################### Logwatch 7.3.6 (05/19/07) ####################
Processing Initiated: Mon Aug 6 03:46:39 2012
Date Range Processed: yesterday
( 2012-Aug-05 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host:
linode01.ovirt.org
##################################################################
--------------------- httpd Begin ------------------------
A total of 2 sites probed the server
178.33.237.22
188.132.239.233
A total of 4 possible successful probes were detected (the following URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):
//index.php?option=com_mailto&controller=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000
HTTP Response 301
/?option=com_mailto&controller=../../../../../../../../../../../../../../../proc/self/environ%00
HTTP Response 200
//index.php?option=com_mailto&controller=../../../../../../../../../../../../../../../proc/self/environ%00
HTTP Response 301
/?option=com_mailto&controller=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000
HTTP Response 200
Requests with error response codes
403 Forbidden
/wp-content/uploads/: 1 Time(s)
/wp-content/uploads/2012/: 1 Time(s)
404 Not Found
/Category_talk:Node: 1 Time(s)
/Jenkins: 1 Time(s)
/Talk:Node_Backlog: 1 Time(s)
/Talk:Node_PXE: 1 Time(s)
/Talk:Node_Testing: 1 Time(s)
/Talk:Ovirt_build_on_debian/ubuntu: 1 Time(s)
/Talk:Workshop_November_2011_-_Day_Two: 2 Time(s)
/about.html: 1 Time(s)
/admin/categories.php/login.php?cPath=&act ... product_preview: 22 Time(s)
/admin/sqlpatch.php/password_forgotten.php?action=execute: 4 Time(s)
/administrator/: 1 Time(s)
/administrator/index.php: 1 Time(s)
/apple-touch-icon-precomposed.png: 7 Time(s)
/apple-touch-icon.png: 5 Time(s)
/board: 1 Time(s)
/community: 1 Time(s)
/community-activity: 1 Time(s)
/contribute.html: 1 Time(s)
/crossdomain.xml: 1 Time(s)
/docs/Using_the_oVirt_Server_Suite_User_In ... naging-VMs.html: 1 Time(s)
/docs/Using_the_oVirt_Server_Suite_User_Interface/: 1 Time(s)
/documentation.html: 1 Time(s)
/download.html: 1 Time(s)
/favicon.ico: 630 Time(s)
/index.html: 5 Time(s)
/install-instructions.html: 1 Time(s)
/labels.rdf: 1 Time(s)
/licensing: 1 Time(s)
/listinfo/board: 1 Time(s)
/mailinglist.html: 1 Time(s)
/news.html: 1 Time(s)
/page/Dashboard_UX: 1 Time(s)
/page/Redesigned_Network_Configuration: 1 Time(s)
/page/Special:Whatlinkshere/Installation: 1 Time(s)
/page/User:Gcrazyg/: 1 Time(s)
/pipermail/arch/2012-March/000385.html%3E: 1 Time(s)
/pipermail/commits: 1 Time(s)
/pipermail/infra/2012-March//admin/categor ... product_preview: 12 Time(s)
/pipermail/infra/2012-March/000226.html//a ... product_preview: 12 Time(s)
/pipermail/infra/2012-March/admin/sqlpatch ... ?action=execute: 4 Time(s)
/pipermail/infra/admin/sqlpatch.php/passwo ... ?action=execute: 4 Time(s)
/pipermail/mom-devel: 1 Time(s)
/pipermail/nomad-devel: 1 Time(s)
/pipermail/patches: 1 Time(s)
/pipermail/users//index.php?option=com_mai ... lf/environ%0000: 1 Time(s)
/pipermail/users/2011-october/000006.html: 1 Time(s)
/pipermail/users/2012-April//index.php?opt ... lf/environ%0000: 1 Time(s)
/pipermail/users/2012-April//index.php?opt ... self/environ%00: 1 Time(s)
/pipermail/users/2012-April/001474.html//i ... self/environ%00: 1 Time(s)
/pipermail/users/2012-April/001539.html//i ... self/environ%00: 1 Time(s)
/pipermail/users/2012-April/001782.html//i ... self/environ%00: 1 Time(s)
/releases/3.0/rpm/Fedora/17/ovirt-engine.repo: 1 Time(s)
/releases/beta/fedora/$releasever: 1 Time(s)
/releases/nightly/RHEL/6/repodata/?C=D;O=A: 1 Time(s)
/releases/nightly/RHEL/6/repodata/filelists.xml.gz: 1 Time(s)
/releases/nightly/RHEL/6/repodata/repomd.xml: 5 Time(s)
/releases/nightly/RHEL/?C=M;O=D: 1 Time(s)
/releases/nightly/binary/: 1 Time(s)
/releases/nightly/fedora/16/: 1 Time(s)
/releases/nightly/fedora/16/md5sum: 2 Time(s)
/releases/nightly/fedora/16/ovirt-engine-c ... c16.noarch.rpm2: 1 Time(s)
/releases/nightly/fedora/16/ovirt-engine.repo: 2 Time(s)
/releases/nightly/fedora/16/repodata/repomd.xml: 465 Time(s)
/releases/nightly/fedora/17/repodata/repomd.xml: 3 Time(s)
/releases/nightly/fedora/18/repodata/repomd.xml: 1 Time(s)
/releases/stable/binary/: 33 Time(s)
/releases/stable/binary/md5sum: 1 Time(s)
/releases/stable/fedora/: 3 Time(s)
/releases/stable/fedora/16/: 4 Time(s)
/releases/stable/fedora/16//repodata/repomd.xml: 2 Time(s)
/releases/stable/fedora/16/dists/natty/InRelease: 1 Time(s)
/releases/stable/fedora/16/dists/natty/Release: 1 Time(s)
/releases/stable/fedora/16/dists/natty/Release.gpg: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... /Translation-en: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... /Translation-ru: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... 386/Packages.gz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... 386/Packages.xz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... 86/Packages.bz2: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... anslation-en.gz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... anslation-en.xz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... anslation-ru.gz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... anslation-ru.xz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... anslation-ru_RU: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... ation-ru_RU.bz2: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... lation-ru_RU.gz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... lation-ru_RU.xz: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... nslation-en.bz2: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... nslation-ru.bz2: 1 Time(s)
/releases/stable/fedora/16/dists/natty/mai ... y-i386/Packages: 1 Time(s)
/releases/stable/fedora/16/dists/natty/main/i18n/Index: 1 Time(s)
/releases/stable/fedora/16/ovirt-engine-sd ... fc16.noarch.rpm: 1 Time(s)
/releases/stable/fedora/16/ovirt-engine.repo: 5 Time(s)
/releases/stable/fedora/16/ovirt-node-tool ... fc16.noarch.rpm: 1 Time(s)
/releases/stable/fedora/16/repodata/filelists.xml.gz: 1 Time(s)
/releases/stable/fedora/16/repodata/primary.xml.gz: 72 Time(s)
/releases/stable/fedora/16/repodata/repomd.xml: 1530 Time(s)
/releases/stable/fedora/17/: 1 Time(s)
/releases/stable/fedora/17/repodata/repomd.xml: 5 Time(s)
/releases/stable/fedora/?C=N;O=D: 1 Time(s)
/releases/stable/ovirt-engine.repo: 2 Time(s)
/releases/stable/src/ovirt-engine-3.0.0_0001.tar.gz: 3 Time(s)
/releases/stable/src/ovirt-node-2.3.0.tar.gz: 1 Time(s)
/repos/ovirt/10/x86_64/repodata/repomd.xml: 25 Time(s)
/repos/ovirt/11/x86_64/livecd-tools-024-1o ... fc11.x86_64.rpm: 1 Time(s)
/repos/ovirt/15/i386/repodata/repomd.xml: 2 Time(s)
/repos/ovirt/15/x86_64/repodata/repomd.xml: 2 Time(s)
/repos/ovirt/basearch/: 1 Time(s)
/robots.txt: 40 Time(s)
/scmrepo.html: 2 Time(s)
/screenshots.html: 1 Time(s)
/screenshots/AddStorageView.png: 3 Time(s)
/screenshots/UserChangeRole.png: 3 Time(s)
/screenshots/ViewHosts.png: 3 Time(s)
/screenshots/ViewVMPool.png: 5 Time(s)
/screenshots/ViewVMResources.png: 3 Time(s)
/screenshots/oVirtInterface.png: 2 Time(s)
/styles/diagram4.png: 4 Time(s)
/w/%22/w/index.php?title=Features/Design/D ... ;redirect=no%22: 1 Time(s)
/w/%22/w/index.php?title=User:Rickyh&a ... mp;redlink=1%22: 1 Time(s)
/w/%22/wiki/Features/Design/DetailedHotPlugNic%22: 1 Time(s)
/w/images/b/b0/Fosdem20: 1 Time(s)
/w/index.php?title='Features/PicketlinkInt ... ion&oldid='2863: 1
Time(s)
/w/index.php?title=-&action=raw&ge ... onobook&270: 3
Time(s)
/w/index.php?title=-&action=raw&ma ... 000&gen=css: 3
Time(s)
/wiki/Category:Foobar_QA: 1 Time(s)
/wiki/Category:ProjectName: 1 Time(s)
/wiki/Category:Wiki_policy: 1 Time(s)
/wiki/Category_talk:Collateral: 1 Time(s)
/wiki/Category_talk:How_to: 1 Time(s)
/wiki/Category_talk:Marketing: 1 Time(s)
/wiki/Category_talk:Node: 1 Time(s)
/wiki/Category_talk:Project_wiki_template: 1 Time(s)
/wiki/Category_talk:Workshop_Mar_2012: 1 Time(s)
/wiki/Co-located: 1 Time(s)
/wiki/Design_for_mu: 1 Time(s)
/wiki/How_to_edit_the_wiki: 2 Time(s)
/wiki/Index.php: 2 Time(s)
/wiki/Session_name_-_oVirt_workshop_November_2011: 1 Time(s)
/wiki/Talk:Building_Ovirt_Engine/IDE: 1 Time(s)
/wiki/Talk:Documentation: 2 Time(s)
/wiki/Talk:Engine_Core_-_oVirt_workshop_November_2011: 1 Time(s)
/wiki/Talk:Features/DetailedQuota: 1 Time(s)
/wiki/Talk:Features/MultipleStorageDomains: 1 Time(s)
/wiki/Talk:Features/User_Portal_Permissions: 1 Time(s)
/wiki/Talk:Gap_analysis: 1 Time(s)
/wiki/Talk:Guest_Agent_Login_Windows: 1 Time(s)
/wiki/Talk:Main_Page: 1 Time(s)
/wiki/Talk:Node_Backlog: 1 Time(s)
/wiki/Talk:Node_PXE: 1 Time(s)
/wiki/Talk:Node_Testing: 1 Time(s)
/wiki/Talk:OVirt_3.1_release_notes: 1 Time(s)
/wiki/Talk:OVirt_Global_Workshops: 1 Time(s)
/wiki/Talk:Ovirt_build_on_debian/ubuntu: 1 Time(s)
/wiki/Talk:Project_Proposal_-_MOM: 1 Time(s)
/wiki/Talk:Quantum_and_oVirt: 1 Time(s)
/wiki/Talk:SANLock: 1 Time(s)
/wiki/Talk:Videos: 1 Time(s)
/wiki/Talk:Virt-to-date: 1 Time(s)
/wiki/Talk:Workshop_November_2011_-_Day_Two: 2 Time(s)
/wiki/Talk:Yum_repo_file: 1 Time(s)
/wiki/Template:Autolang: 1 Time(s)
/wiki/Undefined: 2 Time(s)
/wiki/User:180.76.5.103: 1 Time(s)
/wiki/User:180.76.5.142: 1 Time(s)
/wiki/User:180.76.5.148: 1 Time(s)
/wiki/User:180.76.5.150: 1 Time(s)
/wiki/User:180.76.5.151: 1 Time(s)
/wiki/User:180.76.5.154: 1 Time(s)
/wiki/User:180.76.5.155: 1 Time(s)
/wiki/User:180.76.5.163: 1 Time(s)
/wiki/User:180.76.5.188: 1 Time(s)
/wiki/User:180.76.5.57: 1 Time(s)
/wiki/User:180.76.5.65: 1 Time(s)
/wiki/User:180.76.6.21: 1 Time(s)
/wiki/User:85.17.29.107: 1 Time(s)
/wiki/User:Dougsland: 1 Time(s)
/wiki/User:Eyal: 1 Time(s)
/wiki/User:Iheim: 1 Time(s)
/wiki/User:Jhernand: 1 Time(s)
/wiki/User:Mgoldboi: 1 Time(s)
/wiki/User:Nkesick: 1 Time(s)
/wiki/User_talk:180.76.5.148: 1 Time(s)
/wiki/User_talk:180.76.5.151: 1 Time(s)
/wiki/User_talk:180.76.5.155: 1 Time(s)
/wiki/User_talk:180.76.5.165: 1 Time(s)
/wiki/User_talk:180.76.5.180: 1 Time(s)
/wiki/User_talk:180.76.5.91: 1 Time(s)
/wiki/User_talk:180.76.5.99: 1 Time(s)
/wiki/User_talk:66.187.237.10: 2 Time(s)
/wiki/User_talk:85.17.29.107: 1 Time(s)
/wiki/User_talk:91.205.96.19: 1 Time(s)
/wiki/User_talk:DNeary: 1 Time(s)
/wiki/User_talk:Dougsland: 1 Time(s)
/wiki/User_talk:Iheim: 1 Time(s)
/wiki/User_talk:Mgoldboi: 1 Time(s)
/wiki/User_talk:Nkesick: 1 Time(s)
/wiki/User_talk:Quaid: 1 Time(s)
/wiki/index.php?title=Special:UserLogin&type=signup: 29 Time(s)
/wiki/oVirtWiki:About: 3 Time(s)
/wiki/oVirtWiki:Privacy_policy: 4 Time(s)
/wiki/oVirtWiki:Users: 1 Time(s)
/wiki/wikka.php?wakka=UserSettings: 10 Time(s)
/wp-content/themes/coraline-ovirt/images/wordpress.png: 4 Time(s)
http://59.53.91.9/proxy/judge.php: 2 Time(s)
http://www.ovirt.org/releases/nightly/fedo ... data/repomd.xml: 2 Time(s)
http://www.piggmail.com/proxyheader.php: 1 Time(s)
http://www.travelimgusa.com/ip.php: 1 Time(s)
http://www.verysurf.com/proxyheader.php: 1 Time(s)
500 Internal Server Error
/w/index.php?diff=cur&oldid=2721: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- Postfix Begin ------------------------
6 Miscellaneous warnings
4.705M Bytes accepted 4,933,484
74.339M Bytes delivered 77,950,167
======== ================================================
947 Accepted 100.00%
-------- ------------------------------------------------
947 Total 100.00%
======== ================================================
498 Connections made
1 Connections lost
497 Disconnections
939 Removed from queue
267 Delivered
16078 Sent via SMTP
4 Forwarded
15 Deferred
225 Deferrals
4 Bounce (remote)
2 Expired and returned to sender
6 DSNs undeliverable
234 Connection failure (outbound)
3 Hostname verification errors
200 Enabled PIX workaround
---------------------- Postfix End -------------------------
--------------------- SSHD Begin ------------------------
Users logging in through sshd:
gerrit-backup:
107.22.212.69 (
gerrit.ovirt.org): 3 times
jenkins:
107.22.215.130 (
ec2-107-22-215-130.compute-1.amazonaws.com): 1 time
Received disconnect:
11: Bye Bye : 923 Time(s)
11: disconnected by user : 3 Time(s)
SFTP subsystem requests: 1 Time(s)
**Unmatched Entries**
Address 8.27.107.11 maps to
getcelerity.com, but this does not map back to the address -
POSSIBLE BREAK-IN ATTEMPT! : 8 time(s)
---------------------- SSHD End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/xvda 25G 13G 12G 54% /
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################