2:39 a.m.
################### Logwatch 7.3.6 (05/19/07) ####################
Processing Initiated: Tue Oct 16 03:39:42 2012
Date Range Processed: yesterday
( 2012-Oct-15 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: linode01.ovirt.org
##################################################################
--------------------- httpd Begin ------------------------
A total of 3 sites probed the server
89.216.30.165
91.121.115.109
94.89.221.100
A total of 4 possible successful probes were detected (the following URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):
/?option=com_mailto&controller=../../../../../../../../../../../../../../../proc/self/environ%00
HTTP Response 200
//index.php?option=com_mailto&controller=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000
HTTP Response 301
//index.php?option=com_mailto&controller=../../../../../../../../../../../../../../../proc/self/environ%00
HTTP Response 301
/?option=com_mailto&controller=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000
HTTP Response 200
Requests with error response codes
400 Bad Request
/wp-login.php?action=register: 2 Time(s)
404 Not Found
/%2A%2Amailman/listinfo/users: 1 Time(s)
/Talk:Licensing: 1 Time(s)
/User_talk:Quaid/SCALE_10x_presentation: 1 Time(s)
/W/IMAGES/A/A9/OVIRT-3.0-INSTALLATION_GUIDE-EN-US.PDF: 1 Time(s)
/_vti_bin/shtml.exe/_vti_rpc: 4 Time(s)
/_vti_inf.html: 4 Time(s)
/about.html: 1 Time(s)
/admin/categories.php/login.php?cPath=&act ... product_preview: 16 Time(s)
/apple-touch-icon-precomposed.png: 10 Time(s)
/apple-touch-icon.png: 8 Time(s)
/appserv/main.php?appserv_root=http://hady ... mages/id1.txt??: 1 Time(s)
/category/news/favicon.ico: 1 Time(s)
/community: 1 Time(s)
/community-activity: 1 Time(s)
/coraline/: 2 Time(s)
/coraline/style.css: 1 Time(s)
/crossdomain.xml: 1 Time(s)
/docs/Using_the_oVirt_Server_Suite_User_In ... VMResources.png: 2 Time(s)
/docs/Using_the_oVirt_Server_Suite_User_In ... ges/vmp-tab.png: 1 Time(s)
/favicon.gif: 1 Time(s)
/favicon.ico: 1211 Time(s)
/features: 1 Time(s)
/features/Gluster: 1 Time(s)
/guides/introduction/introduction-to-the-pom.html: 1 Time(s)
/index.html: 9 Time(s)
/labels.rdf: 1 Time(s)
/licensing: 1 Time(s)
/notified-NotifyUser2?aHR0cDovL3d3dy5vdmly ... WJwcm9qZWN0cy8=: 1 Time(s)
/notify-Notifiy-category-none?aHR0cDovL3dp ... GVhc2Vfbm90ZXM=: 1 Time(s)
/page/Dashboard_UX: 2 Time(s)
/page/FAQ: 1 Time(s)
/page/Image:Details-sample.png: 1 Time(s)
/page/MediaWiki:Ipb_expiry_invalid/: 4 Time(s)
/page/Special:Recentchangeslinked/Image:Ov ... gical-webui.png: 1 Time(s)
/pipermail//appserv/main.php?appserv_root= ... mages/id1.txt??: 1 Time(s)
/pipermail/commits: 1 Time(s)
/pipermail/gerrit: 1 Time(s)
/pipermail/infra//appserv/main.php?appserv ... mages/id1.txt??: 1 Time(s)
/pipermail/infra/2012-February//appserv/ma ... mages/id1.txt??: 1 Time(s)
/pipermail/infra/2012-February/000224.html ... mages/id1.txt??: 1 Time(s)
/pipermail/infra/2012-March//admin/categor ... product_preview: 16 Time(s)
/pipermail/infra/2012-March/000226.html//a ... product_preview: 16 Time(s)
/pipermail/mom-devel: 1 Time(s)
/pipermail/nomad-devel: 1 Time(s)
/pipermail/patches: 1 Time(s)
/pipermail/security: 1 Time(s)
/pipermail/security-private: 1 Time(s)
/pipermail/users//index.php?option=com_mai ... lf/environ%0000: 1 Time(s)
/pipermail/users/2012-April//index.php?opt ... lf/environ%0000: 1 Time(s)
/pipermail/users/2012-April//index.php?opt ... self/environ%00: 1 Time(s)
/pipermail/users/2012-April/001484.html//i ... self/environ%00: 1 Time(s)
/pipermail/users/2012-April/001566.html//i ... self/environ%00: 1 Time(s)
/pipermail/users/2012-April/001782.html//i ... self/environ%00: 1 Time(s)
/pipermail/users/2012-August/url(data:imag ... SUVORK5CYII%3d): 1 Time(s)
/pipermail/users/2012-March//index.php?opt ... self/environ%00: 1 Time(s)
/pipermail/users/2012-March/001221.html//i ... self/environ%00: 1 Time(s)
/pipermail/users/2012-february/000450.html: 1 Time(s)
/pipermail/users/2012-february/000601.html: 1 Time(s)
/pipermail/users/2012-march/001038.html: 1 Time(s)
/quick-tour.html: 2 Time(s)
/rawhide-install-instructions.html: 1 Time(s)
/register: 1 Time(s)
/release/ovit-release-fedora.noarch.rpm: 1 Time(s)
/releases/beta/fedora/16/: 1 Time(s)
/releases/beta/fedora/17/: 3 Time(s)
/releases/beta/fedora/17/repodata/filelists.xml.gz: 24 Time(s)
/releases/beta/fedora/17/repodata/other.xml.gz: 1 Time(s)
/releases/beta/fedora/17/repodata/repomd.xml: 48 Time(s)
/releases/nightly/binary/: 2 Time(s)
/releases/nightly/fedora/: 1 Time(s)
/releases/nightly/fedora/16/: 1 Time(s)
/releases/nightly/fedora/16/ovirt-engine-c ... fc16.noarch.rpm: 1 Time(s)
/releases/nightly/fedora/16/ovirt-engine.repo: 2 Time(s)
/releases/nightly/fedora/16/repodata/repomd.xml: 366 Time(s)
/releases/ovirt-release-centos.noarch.rpm: 3 Time(s)
/releases/ovirt-release-el6.noarch.rpm: 1 Time(s)
/releases/ovit-release-fedora.noarch.rpm: 1 Time(s)
/releases/stable/binary/: 6 Time(s)
/releases/stable/binary/ovirt-node-image-2.2.2-2.2.fc16.iso: 2 Time(s)
/releases/stable/fedora/: 1 Time(s)
/releases/stable/fedora/16//repodata/repomd.xml: 1 Time(s)
/releases/stable/fedora/16/dists/natty/InRelease: 1 Time(s)
/releases/stable/fedora/16/dists/natty/Release: 1 Time(s)
/releases/stable/fedora/16/dists/natty/Release.gpg: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... /Translation-en: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... /Translation-ru: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... 386/Packages.gz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... 386/Packages.xz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... 86/Packages.bz2: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... anslation-en.gz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... anslation-en.xz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... anslation-ru.gz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... anslation-ru.xz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... anslation-ru_RU: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... ation-ru_RU.bz2: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... lation-ru_RU.gz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... lation-ru_RU.xz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... nslation-en.bz2: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... nslation-ru.bz2: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... y-i386/Packages: 1 Time(s)
/releases/stable/fedora/16/dists/natty/main/i18n/Index: 1 Time(s)
/releases/stable/fedora/16/ovirt-engine-jb ... fc16.x86_64.rpm: 1 Time(s)
/releases/stable/fedora/16/repodata/primary.xml.gz: 24 Time(s)
/releases/stable/fedora/16/repodata/repomd.xml: 645 Time(s)
/releases/stable/fedora/17/repodata/repomd.xml: 3 Time(s)
/releases/stable/ovirt-engine.repo: 4 Time(s)
/releases/stable/ovirt-engine.repo%20-O%20 ... virtengine.repo: 1 Time(s)
/releases/stable/rpm/EL/6/repodata/repomd.xml: 5 Time(s)
/releases/stable/rpm/EL/6Server/repodata/repomd.xml: 1 Time(s)
/releases/stable/rpm/EL6/17/repodata/repomd.xml: 1 Time(s)
/releases/stable/rpm/EL6/6.3/repodata/repomd.xml: 2 Time(s)
/releases/stable/rpm/EL6/6/repodata/repomd.xml: 598 Time(s)
/releases/stable/rpm/EL6/6Server/repodata/repomd.xml: 41 Time(s)
/releases/stable/rpm/Fedora/16/repodata/repomd.xml: 36 Time(s)
/releases/stable/src/ovirt-engine-3.0.0_0001.tar.gz: 1 Time(s)
/releases/stable/tools/ovirt-node-iso-2.5.1-1.0.fc17.iso: 1 Time(s)
/repos/ovirt/10/x86_64/repodata/repomd.xml: 24 Time(s)
/repos/ovirt/11/x86_64/livecd-tools-024-1o ... fc11.x86_64.rpm: 1 Time(s)
/repos/ovirt/15/i386/repodata/repomd.xml: 2 Time(s)
/repos/ovirt/15/x86_64/repodata/repomd.xml: 2 Time(s)
/repos/ovirt/ARCHIVE: 1 Time(s)
/robots.txt: 83 Time(s)
/screenshots.html: 4 Time(s)
/screenshots/AddStorageView.png: 1 Time(s)
/screenshots/UserChangeRole.png: 1 Time(s)
/screenshots/ViewHosts.png: 1 Time(s)
/screenshots/ViewVMPool.png: 1 Time(s)
/screenshots/ViewVMResources.png: 1 Time(s)
/screenshots/oVirtInterface.png: 1 Time(s)
/screenshots/ss-library.png: 1 Time(s)
/signup.php: 2 Time(s)
/snapshot/repo1.maven.org/maven2/org.mortbay.jetty/servlet: 1 Time(s)
/styles/diagram4.png: 3 Time(s)
/styles/favicon.ico: 1 Time(s)
/verify-NotifyUser2?aHR0cDovL3d3dy5vdmlydC ... WJwcm9qZWN0cy8=: 1 Time(s)
/w/images/a/a9/ovirt-3.0-installation_guide-en-us.pdf: 1 Time(s)
/w/index.php?title=-&action=raw&ge ... onobook&270: 39
Time(s)
/w/index.php?title=-&action=raw&ma ... 000&gen=css: 34
Time(s)
/wiki/Build_and_install_engine_rpm: 1 Time(s)
/wiki/Building_Ovit_Engine: 2 Time(s)
/wiki/Category:Sla: 2 Time(s)
/wiki/Category_talk:Infrastructure_documentation: 1 Time(s)
/wiki/Category_talk:Orphaned_Images: 1 Time(s)
/wiki/Developer: 2 Time(s)
/wiki/Features/.php: 1 Time(s)
/wiki/Features/NFSv4): 7 Time(s)
/wiki/Features/Quota-3.2: 2 Time(s)
/wiki/Features/remotedb: 1 Time(s)
/wiki/Help_talk:Contents: 1 Time(s)
/wiki/Image_Repository: 4 Time(s)
/wiki/Index.php: 2 Time(s)
/wiki/OVirt_Administration_Guide: 5 Time(s)
/wiki/OVirt_Evaluation_Guide: 2 Time(s)
/wiki/OVirt_Installation_Guide: 5 Time(s)
/wiki/Ovirt_3.0_feature_guide: 1 Time(s)
/wiki/Register.php: 2 Time(s)
/wiki/SLA-mom: 2 Time(s)
/wiki/Sla-mom: 2 Time(s)
/wiki/Talk:Architecture: 1 Time(s)
/wiki/Talk:DevelopersAllInOne: 1 Time(s)
/wiki/Talk:Features/Intial_Run_Vm_tab: 1 Time(s)
/wiki/Talk:Features/User_Portal_Permissions: 1 Time(s)
/wiki/Talk:Infrastructure_team_meetings: 1 Time(s)
/wiki/Talk:Intial_Run_Vm_tab: 1 Time(s)
/wiki/Talk:Licensing: 1 Time(s)
/wiki/Talk:Node: 1 Time(s)
/wiki/Talk:OVirt_3.0_Release_Notes: 1 Time(s)
/wiki/Talk:OVirt_3.1_release_notes: 3 Time(s)
/wiki/Talk:OVirt_home_in_Chinese: 1 Time(s)
/wiki/Talk:Options_for_RSS_feed_bundling: 1 Time(s)
/wiki/Talk:Quick_Start_Guide: 1 Time(s)
/wiki/Talk:Quickstart_guide_to_setting_up_ ... ng_oVirt_system: 1 Time(s)
/wiki/Talk:Release_process: 1 Time(s)
/wiki/Talk:User-level-query-column-filtering: 1 Time(s)
/wiki/Talk:Yum_repo_file: 1 Time(s)
/wiki/Testing/OvirtTestDay3.0: 2 Time(s)
/wiki/Troubleshooting_NFS_Storage_Issues.: 2 Time(s)
/wiki/Undefined: 2 Time(s)
/wiki/User:157.56.95.143: 1 Time(s)
/wiki/User:Hateya: 2 Time(s)
/wiki/User:Rgolan: 1 Time(s)
/wiki/User_talk:157.56.95.143: 1 Time(s)
/wiki/User_talk:Hateya: 2 Time(s)
/wiki/User_talk:Jumper45: 1 Time(s)
/wiki/User_talk:Quaid/SCALE_10x_presentation: 1 Time(s)
/wiki/User_talk:Vszocs: 1 Time(s)
/wiki/Working_with_ovirt-gerrit: 1 Time(s)
/wiki/index.php?title=Special:UserLogin&type=signup: 32 Time(s)
/wiki/oVirtWiki:General_disclaimer: 1 Time(s)
/wiki/oVirtWiki:Privacy_policy: 2 Time(s)
/wiki/oVirtWiki:Users: 1 Time(s)
/wiki/wikka.php?wakka=UserSettings: 1 Time(s)
/wp-content/themes/coraline-ovirt/images/wordpress.png: 18 Time(s)
http://37.28.156.211/sprawdza.php: 1 Time(s)
http://wiki.ovirt.org/wiki/index.php?title ... gin&type=signup: 1 Time(s)
405 Method Not Allowed
/wp-content/uploads/2011/: 2 Time(s)
/wp-content/uploads/2011/09/: 9 Time(s)
/wp-content/uploads/2011/09/ibm-logo1.png: 4 Time(s)
/wp-content/uploads/2011/09/ovirt.png: 3 Time(s)
416 Request Range Not Satisfiable
/releases/nightly/rpm/Fedora/17/repodata/other.xml.gz: 1 Time(s)
/releases/stable/rpm/Fedora/17/repodata/filelists.xml.gz: 2 Time(s)
500 Internal Server Error
/wp-content/themes/coraline-ovirt/: 2 Time(s)
/wp-content/themes/coraline/: 2 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
su:
Sessions Opened:
root -> root: 1 Time(s)
sudo:
Unknown Entries:
auth could not identify password for [mburns]: 1 Time(s)
conversation failed: 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
1 *Warning: Pre-queue content-filter connection overload
3 Miscellaneous warnings
101.762M Bytes accepted 106,705,316
3.230G Bytes delivered 3,467,968,163
======== ================================================
1632 Accepted 99.82%
3 Rejected 0.18%
-------- ------------------------------------------------
1635 Total 100.00%
======== ================================================
3 Reject unknown user 100.00%
-------- ------------------------------------------------
3 Total Rejects 100.00%
======== ================================================
895 Connections made
895 Disconnections
1593 Removed from queue
476 Delivered
24344 Sent via SMTP
4 Forwarded
89 Deferred
1042 Deferrals
1 Bounce (local)
13 Bounce (remote)
2 Expired and returned to sender
1 DSNs delivered
15 DSNs undeliverable
1192 Connection failure (outbound)
5 Timeout (inbound)
2 Hostname verification errors
334 Enabled PIX workaround
---------------------- Postfix End -------------------------
--------------------- SSHD Begin ------------------------
Users logging in through sshd:
gerrit-backup:
107.22.212.69 (gerrit.ovirt.org): 3 times
jenkins:
107.22.215.130 (ec2-107-22-215-130.compute-1.amazonaws.com): 1 time
mburns:
24.63.186.29 (c-24-63-186-29.hsd1.vt.comcast.net): 6 times
quaid:
50.1.51.127 (50-1-51-127.dsl.dynamic.fusionbroadband.com): 1 time
Received disconnect:
11: Bye Bye : 521 Time(s)
11: disconnected by user : 8 Time(s)
SFTP subsystem requests: 1 Time(s)
**Unmatched Entries**
reverse mapping checking getaddrinfo for hosted.by.serveo.nl [91.218.124.51] failed -
POSSIBLE BREAK-IN ATTEMPT! : 1 time(s)
reverse mapping checking getaddrinfo for
138.125.116.112.broad.km.yn.dynamic.163data.com.cn [112.116.125.138] failed - POSSIBLE
BREAK-IN ATTEMPT! : 1 time(s)
---------------------- SSHD End -------------------------
--------------------- Sudo (secure-log) Begin ------------------------
==============================================================================
mburns => root
--------------
/bin/mv - 6 Times.
/bin/rm - 1 Times.
/bin/su - 1 Times.
/usr/bin/createrepo - 1 Times.
**Unmatched Entries**
pam_unix(sudo:auth): auth could not identify password for [mburns]: 1 Time(s)
pam_unix(sudo:auth): conversation failed: 1 Time(s)
---------------------- Sudo (secure-log) End -------------------------
--------------------- XNTPD Begin ------------------------
Total synchronizations 4 (hosts: 2)
---------------------- XNTPD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/xvda 25G 23G 1.9G 93% /
/dev/xvda => 93% Used. Warning. Disk Filling up.
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################