################### Logwatch 7.3.6 (05/19/07) #################### Processing Initiated: Tue Oct 9 03:36:29 2012 Date Range Processed: yesterday ( 2012-Oct-08 ) Period is day. Detail Level of Output: 0 Type of Output: unformatted Logfiles for Host: linode01.ovirt.org ################################################################## --------------------- httpd Begin ------------------------ A total of 3 sites probed the server 85.17.131.62 89.216.30.165 91.215.216.21 A total of 4 possible successful probes were detected (the following URLs contain strings that match one or more of a listing of strings that indicate a possible exploit): /?option=com_mailto&controller=../../../../../../../../../../../../../../../proc/self/environ%00 HTTP Response 200 //index.php?option=com_mailto&controller=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000 HTTP Response 301 //index.php?option=com_mailto&controller=../../../../../../../../../../../../../../../proc/self/environ%00 HTTP Response 301 /?option=com_mailto&controller=../../../../../../../../../../../../../../../../../../../../../../../../proc/self/environ%0000 HTTP Response 200 Requests with error response codes 404 Not Found /%2A%2Amailman/listinfo/users: 1 Time(s) /&ei=X49yUPn-KoaYmQWd9YGgBQ&usg=AFQjCNGJQq ... hvu5PqA&cad=rjt: 1 Time(s) //wiki.ovirt.org/wiki/Talk:Features/Serial ... Detailed_Design: 1 Time(s) //wiki.ovirt.org/wiki/Talk:Index.php: 1 Time(s) //wiki.ovirt.org/wiki/Talk:Troubleshooting ... _Storage_Issues: 1 Time(s) /Category_talk:Node: 1 Time(s) /Talk:Engine_Adding_Messages: 2 Time(s) /Talk:Features/Design/StableDeviceAddresses: 1 Time(s) /Talk:Features/Gluster_Support: 1 Time(s) /Talk:Features/UIPlugins: 2 Time(s) /Talk:Main_Page: 6 Time(s) /Talk:Www.ovirt.org-Configuration: 1 Time(s) /about.html: 1 Time(s) /admin/banner_manager.php/login.php: 4 Time(s) /admin/categories.php/login.php: 3 Time(s) /admin/categories.php/login.php?cPath=&act ... product_preview: 45 Time(s) /admin/file_manager.php/login.php: 5 Time(s) /apple-touch-icon-precomposed.png: 10 Time(s) /apple-touch-icon.png: 6 Time(s) /docs/Using_the_oVirt_Server_Suite_User_In ... _Pane_Quota.png: 1 Time(s) /docs/oVirt_Server_Suite_Installation_Guid ... PostgreSQL.html: 1 Time(s) /docs/oVirt_Server_Suite_Installation_Guide.pdf: 1 Time(s) /documentation.html: 1 Time(s) /download: 1 Time(s) /download.html: 2 Time(s) /download/: 1 Time(s) /download/ovirt-developer-appliance-0.91-1-x86_64.tar: 1 Time(s) /favicon.gif: 1 Time(s) /favicon.ico: 1098 Time(s) /feature: 2 Time(s) /features: 2 Time(s) /index.html: 8 Time(s) /page/API_CLI: 1 Time(s) /page/Dashboard_UX/: 1 Time(s) /page/FAQ: 1 Time(s) /page/Special:Recentchangeslinked/Image:OV ... uery-jgrowl.png: 1 Time(s) /pipermail/infra/2012-March//admin/categor ... product_preview: 45 Time(s) /pipermail/infra/2012-March/000226.html//a ... product_preview: 45 Time(s) /pipermail/infra/2012-March/000226.html/ad ... r.php/login.php: 9 Time(s) /pipermail/infra/2012-March/000226.html/ad ... s.php/login.php: 3 Time(s) /pipermail/infra/2012-March/admin/banner_m ... r.php/login.php: 4 Time(s) /pipermail/infra/2012-March/admin/categories.php/login.php: 3 Time(s) /pipermail/infra/2012-March/admin/file_manager.php/login.php: 5 Time(s) /pipermail/mom-devel: 1 Time(s) /pipermail/patches: 1 Time(s) /pipermail/user/register: 4 Time(s) /pipermail/users//index.php?option=com_mai ... lf/environ%0000: 4 Time(s) /pipermail/users/2012-April//index.php?opt ... lf/environ%0000: 4 Time(s) /pipermail/users/2012-April//index.php?opt ... self/environ%00: 1 Time(s) /pipermail/users/2012-April/001476.html//i ... self/environ%00: 1 Time(s) /pipermail/users/2012-April/001539.html//i ... self/environ%00: 1 Time(s) /pipermail/users/2012-April/001566.html//i ... self/environ%00: 1 Time(s) /pipermail/users/2012-April/001782.html//i ... self/environ%00: 1 Time(s) /pipermail/users/2012-June/002767.html++++ ... orms+are+found;: 1 Time(s) /pipermail/users/2012-March//index.php?opt ... lf/environ%0000: 1 Time(s) /pipermail/users/2012-March//index.php?opt ... self/environ%00: 1 Time(s) /pipermail/users/2012-March/001221.html//i ... self/environ%00: 1 Time(s) /pipermail/users/2012-May//index.php?optio ... lf/environ%0000: 3 Time(s) /pipermail/users/2012-May//index.php?optio ... self/environ%00: 1 Time(s) /pipermail/users/2012-May/001842.html//ind ... self/environ%00: 1 Time(s) /pipermail/users/2012-september/003780.html: 1 Time(s) /quick-tour.html: 1 Time(s) /releases/3.1/rpm/Fedora/17/ovirt-engine.repo: 1 Time(s) /releases/3.1/rpm/fedora/17/ovirt-engine.repo: 1 Time(s) /releases/beta/fedora/17: 1 Time(s) /releases/beta/fedora/17/: 2 Time(s) /releases/beta/fedora/17/repodata/filelists.xml.gz: 23 Time(s) /releases/beta/fedora/17/repodata/other.xml.gz: 1 Time(s) /releases/beta/fedora/17/repodata/repomd.xml: 58 Time(s) /releases/beta/ovirt-engine.repo: 1 Time(s) /releases/beta/rpm/Fedora/19/ovirt-engine.repo: 1 Time(s) /releases/nightly/17: 1 Time(s) /releases/nightly/Fedora/17/ovirt-engine.repo: 2 Time(s) /releases/nightly/RHEL/6/repodata/repomd.xml: 1 Time(s) /releases/nightly/fedora/16/: 2 Time(s) /releases/nightly/fedora/16/ovirt-engine-s ... fc16.noarch.rpm: 1 Time(s) /releases/nightly/fedora/16/ovirt-engine.repo: 9 Time(s) /releases/nightly/fedora/16/repodata/repomd.xml: 338 Time(s) /releases/nightly/fedora/17/: 2 Time(s) /releases/nightly/fedora/17/ovirt-engine.repo: 1 Time(s) /releases/nightly/fedora/18/repodata/: 1 Time(s) /releases/nightly/rpm/Fedora/17/ovirt-engine.repo: 1 Time(s) /releases/nightly/rpm/Fedora/17/repodata/r ... data/repomd.xml: 5 Time(s) /releases/nightly/tools/ovirt-node-iso-2.5 ... 6d.344.fc17.iso: 1 Time(s) /releases/nightly/tools/ovirt-node-iso-2.5 ... 6d.345.fc17.iso: 1 Time(s) /releases/o: 1 Time(s) /releases/rpm/Fedora/17/repodata/repomd.xml: 1 Time(s) /releases/stable/binary/: 5 Time(s) /releases/stable/fedora: 1 Time(s) /releases/stable/fedora/16/: 2 Time(s) /releases/stable/fedora/16//repodata/repomd.xml: 1 Time(s) /releases/stable/fedora/16/dists/natty/InRelease: 1 Time(s) /releases/stable/fedora/16/dists/natty/Release: 1 Time(s) /releases/stable/fedora/16/dists/natty/Release.gpg: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... /Translation-en: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... /Translation-ru: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... 386/Packages.gz: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... 386/Packages.xz: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... 86/Packages.bz2: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... anslation-en.gz: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... anslation-en.xz: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... anslation-ru.gz: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... anslation-ru.xz: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... anslation-ru_RU: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... ation-ru_RU.bz2: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... lation-ru_RU.gz: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... lation-ru_RU.xz: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... nslation-en.bz2: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... nslation-ru.bz2: 1 Time(s) /releases/stable/fedora/16/dists/natty/mai ... y-i386/Packages: 1 Time(s) /releases/stable/fedora/16/dists/natty/main/i18n/Index: 1 Time(s) /releases/stable/fedora/16/ovirt-engine.repo: 11 Time(s) /releases/stable/fedora/16/repodata/filelists.xml.gz: 1 Time(s) /releases/stable/fedora/16/repodata/primary.xml.gz: 24 Time(s) /releases/stable/fedora/16/repodata/repomd.xml: 707 Time(s) /releases/stable/fedora/16/vdsm-cli-4.9.3. ... fc16.noarch.rpm: 1 Time(s) /releases/stable/fedora/17/ovirt-engine.repo: 1 Time(s) /releases/stable/fedora/17/repodata/repomd.xml: 2 Time(s) /releases/stable/ovirt-engine.repo: 19 Time(s) /releases/stable/ovirt-engine.repo%20-O: 1 Time(s) /releases/stable/ovirt-engine.repo%20-O%20 ... virtengine.repo: 4 Time(s) /releases/stable/ovirt-engine.repo%20-O%20/: 1 Time(s) /releases/stable/rpm/EL/6/repodata/repomd.xml: 5 Time(s) /releases/stable/rpm/EL/6/x86_64/repodata/repomd.xml: 2 Time(s) /releases/stable/rpm/EL6: 1 Time(s) /releases/stable/rpm/EL6/10.1/repodata/repomd.xml: 5 Time(s) /releases/stable/rpm/EL6/6.3/repodata/repomd.xml: 5 Time(s) /releases/stable/rpm/EL6/6/: 1 Time(s) /releases/stable/rpm/EL6/6/repodata/: 1 Time(s) /releases/stable/rpm/EL6/6/repodata/repomd.xml: 619 Time(s) /releases/stable/rpm/EL6/6Server/repodata/repomd.xml: 16 Time(s) /releases/stable/rpm/Fedora/16/repodata/repomd.xml: 80 Time(s) /repos/ovirt-management-repo/: 1 Time(s) /repos/ovirt/10/x86_64/repodata/repomd.xml: 24 Time(s) /repos/ovirt/15/i386/repodata/repomd.xml: 1 Time(s) /repos/ovirt/15/x86_64/repodata/repomd.xml: 2 Time(s) /robots.txt: 66 Time(s) /screenshots/AddNewStorageServer.png: 1 Time(s) /screenshots/AddStorageView.png: 1 Time(s) /screenshots/UserChangeRole.png: 1 Time(s) /screenshots/ViewHosts.png: 1 Time(s) /screenshots/ViewVMPool.png: 1 Time(s) /screenshots/ViewVMResources.png: 1 Time(s) /screenshots/oVirtInterface.png: 1 Time(s) /sitemap.xml: 2 Time(s) /styles/diagram4.png: 2 Time(s) /styles/favicon.ico: 4 Time(s) /undefined: 1 Time(s) /user/register: 8 Time(s) /w/.php: 1 Time(s) /w/images/6/66/ovirt_vdsm_storage_20111102.odp: 1 Time(s) /w/images/a/a0/workshop-1203-vdsm-mom.odp: 1 Time(s) /w/images/a/a9/OVirt-3.0-Installation_Guid ... 1aSlxrg&cad=rjt: 1 Time(s) /w/images/a/a9/ovirt-3.0-installation_guide-en-us.pdf: 1 Time(s) /w/images/b/b0/fosdem2012-ovirt-clean.pdf: 1 Time(s) /w/images/b/b3/quantum_ovirt_discussion-20111103.pdf: 2 Time(s) /w/images/b/be/ovirt-arch-iheim.pdf: 1 Time(s) /w/images/c/c9/ovirt-guest-agent.odp: 1 Time(s) /w/images/d/de/ovirt-engine-core-20111102.pdf: 1 Time(s) /w/images/e/e0/ovirt-scale10x-20120122.odp: 1 Time(s) /w/images/e/e3/ovirt-api-cli-sdk-20111102.pdf: 1 Time(s) /w/images/f/f5/ovirt-engine-core_fosdem_2012.pdf: 1 Time(s) /w/images/f/f7/ovirt_history_and_reports-20111102.odp: 1 Time(s) /w/images/f/fe/ovirt_vdsm_20111102.pdf: 1 Time(s) /w/index.php++++++++++++++++++++++++++++++ ... orms+are+found;: 2 Time(s) /w/index.php?title=-&action=raw&ge ... onobook&270: 44 Time(s) /w/index.php?title=-&action=raw&ma ... 000&gen=css: 18 Time(s) /wiki/.php: 2 Time(s) /wiki//index.php?title=Special:UserLogin&t ... urnto=Main_Page: 2 Time(s) /wiki/Category:Node/: 1 Time(s) /wiki/Category:Vdsm/.php: 1 Time(s) /wiki/Category_talk:Event_coordinator_documentation: 1 Time(s) /wiki/Category_talk:Node: 1 Time(s) /wiki/Category_talk:Template: 1 Time(s) /wiki/Category_talk:Vdsm: 1 Time(s) /wiki/Category_talk:Workshop_March_2012: 1 Time(s) /wiki/Feature: 2 Time(s) /wiki/Index.php: 8 Time(s) /wiki/Insta: 2 Time(s) /wiki/Main_Page/feature: 2 Time(s) /wiki/Main_Page/features: 2 Time(s) /wiki/Node_Building%2B%2B%2B%2B%2B%2B%2B%2 ... Bare%2Bfound%3b: 1 Time(s) /wiki/Node_PXE/: 1 Time(s) /wiki/OVirt_3.2_release_notes: 2 Time(s) /wiki/OVirt_Evaluation_Guide: 2 Time(s) /wiki/OVirt_Installation_Guide: 4 Time(s) /wiki/OVirt_Node_deployment_documentation: 2 Time(s) /wiki/Sanlock/: 1 Time(s) /wiki/Talk:Autorecovery: 1 Time(s) /wiki/Talk:Engine_Adding_Messages: 2 Time(s) /wiki/Talk:Engine_Core_-_oVirt_workshop_November_2011: 1 Time(s) /wiki/Talk:Features/Design/StableDeviceAddresses: 1 Time(s) /wiki/Talk:Features/Gluster_Support: 3 Time(s) /wiki/Talk:Features/SPICERelatedFeatures: 1 Time(s) /wiki/Talk:Features/Serial_Execution_of_As ... Detailed_Design: 1 Time(s) /wiki/Talk:Features/UIPlugins: 2 Time(s) /wiki/Talk:HSM_service_stand_alone: 2 Time(s) /wiki/Talk:HSM_stand_alone: 1 Time(s) /wiki/Talk:Index.php: 1 Time(s) /wiki/Talk:Installing_ovirt-node_from_rpm: 1 Time(s) /wiki/Talk:LC_Japan_Workshop_Post-Mortem: 1 Time(s) /wiki/Talk:Main_Page: 6 Time(s) /wiki/Talk:Node_Building: 1 Time(s) /wiki/Talk:OVirt_3.0_to_3.1_upgrade: 4 Time(s) /wiki/Talk:Troubleshooting_NFS_Storage_Issues: 1 Time(s) /wiki/Talk:Www.ovirt.org-Configuration: 1 Time(s) /wiki/User:180.76.5.48: 1 Time(s) /wiki/User:180.76.5.97: 1 Time(s) /wiki/User:Santosam: 1 Time(s) /wiki/User:Sming: 1 Time(s) /wiki/User:Yair_Zaslavsky: 2 Time(s) /wiki/User_talk:180.76.5.97: 1 Time(s) /wiki/User_talk:Dnkrcf@yvqiye.com: 1 Time(s) /wiki/User_talk:Garyk: 1 Time(s) /wiki/User_talk:Sming: 1 Time(s) /wiki/User_talk:Yair_Zaslavsky: 2 Time(s) /wiki/index.php?title=Special:UserLogin&type=signup: 50 Time(s) /wiki/main_page/wp-signup.php: 1 Time(s) /wiki/oVirtWiki%3AGeneral_disclaimer: 1 Time(s) /wiki/oVirtWiki:About: 2 Time(s) /wiki/oVirtWiki:General_disclaimer: 3 Time(s) /wiki/oVirtWiki:Privacy_policy: 4 Time(s) http://wiki.ovirt.org/wiki/index.php?title ... gin&type=signup: 1 Time(s) 416 Request Range Not Satisfiable /releases/nightly/rpm/Fedora/17/repodata/other.xml.gz: 1 Time(s) /releases/stable/rpm/Fedora/17/repodata/other.xml.gz: 9 Time(s) ---------------------- httpd End ------------------------- --------------------- Postfix Begin ------------------------ 4.776M Bytes accepted 5,008,504 180.664M Bytes delivered 189,440,315 ======== ================================================ 466 Accepted 99.79% 1 Rejected 0.21% -------- ------------------------------------------------ 467 Total 100.00% ======== ================================================ 1 Reject unknown user 100.00% -------- ------------------------------------------------ 1 Total Rejects 100.00% ======== ================================================ 272 Connections made 5 Connections lost 272 Disconnections 458 Removed from queue 158 Delivered 15187 Sent via SMTP 2 Forwarded 32 Deferred 439 Deferrals 1 Bounce (local) 8 Bounce (remote) 9 DSNs undeliverable 326 Connection failure (outbound) 3 Timeout (inbound) 2 Hostname verification errors 65 Enabled PIX workaround ---------------------- Postfix End ------------------------- --------------------- SSHD Begin ------------------------ Users logging in through sshd: gerrit-backup: 107.22.212.69 (gerrit.ovirt.org): 3 times jenkins: 107.22.215.130 (ec2-107-22-215-130.compute-1.amazonaws.com): 1 time mburns: 24.63.186.29 (c-24-63-186-29.hsd1.vt.comcast.net): 1 time Received disconnect: 11: Bye Bye : 536 Time(s) 11: disconnected by user : 4 Time(s) SFTP subsystem requests: 1 Time(s) **Unmatched Entries** reverse mapping checking getaddrinfo for 138.63.114.112.broad.km.yn.dynamic.163data.com.cn [112.114.63.138] failed - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s) reverse mapping checking getaddrinfo for 116-58-221-96.net-infinity.net [116.58.221.96] failed - POSSIBLE BREAK-IN ATTEMPT! : 2 time(s) reverse mapping checking getaddrinfo for 77-76-109-119.static.unassigned.as8607.net [77.76.109.119] failed - POSSIBLE BREAK-IN ATTEMPT! : 4 time(s) Address 196.213.86.130 maps to mail.wr.mct.co.za, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s) reverse mapping checking getaddrinfo for 187.115.202.83.static.gvt.net.br [187.115.202.83] failed - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Sudo (secure-log) Begin ------------------------ ============================================================================== mburns => root -------------- /bin/rm - 8 Times. ---------------------- Sudo (secure-log) End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/xvda 25G 21G 3.8G 85% / ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################