Logwatch for linode01.ovirt.org (Linux)

################### Logwatch 7.3.6 (05/19/07) #################### Processing Initiated: Sat Mar 3 03:45:32 2012 Date Range Processed: yesterday ( 2012-Mar-02 ) Period is day. Detail Level of Output: 0 Type of Output: unformatted Logfiles for Host: linode01.ovirt.org ################################################################## --------------------- httpd Begin ------------------------ A total of 1 sites probed the server 174.142.82.134 A total of 1 possible successful probes were detected (the following URLs contain strings that match one or more of a listing of strings that indicate a possible exploit): //js.php?module=../../../../../../../../../../../../..//proc/self/environ%0000 HTTP Response 301 Requests with error response codes 404 Not Found /.../images: 1 Time(s) /1.jar: 1 Time(s) /2ddfp.php?f=1: 1 Time(s) /2fdp.php?f=1: 1 Time(s) /Admin/Images/Panel/background.png: 1 Time(s) /Admin/style.css: 1 Time(s) /Talk:Features/VMPayload: 1 Time(s) /Talk:Workshop_November_2011_-_Day_Two: 3 Time(s) /about.html: 2 Time(s) /adfp2.php?f=1: 1 Time(s) /adm.php: 1 Time(s) /admin.php: 1 Time(s) /admin/css/img/bg_top7.gif: 1 Time(s) /admin/img/log_in.png: 1 Time(s) /adp2.php?f=1: 1 Time(s) /animals.txt: 1 Time(s) /apple-touch-icon-precomposed.png: 19 Time(s) /apple-touch-icon.png: 19 Time(s) /build-instructions.html: 1 Time(s) /community: 1 Time(s) /community-activity: 1 Time(s) /contribute.html: 1 Time(s) /crossdomain.xml: 2 Time(s) /crypt/rsa.php: 1 Time(s) /css/style.css: 1 Time(s) /docs/oVirt_Server_Suite_Installation_Guid ... stallation.html: 1 Time(s) /docs/oVirt_Server_Suite_Installation_Guide.pdf: 2 Time(s) /documentation.html: 5 Time(s) /download.html: 5 Time(s) /downloads: 1 Time(s) /favicon.gif: 4 Time(s) /favicon.png: 1 Time(s) /games/1fdp.php?f=1: 1 Time(s) /i/1.png: 1 Time(s) /images/logo.png: 1 Time(s) /images/logo1.jpg: 1 Time(s) /img/b-settings.png: 1 Time(s) /img/b-statistics.png: 1 Time(s) /img/logo.png: 4 Time(s) /img/main/administrator.png: 1 Time(s) /img/spylogo.png: 2 Time(s) /include/admin.lib.inc.php?site_path=http: ... dules/tmp.jpg??: 1 Time(s) /include/admin.lib.inc.php?site_path=test??: 1 Time(s) /index.html: 11 Time(s) /install-instructions.html: 1 Time(s) /js.php?module=../../../../../../../../../ ... lf/environ%0000: 3 Time(s) /js/jquery-1.3.2.min.js: 1 Time(s) /logo.gif: 1 Time(s) /logo.jpg: 1 Time(s) /mdac.php: 1 Time(s) /milestones.html: 1 Time(s) /news.html: 2 Time(s) /ovirtfosdem.jpg: 1 Time(s) /page/Appliance_Installation: 1 Time(s) /page/ArchDiagrams: 1 Time(s) /page/FAQ: 3 Time(s) /page/FlexSDK_RPM: 1 Time(s) /page/Installation: 1 Time(s) /page/Main_Page: 1 Time(s) /page/Node_Stateful: 1 Time(s) /page/Redesigned_Network_Configuration: 1 Time(s) /page/UX_Walkthrough: 1 Time(s) /page/User:Gcrazyg/: 1 Time(s) /page/Virtual_Machine_Pool: 1 Time(s) /panel.php: 1 Time(s) /pipermail//2ddfp.php?f=1: 1 Time(s) /pipermail//2fdp.php?f=1: 1 Time(s) /pipermail//adfp2.php?f=1: 1 Time(s) /pipermail//adp2.php?f=1: 1 Time(s) /pipermail/1.jar: 1 Time(s) /pipermail/Admin/Images/Panel/background.png: 1 Time(s) /pipermail/Admin/style.css: 1 Time(s) /pipermail/adm.php: 1 Time(s) /pipermail/admin.php: 1 Time(s) /pipermail/admin/css/img/bg_top7.gif: 1 Time(s) /pipermail/admin/img/log_in.png: 1 Time(s) /pipermail/crypt/rsa.php: 1 Time(s) /pipermail/css/style.css: 1 Time(s) /pipermail/engine-patches//2ddfp.php?f=1: 1 Time(s) /pipermail/engine-patches//2fdp.php?f=1: 1 Time(s) /pipermail/engine-patches//adfp2.php?f=1: 1 Time(s) /pipermail/engine-patches//adp2.php?f=1: 1 Time(s) /pipermail/engine-patches/1.jar: 1 Time(s) /pipermail/engine-patches/2011-November//2ddfp.php?f=1: 1 Time(s) /pipermail/engine-patches/2011-November//2fdp.php?f=1: 1 Time(s) /pipermail/engine-patches/2011-November//adfp2.php?f=1: 1 Time(s) /pipermail/engine-patches/2011-November//adp2.php?f=1: 1 Time(s) /pipermail/engine-patches/2011-November/1.jar: 1 Time(s) /pipermail/engine-patches/2011-November/Ad ... /background.png: 1 Time(s) /pipermail/engine-patches/2011-November/Admin/style.css: 1 Time(s) /pipermail/engine-patches/2011-November/ad ... img/bg_top7.gif: 1 Time(s) /pipermail/engine-patches/2011-November/adm.php: 1 Time(s) /pipermail/engine-patches/2011-November/admin.php: 1 Time(s) /pipermail/engine-patches/2011-November/admin/img/log_in.png: 1 Time(s) /pipermail/engine-patches/2011-November/crypt/rsa.php: 1 Time(s) /pipermail/engine-patches/2011-November/css/style.css: 1 Time(s) /pipermail/engine-patches/2011-November/games/1fdp.php?f=1: 1 Time(s) /pipermail/engine-patches/2011-November/i/1.png: 1 Time(s) /pipermail/engine-patches/2011-November/im ... ministrator.png: 1 Time(s) /pipermail/engine-patches/2011-November/images/logo.png: 1 Time(s) /pipermail/engine-patches/2011-November/images/logo1.jpg: 1 Time(s) /pipermail/engine-patches/2011-November/img/b-settings.png: 1 Time(s) /pipermail/engine-patches/2011-November/img/b-statistics.png: 1 Time(s) /pipermail/engine-patches/2011-November/img/logo.png: 4 Time(s) /pipermail/engine-patches/2011-November/img/spylogo.png: 2 Time(s) /pipermail/engine-patches/2011-November/index.php: 2 Time(s) /pipermail/engine-patches/2011-November/js ... ry-1.3.2.min.js: 1 Time(s) /pipermail/engine-patches/2011-November/logo.gif: 1 Time(s) /pipermail/engine-patches/2011-November/logo.jpg: 1 Time(s) /pipermail/engine-patches/2011-November/mdac.php: 1 Time(s) /pipermail/engine-patches/2011-November/panel.php: 1 Time(s) /pipermail/engine-patches/2011-November/sk ... min_av_row.html: 1 Time(s) /pipermail/engine-patches/2011-November/st ... images/logo.png: 1 Time(s) /pipermail/engine-patches/2011-November/stat.php: 2 Time(s) /pipermail/engine-patches/2011-November/statistics.php: 1 Time(s) /pipermail/engine-patches/2011-November/stats.php: 1 Time(s) /pipermail/engine-patches/2011-November/style.css: 1 Time(s) /pipermail/engine-patches/2011-November/style/logo.gif: 1 Time(s) /pipermail/engine-patches/2011-November/theme/failed.png: 1 Time(s) /pipermail/engine-patches/2011-November/theme/header.html: 2 Time(s) /pipermail/engine-patches/2011-November/theme/style.css: 1 Time(s) /pipermail/engine-patches/2011-November/theme/throbber.gif: 1 Time(s) /pipermail/engine-patches/2011-November/user/login/index.php: 1 Time(s) /pipermail/engine-patches/2011-november/: 1 Time(s) /pipermail/engine-patches/Admin/Images/Panel/background.png: 1 Time(s) /pipermail/engine-patches/Admin/style.css: 1 Time(s) /pipermail/engine-patches/adm.php: 1 Time(s) /pipermail/engine-patches/admin.php: 1 Time(s) /pipermail/engine-patches/admin/css/img/bg_top7.gif: 1 Time(s) /pipermail/engine-patches/admin/img/log_in.png: 1 Time(s) /pipermail/engine-patches/crypt/rsa.php: 1 Time(s) /pipermail/engine-patches/css/style.css: 1 Time(s) /pipermail/engine-patches/games/1fdp.php?f=1: 1 Time(s) /pipermail/engine-patches/i/1.png: 1 Time(s) /pipermail/engine-patches/images/logo.png: 1 Time(s) /pipermail/engine-patches/images/logo1.jpg: 1 Time(s) /pipermail/engine-patches/img/b-settings.png: 1 Time(s) /pipermail/engine-patches/img/b-statistics.png: 1 Time(s) /pipermail/engine-patches/img/logo.png: 4 Time(s) /pipermail/engine-patches/img/main/administrator.png: 1 Time(s) /pipermail/engine-patches/img/spylogo.png: 2 Time(s) /pipermail/engine-patches/index.php: 2 Time(s) /pipermail/engine-patches/js/jquery-1.3.2.min.js: 1 Time(s) /pipermail/engine-patches/logo.gif: 1 Time(s) /pipermail/engine-patches/logo.jpg: 1 Time(s) /pipermail/engine-patches/mdac.php: 1 Time(s) /pipermail/engine-patches/panel.php: 1 Time(s) /pipermail/engine-patches/skins/admin_av_row.html: 1 Time(s) /pipermail/engine-patches/stat.php: 2 Time(s) /pipermail/engine-patches/statistics.php: 1 Time(s) /pipermail/engine-patches/statistics/images/logo.png: 1 Time(s) /pipermail/engine-patches/stats.php: 1 Time(s) /pipermail/engine-patches/style.css: 1 Time(s) /pipermail/engine-patches/style/logo.gif: 1 Time(s) /pipermail/engine-patches/theme/failed.png: 1 Time(s) /pipermail/engine-patches/theme/header.html: 2 Time(s) /pipermail/engine-patches/theme/style.css: 1 Time(s) /pipermail/engine-patches/theme/throbber.gif: 1 Time(s) /pipermail/engine-patches/user/login/index.php: 1 Time(s) /pipermail/games/1fdp.php?f=1: 1 Time(s) /pipermail/gerrit: 1 Time(s) /pipermail/i/1.png: 1 Time(s) /pipermail/images/logo.png: 1 Time(s) /pipermail/images/logo1.jpg: 1 Time(s) /pipermail/img/b-settings.png: 1 Time(s) /pipermail/img/b-statistics.png: 1 Time(s) /pipermail/img/logo.png: 4 Time(s) /pipermail/img/main/administrator.png: 1 Time(s) /pipermail/img/spylogo.png: 2 Time(s) /pipermail/index.php: 2 Time(s) /pipermail/js/jquery-1.3.2.min.js: 1 Time(s) /pipermail/logo.gif: 1 Time(s) /pipermail/logo.jpg: 1 Time(s) /pipermail/mdac.php: 1 Time(s) /pipermail/panel.php: 1 Time(s) /pipermail/security: 1 Time(s) /pipermail/security-private: 1 Time(s) /pipermail/skins/admin_av_row.html: 1 Time(s) /pipermail/stat.php: 2 Time(s) /pipermail/statistics.php: 1 Time(s) /pipermail/statistics/images/logo.png: 1 Time(s) /pipermail/stats.php: 1 Time(s) /pipermail/style.css: 1 Time(s) /pipermail/style/logo.gif: 1 Time(s) /pipermail/theme/failed.png: 1 Time(s) /pipermail/theme/header.html: 2 Time(s) /pipermail/theme/style.css: 1 Time(s) /pipermail/theme/throbber.gif: 1 Time(s) /pipermail/user/login/index.php: 1 Time(s) /randomqb: 1 Time(s) /rawhide-build-instructions.html: 1 Time(s) /rawhide-install-instructions.html: 1 Time(s) /release-notes.html: 1 Time(s) /releases/nightly/fedora/16/ovirt-engine-3 ... fc16.x86_64.rpm: 1 Time(s) /releases/nightly/fedora/16/ovirt-engine-n ... fc16.x86_64.rpm: 1 Time(s) /releases/nightly/fedora/16/ovirt-engine-w ... fc16.x86_64.rpm: 1 Time(s) /releases/stable/binary/ovirt-engine-sdk-: 1 Time(s) /releases/stable/fedora/15/ovirt-engine.repo: 1 Time(s) /releases/stable/fedora/16/ovirt: 1 Time(s) /releases/stable/fedora/16/ovirt-engine: 1 Time(s) /releases/stable/fedora/16/ovirt-engine.re ... data/repomd.xml: 6 Time(s) /releases/stable/fedora/17/ovirt-engine.repo: 1 Time(s) /releases/stable/fedora/6/x86_64/repodata/repomd.xml: 5 Time(s) /releases/stable/ovirt-engine.repo/repodata/repomd.xml: 4 Time(s) /repos/ovirt/10/x86_64/repodata/repomd.xml: 24 Time(s) /repos/ovirt/15/i386/repodata/repomd.xml: 1 Time(s) /repos/ovirt/15/x86_64/repodata/repomd.xml: 1 Time(s) /robots.txt: 1 Time(s) /rss.png: 1 Time(s) /scmrepo.html: 1 Time(s) /screenshots.html: 3 Time(s) /screenshots/ViewVMPool.png: 5 Time(s) /sitemap.xml: 1 Time(s) /skins/admin_av_row.html: 1 Time(s) /stat.php: 2 Time(s) /statistics.php: 1 Time(s) /statistics/images/logo.png: 1 Time(s) /stats.php: 1 Time(s) /style.css: 1 Time(s) /style/logo.gif: 1 Time(s) /styles/default-debug.css: 1 Time(s) /styles/diagram4.png: 8 Time(s) /styles/favicon.ico: 2 Time(s) /styles/front-graphic.png: 1 Time(s) /theme/failed.png: 1 Time(s) /theme/header.html: 2 Time(s) /theme/style.css: 1 Time(s) /theme/throbber.gif: 1 Time(s) /user/login/: 1 Time(s) /w/COPYING: 1 Time(s) /w/index.php%3Ftitle%3DMeetings%26oldid%3D2388: 2 Time(s) /w/index.php?title=-&action=raw&ge ... onobook&270: 41 Time(s) /w/index.php?title=-&action=raw&ma ... 000&gen=css: 41 Time(s) /wiki//w/index.php?title=Special:RecentChanges&feed=atom: 1 Time(s) /wiki/CLI/: 1 Time(s) /wiki/Category:Foobar: 2 Time(s) /wiki/Features/ConnectionMonitoring: 2 Time(s) /wiki/File_talk:OVirt_history_and_reports-20111102.pdf: 1 Time(s) /wiki/Foobar: 2 Time(s) /wiki/Index.php: 1 Time(s) /wiki/Ovirt.org-Configuration: 1 Time(s) /wiki/Skins/common/commonPrint.css: 1 Time(s) /wiki/Talk:Features/RemoteDB: 2 Time(s) /wiki/Talk:Features/SharedRAWDisk: 2 Time(s) /wiki/Talk:Features/VMPayload: 1 Time(s) /wiki/Talk:Multiple_Storage_Domain_Design: 1 Time(s) /wiki/Talk:Multiple_Storage_Domain_Feature: 1 Time(s) /wiki/Talk:Opening_guests: 1 Time(s) /wiki/Talk:Project_Proposal_-_MOM: 1 Time(s) /wiki/Talk:Project_Proposal_-_Nomad: 1 Time(s) /wiki/Talk:Running_ovirtbot: 1 Time(s) /wiki/Talk:Setting_Management_Development_Environment: 1 Time(s) /wiki/Talk:Workshop_November_2011_-_Day_Two: 3 Time(s) /wiki/User:Ashoham: 1 Time(s) /wiki/User:Dyasny: 1 Time(s) /wiki/User:Mgoldboi: 1 Time(s) /wiki/User:Mkollaro: 7 Time(s) /wiki/User:Quaid/: 1 Time(s) /wiki/User:Sgrinberg: 1 Time(s) /wiki/User_talk:180.76.5.158: 1 Time(s) /wiki/User_talk:Mgoldboi: 2 Time(s) /wiki/Www.ovirt.org-Configurationindex.php: 1 Time(s) /wiki/index.php?title=Special:Newimages&from=20110805145005: 1 Time(s) /wiki/index.php?title=Special:Newimages&from=20110805150144: 1 Time(s) /wiki/index.php?title=Special:Newimages&from=20110805151514: 1 Time(s) /wiki/index.php?title=Special:Newimages&from=20110805151725: 1 Time(s) /wiki/index.php?title=Special:Newimages&from=20110805151835: 1 Time(s) /wiki/index.php?title=Special:Newimages&from=20110805152542: 1 Time(s) /wiki/index.php?title=Special:Newimages&from=20110805152706: 1 Time(s) /wiki/index.php?title=Special:Newimages&from=20110805153508: 1 Time(s) /wiki/index.php?title=Special:Newimages&from=20110805154152: 1 Time(s) /wiki/index.php?title=Special:Newimages&from=20110805154245: 1 Time(s) /wiki/index.php?title=Special:Newimages&from=20110805155532: 1 Time(s) /wiki/index.php?title=Special:Newimages&from=20110805160254: 1 Time(s) /wiki/index.php?title=Special:UserLogin&ty ... urnto=Main+Page: 4 Time(s) /wiki/index.php?title=Special:UserLogin&type=signup: 8 Time(s) /wiki/oVirtWiki:About: 2 Time(s) /wiki/oVirtWiki:Current_events: 3 Time(s) /wiki/oVirtWiki:General_disclaimer: 1 Time(s) /wiki/oVirtWiki:Privacy_policy: 1 Time(s) /wiki/wp-signup.php: 2 Time(s) /wp-content/themes/coraline-ovirt/images/wordpress.png: 2 Time(s) http://www.financeande.com/feed/feed.php: 2 Time(s) http://www.hardjob.net/proxyheader.php: 1 Time(s) ---------------------- httpd End ------------------------- --------------------- pam_unix Begin ------------------------ sudo: Authentication Failures: quaid(0) -> quaid: 1 Time(s) ---------------------- pam_unix End ------------------------- --------------------- Postfix Begin ------------------------ 1 *Warning: Pre-queue content-filter connection overload 4.496M Bytes accepted 4,714,703 92.640M Bytes delivered 97,140,368 ======== ================================================ 787 Accepted 99.49% 4 Rejected 0.51% -------- ------------------------------------------------ 791 Total 100.00% ======== ================================================ 4 Reject unknown user 100.00% -------- ------------------------------------------------ 4 Total Rejects 100.00% ======== ================================================ 422 Connections made 422 Disconnections 776 Removed from queue 203 Delivered 10933 Sent via SMTP 5 Forwarded 18 Deferred 222 Deferrals 2 Bounce (local) 24 Bounce (remote) 26 DSNs undeliverable 265 Connection failure (outbound) 1 Timeout (inbound) 4 Hostname verification errors 124 Enabled PIX workaround ---------------------- Postfix End ------------------------- --------------------- SSHD Begin ------------------------ Users logging in through sshd: gerrit-backup: 107.22.212.69 (gerrit.ovirt.org): 3 times quaid: 50.0.66.28 (50-0-66-28.dsl.dynamic.fusionbroadband.com): 2 times Received disconnect: 11: Bye Bye : 1679 Time(s) 11: disconnected by user : 4 Time(s) **Unmatched Entries** Address 112.140.185.84 maps to server.ppcindo.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s) Address 212.124.115.10 maps to 10.lastcallopps.com, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 632 time(s) ---------------------- SSHD End ------------------------- --------------------- Sudo (secure-log) Begin ------------------------ ============================================================================== quaid => root ------------- /bin/bash - 1 Times. ---------------------- Sudo (secure-log) End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/xvda 9.9G 8.2G 1.6G 85% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################