: Error writing queue file
5 *Warning: Startup error
602 *Warning: Pre-queue content-filter connection overload
13 Process exited
99 Miscellaneous warnings
16.314M Bytes accepted 17,106,615
89.730M Bytes delivered 94,088,546
======== ================================================
1007 Accepted 95.18%
51 Rejected 4.82%
-------- ------------------------------------------------
1058 Total 100.00%
======== ================================================
1 Reject relay denied 1.96%
20 Reject HELO/EHLO 39.22%
30 Reject unknown user 58.82%
-------- ------------------------------------------------
51 Total Rejects 100.00%
======== ================================================
1974 4xx Reject recipient address 96.62%
69 4xx Reject sender address 3.38%
-------- ------------------------------------------------
2043 Total 4xx Rejects 100.00%
======== ================================================
2740 Connections made
67 Connections lost
2736 Disconnections
959 Removed from queue
653 Delivered
8939 Sent via SMTP
37 Forwarded
57 Deferred
977 Deferrals
10 Bounce (remote)
4 Expired and returned to sender
13 DSNs undeliverable
103 Connection failure (outbound)
6 Timeout (inbound)
1 Illegal address syntax in SMTP command
601 Hostname verification errors
43 Enabled PIX workaround
**Unmatched Entries**
4 Aug 14 00:00:03 linode01 postfix/smtpd[15248]: NOQUEUE: reject: MAIL from unknown[192.189.25.238]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<mail.burstono.com>
4 Aug 14 00:20:23 linode01 postfix/smtpd[16067]: NOQUEUE: reject: MAIL from unknown[192.189.25.238]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<mail.burstono.com>
3 Aug 14 00:19:48 linode01 postfix/smtpd[16067]: NOQUEUE: reject: MAIL from localhost[::1]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<lists.ovirt.org>
3 Aug 14 00:04:48 linode01 postfix/smtpd[15574]: NOQUEUE: reject: MAIL from localhost[::1]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<lists.ovirt.org>
2 Aug 14 01:50:11 linode01 postfix/smtpd[20375]: NOQUEUE: reject: MAIL from unknown[162.213.152.24]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<mail.potentil.xyz>
2 Aug 14 00:14:42 linode01 postfix/smtpd[16065]: NOQUEUE: reject: MAIL from hvf843.kyrte.date[198.52.223.222]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<hvf843.kyrte.date>
2 Aug 14 01:51:49 linode01 postfix/smtpd[20375]: NOQUEUE: reject: MAIL from hunan.288827.com[108.170.60.189]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<hunan.288827.com>
2 Aug 14 00:10:40 linode01 postfix/smtpd[15829]: NOQUEUE: reject: MAIL from hotreverseerectiledysfunction.work[66.248.200.181]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<hotreverseerectiledysfunction.work>
1 Aug 14 00:24:28 linode01 postfix/smtpd[16571]: NOQUEUE: reject: MAIL from unknown[199.96.81.67]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<raysliberty.com>
1 Aug 14 00:08:03 linode01 postfix/smtpd[15829]: NOQUEUE: reject: MAIL from unknown[209.148.92.59]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<wadipt.xyz>
1 Aug 14 01:18:46 linode01 postfix/smtpd[19040]: NOQUEUE: reject: MAIL from hotfatcrushersystem.work[66.248.200.184]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<hotfatcrushersystem.work>
1 Aug 14 00:16:38 linode01 postfix/smtpd[16067]: NOQUEUE: reject: MAIL from unknown[23.239.133.184]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<roundboot.org>
1 Aug 14 04:21:25 linode01 postfix/smtp[19967]: 6A338C392: Cannot start TLS: handshake failure
1 Aug 14 01:52:56 linode01 postfix/smtpd[20375]: NOQUEUE: reject: MAIL from unknown[122.190.88.48]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<vnqee.net>
1 Aug 14 00:14:42 linode01 postfix/smtpd[16067]: NOQUEUE: reject: MAIL from hvf843.kyrte.date[198.52.223.222]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<hvf843.kyrte.date>
1 Aug 14 00:15:46 linode01 postfix/smtpd[16065]: NOQUEUE: reject: MAIL from vdj6kq1w4.kletan.date[31.220.115.142]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<vdj6kq1w4.kletan.date>
1 Aug 14 00:10:19 linode01 postfix/smtpd[15829]: NOQUEUE: reject: MAIL from unknown[1.196.205.19]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<zsm.org>
1 Aug 14 01:52:56 linode01 postfix/smtpd[20375]: lost connection Aug 14 02:13:28 linode01 postfix/qmgr[10658]: 56FD11B00FA: from=<users-bounces at ovirt.org>, size=24939, nrcpt=163 (queue active)
1 Aug 14 01:19:29 linode01 postfix/smtpd[19040]: NOQUEUE: reject: MAIL from unknown[50.7.60.158]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<lqbmws.mrprivatejets.eu>
1 Aug 14 00:02:30 linode01 postfix/smtpd[15574]: NOQUEUE: reject: MAIL from unknown[104.237.193.250]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<orangemator.com>
1 Aug 14 01:24:11 linode01 postfix/smtpd[19459]: NOQUEUE: reject: MAIL from z6f267m.kaltin.review[66.248.196.227]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<z6f267m.kaltin.review>
1 Aug 14 04:21:25 linode01 postfix/smtp[19967]: SSL_connect error to 126mx01.mxmail.netease.com[220.181.15.132]:25: -1
1 Aug 14 01:08:50 linode01 postfix/smtpd[18583]: NOQUEUE: reject: MAIL from unknown[27.20.194.43]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<wjcfmoiam.com>
1 Aug 14 00:18:17 linode01 postfix/smtpd[16067]: NOQUEUE: reject: MAIL from unknown[199.96.81.67]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<raysliberty.com>
1 Aug 14 00:15:47 linode01 postfix/smtpd[16065]: NOQUEUE: reject: MAIL from vdj6kq1w4.kletan.date[31.220.115.142]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<vdj6kq1w4.kletan.date>
1 Aug 14 00:10:30 linode01 postfix/smtpd[15829]: NOQUEUE: reject: MAIL from mx1-phx2.redhat.com[209.132.183.26]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<mx1-phx2.redhat.com>
1 Aug 14 00:20:26 linode01 postfix/smtpd[16067]: NOQUEUE: reject: MAIL from unknown[192.189.25.238]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<mail.burstono.com>
1 Aug 14 00:09:15 linode01 postfix/smtpd[15829]: NOQUEUE: reject: MAIL from unknown[23.239.133.190]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<rodriguezandjones.com>
1 Aug 14 00:03:46 linode01 postfix/smtpd[15574]: NOQUEUE: reject: MAIL from unknown[50.7.60.157]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<6xx1vbowu.mrprivatejets.eu>
1 Aug 14 00:00:10 linode01 postfix/smtpd[15248]: NOQUEUE: reject: MAIL from unknown[192.189.25.238]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<mail.burstono.com>
1 Aug 14 00:10:06 linode01 postfix/smtpd[15829]: NOQUEUE: reject: MAIL from unknown[104.237.193.250]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<orangemator.com>
1 Aug 14 01:24:11 linode01 postfix/smtpd[19461]: NOQUEUE: reject: MAIL from z6f267m.kaltin.review[66.248.196.227]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<z6f267m.kaltin.review>
1 Aug 14 00:12:59 linode01 postfix/smtpd[16043]: NOQUEUE: reject: MAIL from unknown[199.96.83.67]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<mylokop.info>
1 Aug 14 00:10:59 linode01 postfix/smtpd[15829]: NOQUEUE: reject: MAIL from unknown[209.148.92.59]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<wadipt.xyz>
1 Aug 14 00:21:26 linode01 postfix/smtpd[16244]: NOQUEUE: reject: MAIL from unknown[50.7.60.157]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<6xx1vbowu.mrprivatejets.eu>
1 Aug 14 00:19:19 linode01 postfix/smtpd[16067]: NOQUEUE: reject: MAIL from alterway01.ovirt.org[89.31.150.215]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<jenkins.ovirt.org>
1 Aug 14 01:08:51 linode01 postfix/smtpd[18583]: NOQUEUE: reject: MAIL from unknown[27.20.194.43]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<wxg.net>
1 Aug 14 00:00:06 linode01 postfix/smtpd[15248]: NOQUEUE: reject: MAIL from unknown[192.189.25.238]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<mail.burstono.com>
1 Aug 14 04:10:55 linode01 postfix/smtp[12987]: SSL_connect error to 126mx02.mxmail.netease.com[220.181.14.134]:25: -1
1 Aug 14 00:10:24 linode01 postfix/smtpd[15829]: NOQUEUE: reject: MAIL from unknown[1.196.205.19]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<rjaad.org>
1 Aug 14 00:18:44 linode01 postfix/smtpd[16067]: NOQUEUE: reject: MAIL from smtp2189.rspmail-apn2.com[43.243.165.189]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<smtp2189.rspmail-apn2.com>
1 Aug 14 00:14:58 linode01 postfix/smtpd[16067]: NOQUEUE: reject: MAIL from ns4.unud.ac.id[180.250.210.23]: 452 4.3.1 Insufficient system storage; proto=SMTP helo=<ns4.unud.ac.id>
1 Aug 14 00:20:30 linode01 postfix/smtpd[16067]: NOQUEUE: reject: MAIL from unknown[192.189.25.238]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<mail.burstono.com>
1 Aug 14 01:50:10 linode01 postfix/smtpd[20375]: NOQUEUE: reject: MAIL from unknown[162.213.152.24]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<mail.potentil.xyz>
1 Aug 14 01:52:52 linode01 postfix/smtpd[20375]: NOQUEUE: reject: MAIL from unknown[122.190.88.48]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<wdxcv.com>
1 Aug 14 04:10:55 linode01 postfix/smtp[12987]: AF8F6C30D: Cannot start TLS: handshake failure
1 Aug 14 00:10:23 linode01 postfix/smtpd[15829]: NOQUEUE: reject: MAIL from unknown[1.196.205.19]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<xrpxz.com>
1 Aug 14 01:18:47 linode01 postfix/smtpd[19040]: NOQUEUE: reject: MAIL from hotfatcrushersystem.work[66.248.200.184]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<hotfatcrushersystem.work>
1 Aug 14 00:22:29 linode01 postfix/smtpd[16244]: NOQUEUE: reject: MAIL from unknown[209.148.92.59]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<wadipt.xyz>
1 Aug 14 00:15:46 linode01 postfix/smtpd[16067]: NOQUEUE: reject: MAIL from vdj6kq1w4.kletan.date[31.220.115.142]: 452 4.3.1 Insufficient system storage; proto=ESMTP helo=<vdj6kq1w4.kletan.date>
---------------------- Postfix End -------------------------
--------------------- SSHD Begin ------------------------
Users logging in through sshd:
amarchuk:
213.175.37.10 (nat-pool-brq-t.redhat.com): 3 times
dcaro:
83.46.170.198 (198.Red-83-46-170.dynamicIP.rima-tde.net): 1 time
jenkins:
89.31.150.215 (alterway01.ovirt.org): 5 times
mirror:
192.87.102.41: 13 times
193.84.206.135 (mirror.slu.cz): 6 times
129.21.171.98 (kirby.main.ad.rit.edu): 3 times
128.61.111.12 (zaphod.gtlib.gatech.edu): 1 time
130.89.149.129 (vlaai.snt.utwente.nl): 1 time
152.3.102.53 (archive.linux.duke.edu): 1 time
rsync:
209.132.186.36 (nat-pool-tlv-t.redhat.com): 1 time
sbonazzo:
79.30.253.10 (host10-253-dynamic.30-79-r.retail.telecomitalia.it): 16 times
Received disconnect:
11: : 45 Time(s)
11: Bye Bye : 282 Time(s)
11: disconnected by user : 42 Time(s)
SFTP subsystem requests: 6 Time(s)
**Unmatched Entries**
Address 191.102.74.13 maps to azteca-comunicaciones.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s)
reverse mapping checking getaddrinfo for 82-222.static.madnet.rs [178.22.222.82] failed - POSSIBLE BREAK-IN ATTEMPT! : 2 time(s)
reverse mapping checking getaddrinfo for 136.83.247.60.static.bjtelecom.net [60.247.83.136] failed - POSSIBLE BREAK-IN ATTEMPT! : 16 time(s)
reverse mapping checking getaddrinfo for 217.30.65.218.broad.xy.jx.dynamic.163data.com.cn [218.65.30.217] failed - POSSIBLE BREAK-IN ATTEMPT! : 3 time(s)
Protocol major versions differ for 212.83.149.212: SSH-2.0-OpenSSH_5.3 vs. SSH-1.5-NmapNSE_1.0 : 1 time(s)
reverse mapping checking getaddrinfo for 23.30.65.218.broad.xy.jx.dynamic.163data.com.cn [218.65.30.23] failed - POSSIBLE BREAK-IN ATTEMPT! : 2 time(s)
reverse mapping checking getaddrinfo for 181.248.37.191.neorede.com.br [191.37.248.181] failed - POSSIBLE BREAK-IN ATTEMPT! : 2 time(s)
reverse mapping checking getaddrinfo for 61.30.65.218.broad.xy.jx.dynamic.163data.com.cn [218.65.30.61] failed - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s)
---------------------- SSHD End -------------------------
--------------------- Sudo (secure-log) Begin ------------------------
==============================================================================
amarchuk => root
----------------
/bin/cp - 1 Times.
/bin/mv - 2 Times.
/bin/rm - 1 Times.
/usr/bin/vim - 2 Times.
/usr/sbin/apachectl - 2 Times.
==============================================================================
dcaro => root
-------------
/bin/bash - 1 Times.
==============================================================================
nrpe => root
------------
/sbin/service - 272 Times.
==============================================================================
sbonazzo => root
----------------
/bin/find - 1 Times.
/bin/su - 11 Times.
---------------------- Sudo (secure-log) End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/xvda 97G 76G 22G 79% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
More information about the Infra
mailing list