Logwatch for linode01.ovirt.org (Linux)
logwatch at lists.ovirt.org
logwatch at lists.ovirt.org
Thu Feb 21 08:23:18 UTC 2013
################### Logwatch 7.3.6 (05/19/07) ####################
Processing Initiated: Thu Feb 21 03:23:18 2013
Date Range Processed: yesterday
( 2013-Feb-20 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: linode01.ovirt.org
##################################################################
--------------------- httpd Begin ------------------------
A total of 1 sites probed the server
173.255.252.138
A total of 1 possible successful probes were detected (the following URLs
contain strings that match one or more of a listing of strings that
indicate a possible exploit):
null HTTP Response 200
Requests with error response codes
404 Not Found
//wp-content/plugins/radykal-fancy-gallery ... mage-upload.php: 3 Time(s)
//wp-content/themes/Envisioned/timthumb.ph ... /cybercrime.php: 4 Time(s)
//wp-content/themes/multidesign/scripts/ti ... .com%2Fcrax.php: 1 Time(s)
/admin/banner_manager.php/login.php: 3 Time(s)
/admin/categories.php/login.php: 3 Time(s)
/admin/configuration.php/login.php: 3 Time(s)
/admin/file_manager.php/login.php: 3 Time(s)
/apple-touch-icon-precomposed.png: 13 Time(s)
/apple-touch-icon.png: 12 Time(s)
/category/news/feed: 31 Time(s)
/category/news/feed/: 122 Time(s)
/favicon.ico: 710 Time(s)
/get-ovirt/: 1 Time(s)
/login.php: 2 Time(s)
/news-and-events/workshop-1-to-3-november-2011/: 1 Time(s)
/pipermail/infra//wp-content/themes/Envisi ... /cybercrime.php: 4 Time(s)
/pipermail/infra/2012-March/index.php?action=register: 2 Time(s)
/pipermail/infra/2012-March/index.php?do=/user/register/: 2 Time(s)
/pipermail/infra/2012-March/index.php?titl ... gin&type=signup: 2 Time(s)
/pipermail/infra/2012-March/join.php: 2 Time(s)
/pipermail/infra/2012-March/register: 2 Time(s)
/pipermail/infra/2012-March/register.php: 4 Time(s)
/pipermail/infra/2012-March/tiki-register.php: 2 Time(s)
/pipermail/infra/2012-March/wikka.php?wakka=UserSettings: 2 Time(s)
/pipermail/infra/2012-November//wp-content ... .com%2Fcrax.php: 1 Time(s)
/pipermail/infra/2012-November//wp-content ... /cybercrime.php: 4 Time(s)
/pipermail/infra/2012-November//wp-content ... mage-upload.php: 2 Time(s)
/pipermail/infra/2012-November/001330.html ... et%2F%2Fbad.php: 1 Time(s)
/pipermail/infra/2012-November/001330.html ... ort.net/bad.php: 1 Time(s)
/pipermail/infra/2012-November/001345.html ... t.net%2Fbad.php: 1 Time(s)
/pipermail/infra/2012-November/001404.html ... com%2Fjahat.php: 1 Time(s)
/pipermail/infra/2012-November/001410.html ... com%2Fjahat.php: 1 Time(s)
/pipermail/infra/2012-November/001410.html ... ort.net/bad.php: 1 Time(s)
/pipermail/infra/2012-November/001420.html ... t.net%2Fbad.php: 1 Time(s)
/pipermail/infra/2012-November/001432.html ... .com%2Fcrax.php: 1 Time(s)
/pipermail/infra/2012-November/001432.html ... /result/bat.php: 1 Time(s)
/pipermail/infra/2012-November/001445.html ... com%2Fjahat.php: 2 Time(s)
/pipermail/infra/2012-November/001445.html ... om.br%2Fbad.php: 1 Time(s)
/pipermail/infra/2012-November/001445.html ... t.net%2Fbad.php: 1 Time(s)
/pipermail/infra/2012-November/001462.html ... .fm/bangsat.php: 1 Time(s)
/pipermail/infra/2012-November/001462.html ... mage-upload.php: 1 Time(s)
/pipermail/infra/2012-November/001462.html ... rts.net/IDC.php: 1 Time(s)
/pipermail/infra/2012-November/001478.html ... ort.net/bad.php: 1 Time(s)
/pipermail/infra/2012-November/001552.html ... %2F%2Fcilik.php: 5 Time(s)
/pipermail/infra/2012-November/001552.html ... .com.br/bad.php: 1 Time(s)
/pipermail/infra/2012-November/001552.html ... ort.net/bad.php: 2 Time(s)
/pipermail/infra/2012-November/001572.html ... mage-upload.php: 2 Time(s)
/pipermail/infra/2012-November/wp-content/ ... %2F%2Fcilik.php: 3 Time(s)
/pipermail/infra/2012-November/wp-content/ ... .com.br/bad.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... .com//kikok.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... .fm/bangsat.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... /result/bat.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... com%2Fjahat.php: 2 Time(s)
/pipermail/infra/2012-November/wp-content/ ... et%2F%2Fbad.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... om.ar%2Fbad.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... om.br%2Fbad.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... ort.net/bad.php: 3 Time(s)
/pipermail/infra/2012-November/wp-content/ ... rts.net/IDC.php: 1 Time(s)
/pipermail/infra/2012-November/wp-content/ ... s.com%2Fbad.php: 2 Time(s)
/pipermail/infra/2012-November/wp-content/ ... t.net%2Fbad.php: 3 Time(s)
/pipermail/infra/2012-October/001243.html& ... com%2Fjahat.php: 1 Time(s)
/pipermail/infra/2012-October/001244.html& ... com%2Fjahat.php: 3 Time(s)
/pipermail/infra/2012-October/admin/banner ... r.php/login.php: 3 Time(s)
/pipermail/infra/2012-October/admin/categories.php/login.php: 3 Time(s)
/pipermail/infra/2012-October/admin/config ... n.php/login.php: 3 Time(s)
/pipermail/infra/2012-October/admin/file_m ... r.php/login.php: 3 Time(s)
/pipermail/infra/2012-October/wp-content/t ... com%2Fjahat.php: 3 Time(s)
/pipermail/infra/2012-September/001100.htm ... com%2Fjahat.php: 4 Time(s)
/pipermail/infra/2012-September/001139.htm ... rts.net/IDC.php: 1 Time(s)
/pipermail/infra/2012-September/001143.htm ... ort.net/bad.php: 1 Time(s)
/pipermail/infra/2012-September/admin/bann ... r.php/login.php: 3 Time(s)
/pipermail/infra/2012-September/admin/cate ... s.php/login.php: 3 Time(s)
/pipermail/infra/2012-September/admin/conf ... n.php/login.php: 3 Time(s)
/pipermail/infra/2012-September/admin/file ... r.php/login.php: 3 Time(s)
/pipermail/infra/2012-September/wp-content ... com%2Fjahat.php: 4 Time(s)
/pipermail/infra/2012-September/wp-content ... ort.net/bad.php: 1 Time(s)
/pipermail/infra/2012-September/wp-content ... rts.net/IDC.php: 1 Time(s)
/pipermail/infra/admin/banner_manager.php/login.php: 3 Time(s)
/pipermail/infra/admin/categories.php/login.php: 3 Time(s)
/pipermail/infra/admin/configuration.php/login.php: 3 Time(s)
/pipermail/infra/admin/file_manager.php/login.php: 3 Time(s)
/pipermail/infra/index.php?page=register: 2 Time(s)
/pipermail/infra/signup.php: 4 Time(s)
/pipermail/infra/wp-content/themes/auction ... s.com%2Fbad.php: 1 Time(s)
/pipermail/infra/wp-content/themes/crisp/t ... s.com%2Fbad.php: 1 Time(s)
/pipermail/infra/wp-content/themes/overeas ... .com//kikok.php: 1 Time(s)
/pipermail/infra/wp-login.php?action=register: 2 Time(s)
/pipermail/users/2012-February/000594.html ... %27%29+ACCEPTED: 1 Time(s)
/pipermail/users/2012-February/cache/fe339 ... f894419f160ab6e: 1 Time(s)
/pipermail/users/2012-June/002294.html++++ ... orms+are+found;: 1 Time(s)
/pipermail/users/2012-June/002466.html,: 1 Time(s)
/releases/3.0/rpm/EL/6/repodata/repodata/repomd.xml: 2 Time(s)
/releases/3.0/rpm/EL6/6Server/repodata/repomd.xml: 1 Time(s)
/releases/3.0/rpm/fedora/: 1 Time(s)
/releases/3.2/rpm/Fedora/18//.treeinfo: 150 Time(s)
/releases/3.2/rpm/Fedora/18//treeinfo: 150 Time(s)
/releases/3.2/rpm/Fedora/18/ovirt-engine.repo: 1 Time(s)
/releases/3.2/rpm/Fedora/19/noarch/repodata/: 1 Time(s)
/releases/beta.old.20120808/fedora/17/?C=M;O=A: 1 Time(s)
/releases/beta/fedora/17/repodata/filelists.xml.gz: 16 Time(s)
/releases/beta/fedora/17/repodata/other.xml.gz: 1 Time(s)
/releases/beta/fedora/17/repodata/repomd.xml: 16 Time(s)
/releases/beta/rpm/Fedora/18//.treeinfo: 150 Time(s)
/releases/beta/rpm/Fedora/18//treeinfo: 150 Time(s)
/releases/nightly/fedora: 1 Time(s)
/releases/nightly/fedora/16/ovirt-engine.repo: 1 Time(s)
/releases/nightly/fedora/16/repodata/repomd.xml: 204 Time(s)
/releases/nightly/fedora/17/x86_64/repodata/repomd.xml: 1 Time(s)
/releases/nightly/fedora/18/x86_64/repodata/repomd.xml: 1 Time(s)
/releases/nightly/rpm/Fedora/18//.treeinfo: 150 Time(s)
/releases/nightly/rpm/Fedora/18//treeinfo: 150 Time(s)
/releases/nightly/rpm/Fedora/18/noarch/oto ... fc18.noarch.rpm: 98 Time(s)
/releases/nightly/rpm/Fedora/18/noarch/ovi ... fc18.noarch.rpm: 498 Time(s)
/releases/nightly/rpm/Fedora/18/noarch/vds ... fc18.noarch.rpm: 563 Time(s)
/releases/nightly/rpm/el/6/hooks/vdsm-hook ... .el7.noarch.rpm: 1 Time(s)
/releases/o: 1 Time(s)
/releases/ovir-release-fedora.noarch.rpm: 1 Time(s)
/releases/ovirt-releases-fedora.noarch.rpm: 1 Time(s)
/releases/stable/binary/: 6 Time(s)
/releases/stable/deb/: 1 Time(s)
/releases/stable/fedora/16: 1 Time(s)
/releases/stable/fedora/16/: 1 Time(s)
/releases/stable/fedora/16/ovirt-engine.repo: 2 Time(s)
/releases/stable/fedora/16/repodata/primary.xml.gz: 17 Time(s)
/releases/stable/fedora/16/repodata/repomd.xml: 228 Time(s)
/releases/stable/fedora/19/ovirt-engine.repo: 1 Time(s)
/releases/stable/fedora/6.3/x86_64/repodata/repomd.xml: 2 Time(s)
/releases/stable/ovirt-engine.reop: 1 Time(s)
/releases/stable/ovirt-engine.repo%20-O%20 ... virtengine.repo: 1 Time(s)
/releases/stable/rpm/EL/6/repodata/repomd.xml: 6 Time(s)
/releases/stable/rpm/EL6: 1 Time(s)
/releases/stable/rpm/EL6/: 1 Time(s)
/releases/stable/rpm/EL6/6.3/: 1 Time(s)
/releases/stable/rpm/EL6/6.3/repodata/: 1 Time(s)
/releases/stable/rpm/EL6/6.3/repodata/repomd.xml: 7 Time(s)
/releases/stable/rpm/EL6/6/repodata/repomd.xml: 29 Time(s)
/releases/stable/rpm/EL6/6Server/repodata/repomd.xml: 10 Time(s)
/releases/stable/rpm/EL6/6Workstation/repodata/repomd.xml: 5 Time(s)
/releases/stable/rpm/Fedora/13/repodata/repomd.xml: 5 Time(s)
/releases/stable/rpm/Fedora/16/repodata/re ... other%20mirror.: 1 Time(s)
/releases/stable/rpm/Fedora/16/repodata/repomd.xml: 14 Time(s)
/releases/stable/rpm/Fedora/16/repodata/repomd.xml:: 1 Time(s)
/releases/stable/rpm/Fedora/18//.treeinfo: 150 Time(s)
/releases/stable/rpm/Fedora/18//treeinfo: 150 Time(s)
/releases/stable/rpm/Fedora/18/noarch/old/?C=S;O=D: 1 Time(s)
/releases/stable/rpm/Fedora/18/repodata/re ... ata/repomd.xml:: 1 Time(s)
/releases/stable/rpm/Fedora/18/repodata/re ... data/repomd.xml: 3 Time(s)
/releases/stable/rpm/Fedora/18/x86_64/repodata/repomd.xml: 3 Time(s)
/releases/stable/rpm/Fedora/19/noarch/old/: 1 Time(s)
/releases/stable/rpm/Fedora/19/ovirt-engine.repo: 1 Time(s)
/releases/stable/rpm/Fedora/6/repodata/repomd.xml: 1 Time(s)
/releases/testing/rpm/Fedora/18/noarch/: 1 Time(s)
/robots.txt: 34 Time(s)
/wp-content/plugins/wp-phpmyadmin/phpmyadm ... %2F%2Fcilik.php: 3 Time(s)
/wp-content/themes/Envisioned/timthumb.php ... .com.br/bad.php: 1 Time(s)
/wp-content/themes/Envisioned/timthumb.php ... ort.net/bad.php: 2 Time(s)
/wp-content/themes/arras/library/timthumb. ... rts.net/IDC.php: 1 Time(s)
/wp-content/themes/auctionpress/thumbs/_tb ... .fm/bangsat.php: 1 Time(s)
/wp-content/themes/auctionpress/thumbs/_tb ... rts.net/IDC.php: 1 Time(s)
/wp-content/themes/auctionpress/thumbs/_tb ... s.com%2Fbad.php: 1 Time(s)
/wp-content/themes/crisp/thumb.php?src=htt ... s.com%2Fbad.php: 1 Time(s)
/wp-content/themes/deliciousmagazine/thumb ... t.net%2Fbad.php: 1 Time(s)
/wp-content/themes/ecobiz/timthumb.php?src ... et%2F%2Fbad.php: 1 Time(s)
/wp-content/themes/ecobiz/timthumb.php?src ... ort.net/bad.php: 1 Time(s)
/wp-content/themes/flashnews/thumb.php?src ... t.net%2Fbad.php: 1 Time(s)
/wp-content/themes/multidesign/scripts/tim ... /result/bat.php: 1 Time(s)
/wp-content/themes/overeasy/thumb.php?src= ... .com//kikok.php: 1 Time(s)
/wp-content/themes/typebased/thumb.php?src ... t.net%2Fbad.php: 1 Time(s)
/wp-content/themes/versatile/timthumb.php? ... com%2Fjahat.php: 4 Time(s)
/wp-content/themes/welcome_inn/thumb.php?s ... om.br%2Fbad.php: 1 Time(s)
/wp-content/themes/welcome_inn/timthumb.ph ... om.ar%2Fbad.php: 1 Time(s)
/wp-login.php: 74 Time(s)
416 Request Range Not Satisfiable
/releases/beta/rpm/Fedora/18/noarch/otopi- ... fc18.noarch.rpm: 1 Time(s)
/releases/nightly/rpm/Fedora/17/noarch/oto ... fc17.noarch.rpm: 1 Time(s)
/releases/nightly/rpm/Fedora/17/repodata/other.xml.gz: 18 Time(s)
/releases/nightly/rpm/Fedora/18/noarch/ovi ... fc18.noarch.rpm: 1 Time(s)
/releases/nightly/rpm/Fedora/18/repodata/filelists.xml.gz: 3 Time(s)
/releases/stable/rpm/Fedora/18/noarch/ovir ... fc18.noarch.rpm: 5 Time(s)
/releases/stable/rpm/Fedora/18/noarch/vdsm ... fc18.noarch.rpm: 2 Time(s)
/releases/stable/rpm/Fedora/18/repodata/filelists.xml.gz: 1 Time(s)
---------------------- httpd End -------------------------
--------------------- pam_unix Begin ------------------------
su-l:
Sessions Opened:
root -> root: 2 Time(s)
sudo-i:
Unknown Entries:
auth could not identify password for [dcaro]: 1 Time(s)
conversation failed: 1 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
1 *Fatal: General fatal
1 *Warning: Startup error
1 *Warning: Pre-queue content-filter connection overload
1 Process exited
13.918M Bytes accepted 14,593,910
286.666M Bytes delivered 300,591,025
======== ================================================
1732 Accepted 89.51%
203 Rejected 10.49%
-------- ------------------------------------------------
1935 Total 100.00%
======== ================================================
198 Reject relay denied 97.54%
5 Reject unknown user 2.46%
-------- ------------------------------------------------
203 Total Rejects 100.00%
======== ================================================
4357 Connections made
3464 Connections lost
4357 Disconnections
1586 Removed from queue
453 Delivered
43735 Sent via SMTP
4 Forwarded
155 Deferred
2772 Deferrals
23 Bounce (remote)
2 Expired and returned to sender
25 DSNs undeliverable
406 Connection failure (outbound)
31 Timeout (inbound)
8 Excessive errors in SMTP commands dialog
9 Hostname verification errors
479 Enabled PIX workaround
4 Postfix refresh
**Unmatched Entries**
1 Feb 20 12:56:19 linode01 postfix/master[1923]: reload -- version 2.6.6, configuration /etc/postfix
1 Feb 20 13:32:00 linode01 postfix/master[1923]: reload -- version 2.6.6, configuration /etc/postfix
1 Feb 20 13:34:20 linode01 postfix/master[1923]: reload -- version 2.6.6, configuration /etc/postfix
1 Feb 20 13:28:25 linode01 postfix/master[1923]: reload -- version 2.6.6, configuration /etc/postfix
---------------------- Postfix End -------------------------
--------------------- Connections (secure-log) Begin ------------------------
New Users:
dcaro (516)
New Groups:
dcaro (516)
---------------------- Connections (secure-log) End -------------------------
--------------------- SSHD Begin ------------------------
Users logging in through sshd:
dcaro:
209.132.186.35 (nat-pool-brq-u.redhat.com): 2 times
eedri:
66.187.237.10 (nat-pool-tlv-t1.redhat.com): 1 time
ekohl:
217.119.231.199 (bogey.xentower.nl): 2 times
gerrit-backup:
107.22.212.69 (gerrit.ovirt.org): 3 times
jenkins:
107.22.215.130 (ec2-107-22-215-130.compute-1.amazonaws.com): 1 time
jslave:
23.20.17.161 (ec2-23-20-17-161.compute-1.amazonaws.com): 63 times
mburns:
24.63.186.29 (c-24-63-186-29.hsd1.vt.comcast.net): 5 times
rydekull:
79.136.69.32 (h-69-32.a165.priv.bahnhof.se): 1 time
194.237.142.3 (internet-gw-ext.ericsson.se): 1 time
Received disconnect:
11: Bye Bye : 371 Time(s)
11: disconnected by user : 20 Time(s)
3: com.jcraft.jsch.JSchException: reject HostKey: 173.255.252.138 : 1 Time(s)
SFTP subsystem requests: 62 Time(s)
**Unmatched Entries**
error: open /dev/tty failed - could not set controlling tty: No such file or directory : 1 time(s)
error: /dev/pts/6: No such file or directory : 1 time(s)
reverse mapping checking getaddrinfo for 111.122.8.96.host.nwnx.net [96.8.122.111] failed - POSSIBLE BREAK-IN ATTEMPT! : 136 time(s)
---------------------- SSHD End -------------------------
--------------------- Sudo (secure-log) Begin ------------------------
==============================================================================
dcaro => root
-------------
/bin/bash - 3 Times.
/bin/rm - 1 Times.
/usr/bin/vim - 1 Times.
==============================================================================
ekohl => root
-------------
/bin/bash - 1 Times.
/usr/bin/passwd - 1 Times.
/usr/sbin/adduser - 1 Times.
==============================================================================
mburns => root
--------------
/bin/cp - 18 Times.
/usr/bin/createrepo - 4 Times.
==============================================================================
rydekull => root
----------------
/bin/su - 2 Times.
**Unmatched Entries**
mburns : (command continued) /home/mburns/vdsm/noarch/vdsm-hook-numa-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-hook-pincpu-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-hook-promisc-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-hook-qemucmdline-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-hook-qos-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-hook-scratchpad-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-hook-smbios-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-hook-sriov-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-hook-vhostmd-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-hook-vmdisk-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-hook-vmfex-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-jsonrpc-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-reg-4.10.3-8.fc18.noarch.rpm /home/mburns/vdsm/noarch/vdsm-tests-4.10.3-8.fc18.noarch.rpm: 1 Time(s)
pam_unix(sudo-i:auth): auth could not identify password for [dcaro]: 1 Time(s)
pam_unix(sudo-i:auth): conversation failed: 1 Time(s)
mburns : (command continued) /home/mburns/vdsm/noarch/vdsm-xmlrpc-4.10.3-8.fc18.noarch.rpm noarch: 1 Time(s)
---------------------- Sudo (secure-log) End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/xvda 48G 45G 2.6G 95% /
/dev/xvda => 95% Used. Warning. Disk Filling up.
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
More information about the Infra
mailing list