[CentOS] FW: Logwatch for XXXXXXX.kd4efm.org (Linux)
jarmo
oh1mrr at nic.fi
Fri Oct 26 05:53:26 UTC 2007
Evans F. Mitchell KD4EFM / AFA2TH / WQFK-894 kirjoitti viestissään
(lähetysaika torstai, 25. lokakuuta 2007 18:51):
> Found an error or two from my logwatch report from yesterday,
> thought I would share this in hopes this is just first time
> run of the problem I noticed in the Kernel report section...
>
> Also not sure why there's an issue with automount either....
> but I guess I could ask on that issue as well.
>
> I am not worried about the NAMED error, this is something that
> happens due to one of the services that is installed on the box,
> as it is HAM RADIO related only.
>
> Any feedback? I will be looking for it...
>
> some items will be X'ed for protection reasons.
>
> EFM
>
> -----Original Message-----
> From: logwatch at XXXXXX
> Sent: Thursday, October 25, 2007 4:02 AM
> To: root at XXXXXXXXX
> Subject: Logwatch for XXXXXXX.org (Linux)
>
>
> ################### Logwatch 7.3 (03/24/06) ####################
> Processing Initiated: Thu Oct 25 04:02:02 2007
> Date Range Processed: yesterday
> ( 2007-Oct-24 )
> Period is day.
> Detail Level of Output: 0
> Type of Output: unformatted
> Logfiles for Host: XXXXXXXXXXXX.kd4efm.org
> ##################################################################
>
> --------------------- Selinux Audit Begin ------------------------
>
> Number of audit daemon stops: 1
>
> **Unmatched Entries**
> audit(1193230471.737:2): selinux=0 auid=4294967295
>
> ---------------------- Selinux Audit End -------------------------
>
>
> --------------------- Automount Begin ------------------------
>
>
> **Unmatched Entries**
> lookup_read_master: lookup(nisplus): couldn't locat nis+ table
> auto.master: 1 Time(s)
>
> ---------------------- Automount End -------------------------
>
>
> --------------------- Kernel Begin ------------------------
>
>
> WARNING: Kernel Errors Present
> end_request: I/O error, dev fd0, sector ...: 2 Time(s)
>
> ---------------------- Kernel End -------------------------
I get quite similar error with my cdplayer/burner, but found nothing
dramatic when looked? kernel is latest vanilla.
You are lucky when getting so small logwatch report....
Mine is:
################### Logwatch 7.3 (03/24/06) ####################
Processing Initiated: Fri Oct 26 04:02:03 2007
Date Range Processed: yesterday
( 2007-Oct-25 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: oh1mrr.ampr.org
##################################################################
--------------------- httpd Begin ------------------------
Requests with error response codes
400 Bad Request
/w00tw00t.at.ISC.SANS.DFind:): 1 Time(s)
404 Not Found
/lamentable-amidships.gif: 3 Time(s)
/phpmyadmin/index.php: 1 Time(s)
/tiny_mce/langs/fi.js: 1 Time(s)
/tiny_mce/plugins/cmsimple/editor_plugin.js: 1 Time(s)
/tiny_mce/plugins/emotions/langs/fi.js: 1 Time(s)
/tiny_mce/plugins/insertdatetime/langs/fi.js: 1 Time(s)
/tiny_mce/plugins/paste/langs/fi.js: 1 Time(s)
/tiny_mce/plugins/preview/langs/fi.js: 1 Time(s)
/tiny_mce/plugins/print/langs/fi.js: 1 Time(s)
/tiny_mce/plugins/save/langs/fi.js: 1 Time(s)
/tiny_mce/plugins/searchreplace/langs/fi.js: 1 Time(s)
/tiny_mce/plugins/table/langs/fi.js: 1 Time(s)
/tiny_mce/themes/advanced/images/{$lang_bold_img}: 1 Time(s)
/tiny_mce/themes/advanced/images/{$lang_italic_img}: 1 Time(s)
/tiny_mce/themes/advanced/images/{$lang_underline_img}: 1 Time(s)
/tiny_mce/themes/advanced/langs/fi.js: 1 Time(s)
http://218.10.111.119/lbc.php: 14 Time(s)
http://mail2.663.com.cn/include/prx.php?p= ... DF91E9AD57733E3: 15
Time(s)
---------------------- httpd End -------------------------
--------------------- iptables firewall Begin ------------------------
Logged 948 packets on interface eth1
From 4.227.16.133 - 1 packet to udp(1026)
From 7.207.168.25 - 1 packet to udp(1026)
From 9.23.40.186 - 1 packet to udp(1026)
From 19.149.118.245 - 1 packet to udp(1026)
From 21.132.92.162 - 1 packet to udp(1026)
From 24.231.67.82 - 2 packets to icmp(8)
From 40.87.195.237 - 1 packet to udp(1026)
From 41.30.221.210 - 1 packet to udp(1026)
From 41.208.215.98 - 2 packets to tcp(3306)
From 41.242.179.188 - 1 packet to tcp(3306)
From 53.146.190.52 - 1 packet to udp(1026)
From 56.181.95.236 - 1 packet to udp(1026)
From 58.20.228.52 - 1 packet to udp(1434)
From 58.172.48.65 - 2 packets to tcp(3306)
From 58.247.50.242 - 1 packet to tcp(5168)
From 59.151.208.47 - 2 packets to icmp(8)
From 59.157.208.109 - 1 packet to udp(1026)
From 59.174.207.157 - 1 packet to udp(1026)
From 60.49.230.166 - 2 packets to tcp(445)
From 61.69.44.70 - 1 packet to tcp(3306)
From 61.134.56.18 - 1 packet to udp(1434)
From 62.132.28.229 - 1 packet to udp(1026)
From 62.178.178.7 - 2 packets to icmp(8)
From 63.135.19.133 - 2 packets to icmp(8)
From 64.32.70.158 - 2 packets to icmp(8)
From 64.92.174.75 - 18 packets to icmp(3)
From 64.193.168.185 - 2 packets to icmp(8)
From 66.54.123.82 - 2 packets to icmp(8)
From 66.235.214.239 - 2 packets to tcp(110)
From 69.178.234.12 - 2 packets to tcp(4899)
From 70.69.73.231 - 2 packets to tcp(3306)
From 72.21.40.11 - 27 packets to tcp(44444,44452,44457)
From 72.49.19.7 - 2 packets to icmp(8)
From 72.110.29.158 - 1 packet to udp(1026)
From 74.202.13.30 - 2 packets to tcp(445)
From 74.233.105.14 - 2 packets to icmp(8)
From 75.179.139.140 - 1 packet to udp(1026)
From 79.185.28.117 - 2 packets to icmp(8)
From 80.48.79.153 - 15 packets to tcp(59909)
From 80.54.67.163 - 2 packets to icmp(8)
From 80.83.141.240 - 2 packets to icmp(8)
From 80.171.1.80 - 1 packet to tcp(135)
From 81.149.62.9 - 2 packets to tcp(3306)
From 82.88.202.165 - 2 packets to icmp(8)
From 82.154.4.245 - 2 packets to icmp(8)
From 82.166.13.50 - 4 packets to udp(1026,1027)
From 82.210.145.3 - 2 packets to icmp(8)
From 82.245.99.133 - 2 packets to icmp(8)
From 83.14.145.178 - 2 packets to tcp(139)
From 83.31.202.168 - 2 packets to icmp(8)
From 84.90.200.34 - 2 packets to tcp(3306)
From 85.74.23.207 - 2 packets to tcp(3306)
From 85.177.160.118 - 2 packets to icmp(8)
From 86.20.14.213 - 2 packets to tcp(3306)
From 87.28.250.85 - 2 packets to tcp(2967)
From 87.120.204.38 - 3 packets to tcp(5900)
From 88.77.2.45 - 1 packet to udp(1026)
From 88.112.114.156 - 2 packets to icmp(8)
From 88.146.165.64 - 2 packets to tcp(3306)
From 88.207.4.137 - 2 packets to icmp(8)
From 88.208.217.170 - 32 packets to icmp(3)
From 88.212.79.157 - 1 packet to udp(1026)
From 95.124.31.59 - 1 packet to udp(1026)
From 96.65.214.142 - 1 packet to udp(1026)
From 98.195.120.15 - 1 packet to udp(1026)
From 100.90.207.182 - 1 packet to udp(1026)
From 100.190.11.240 - 1 packet to udp(1026)
From 101.42.17.107 - 1 packet to udp(1026)
From 105.248.183.185 - 1 packet to udp(1026)
From 118.86.195.47 - 1 packet to udp(1026)
From 119.248.105.106 - 1 packet to udp(1026)
From 120.103.76.108 - 1 packet to udp(1026)
From 120.223.230.248 - 1 packet to udp(1026)
From 124.136.109.61 - 2 packets to icmp(8)
From 124.227.231.235 - 2 packets to tcp(135)
From 125.90.55.20 - 1 packet to tcp(135)
From 125.90.55.24 - 1 packet to tcp(135)
From 128.11.72.208 - 1 packet to udp(1026)
From 128.104.176.97 - 1 packet to udp(1026)
From 129.177.16.228 - 18 packets to tcp(33717,33734)
From 130.117.72.42 - 9 packets to tcp(39470)
From 130.117.72.43 - 9 packets to tcp(51459)
From 130.236.100.78 - 30 packets to icmp(3)
From 134.190.236.129 - 1 packet to udp(1026)
From 138.212.221.140 - 1 packet to udp(1026)
From 141.212.196.105 - 1 packet to udp(1026)
From 143.238.180.159 - 1 packet to udp(1026)
From 147.61.196.205 - 1 packet to udp(1026)
From 154.105.87.5 - 1 packet to udp(1026)
From 162.39.250.138 - 2 packets to tcp(8443)
From 173.97.26.181 - 1 packet to udp(1026)
From 174.13.1.102 - 1 packet to udp(1026)
From 177.63.233.77 - 1 packet to udp(1026)
From 179.72.3.9 - 1 packet to udp(1026)
From 187.174.232.150 - 1 packet to udp(1026)
From 188.210.10.212 - 1 packet to udp(1026)
From 189.4.225.106 - 2 packets to tcp(5900)
From 192.121.194.10 - 1 packet to udp(1026)
From 192.150.18.46 - 18 packets to tcp(39998,40013)
From 192.158.152.24 - 1 packet to udp(1026)
From 192.249.68.167 - 1 packet to udp(1026)
From 193.97.159.64 - 1 packet to udp(1026)
From 194.90.118.209 - 1 packet to udp(1026)
From 199.119.233.35 - 1 packet to udp(1026)
From 200.56.223.80 - 2 packets to icmp(8)
From 200.76.138.203 - 2 packets to icmp(8)
From 200.101.77.142 - 2 packets to icmp(8)
From 201.90.229.2 - 2 packets to icmp(8)
From 201.156.110.6 - 1 packet to udp(1026)
From 202.40.222.81 - 2 packets to icmp(8)
From 202.97.238.200 - 37 packets to udp(1026,1027)
From 202.97.238.202 - 18 packets to udp(1026,1027)
From 203.94.243.191 - 1 packet to udp(1434)
From 207.62.105.54 - 2 packets to icmp(8)
From 207.119.41.21 - 1 packet to icmp(8)
From 209.40.236.226 - 2 packets to icmp(8)
From 211.94.189.208 - 3 packets to tcp(5900)
From 212.54.203.210 - 2 packets to tcp(3306)
From 212.86.0.5 - 1 packet to udp(47831)
From 212.86.0.6 - 4 packets to udp(45974,45975,47838,48712)
From 212.178.45.34 - 2 packets to tcp(4899)
From 212.189.250.217 - 1 packet to udp(1026)
From 213.22.195.120 - 4 packets to tcp(2968)
From 213.29.11.170 - 2 packets to tcp(445)
From 213.35.229.40 - 2 packets to tcp(3306)
From 213.41.108.132 - 2 packets to tcp(445)
From 213.123.48.201 - 1 packet to tcp(135)
From 213.123.133.147 - 2 packets to tcp(5900)
From 213.130.7.109 - 1 packet to tcp(2967)
From 213.147.107.234 - 2 packets to tcp(135)
From 213.148.140.150 - 2 packets to tcp(135)
From 213.150.72.140 - 1 packet to tcp(135)
From 213.169.164.251 - 1 packet to tcp(135)
From 213.169.180.45 - 1 packet to tcp(135)
From 213.169.187.160 - 1 packet to tcp(135)
From 213.173.78.202 - 2 packets to tcp(135)
From 213.174.250.174 - 1 packet to tcp(135)
From 213.182.126.222 - 1 packet to tcp(135)
From 213.184.3.142 - 2 packets to tcp(5900)
From 213.184.255.123 - 2 packets to tcp(2967)
From 213.186.241.11 - 10 packets to tcp(135,445)
From 213.186.241.42 - 50 packets to tcp(135,139,445,1433)
From 213.186.246.244 - 1 packet to tcp(135)
From 213.186.249.126 - 23 packets to tcp(135)
From 213.186.249.236 - 16 packets to tcp(135,139,445)
From 213.214.57.216 - 6 packets to tcp(2967)
From 213.245.77.134 - 2 packets to icmp(8)
From 215.185.130.179 - 1 packet to udp(1026)
From 216.135.103.7 - 2 packets to icmp(8)
From 216.199.253.195 - 3 packets to tcp(135)
From 217.164.211.154 - 1 packet to icmp(8)
From 217.195.206.226 - 2 packets to tcp(1433)
From 217.199.190.24 - 2 packets to tcp(110)
From 218.10.111.119 - 21 packets to tcp(3128,8080)
From 218.10.137.141 - 29 packets to udp(1026,1027)
From 218.10.137.142 - 20 packets to udp(1026,1027)
From 218.25.68.163 - 1 packet to udp(1434)
From 218.26.191.171 - 1 packet to udp(1434)
From 218.106.91.25 - 1 packet to udp(1434)
From 218.108.70.246 - 1 packet to udp(1434)
From 218.169.74.106 - 2 packets to icmp(8)
From 219.87.252.80 - 2 packets to icmp(8)
From 219.147.233.30 - 1 packet to udp(1434)
From 219.153.22.95 - 2 packets to tcp(135)
From 219.153.40.153 - 1 packet to tcp(135)
From 219.153.71.5 - 1 packet to tcp(135)
From 219.254.35.210 - 1 packet to tcp(135)
From 220.129.66.76 - 1 packet to icmp(8)
From 220.150.238.54 - 2 packets to tcp(445)
From 220.165.143.37 - 1 packet to udp(1434)
From 220.182.54.124 - 1 packet to udp(1434)
From 221.139.35.78 - 2 packets to tcp(4899)
From 221.208.208.83 - 27 packets to udp(1026,1027)
From 221.208.208.90 - 26 packets to udp(1026,1027)
From 221.208.208.91 - 24 packets to udp(1026,1027)
From 221.208.208.95 - 19 packets to udp(1026,1027)
From 221.208.208.98 - 17 packets to udp(1026,1027)
From 221.208.208.99 - 24 packets to udp(1026,1027)
From 221.208.208.101 - 19 packets to udp(1026,1027)
From 221.208.208.103 - 27 packets to udp(1026,1027)
From 221.208.208.212 - 20 packets to udp(1026,1027)
From 221.209.110.8 - 29 packets to udp(1026,1027)
From 221.209.110.13 - 28 packets to udp(1026,1027)
From 221.209.110.20 - 22 packets to udp(1026,1027)
From 221.209.110.50 - 24 packets to udp(1026,1027)
From 222.108.56.173 - 2 packets to icmp(8)
From 222.171.13.179 - 1 packet to tcp(135)
---------------------- iptables firewall End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
unknown (212.102.0.124): 7 Time(s)
root (200.21.94.116): 3 Time(s)
root (212.102.0.124): 2 Time(s)
root (218.85.133.13): 2 Time(s)
Invalid Users:
Unknown Account: 7 Time(s)
---------------------- pam_unix End -------------------------
--------------------- SSHD Begin ------------------------
Failed logins from:
200.21.94.116: 3 times
212.102.0.124 (shabnet0-124.shabakah.net): 2 times
218.85.133.13: 2 times
Illegal users from:
212.102.0.124 (shabnet0-124.shabakah.net): 7 times
Received disconnect:
11: Bye Bye : 13 Time(s)
Refused incoming connections:
::ffff:212.102.0.124 (::ffff:212.102.0.124): 1 Time(s)
**Unmatched Entries**
pam_succeed_if(sshd:auth): error retrieving information about user admin : 1
time(s)
pam_succeed_if(sshd:auth): error retrieving information about user
stephanie : 1 time(s)
pam_succeed_if(sshd:auth): error retrieving information about user william :
1 time(s)
reverse mapping checking getaddrinfo for shabnet0-124.shabakah.net failed -
POSSIBLE BREAK-IN ATTEMPT! : 9 time(s)
pam_succeed_if(sshd:auth): error retrieving information about user aaron : 1
time(s)
pam_succeed_if(sshd:auth): error retrieving information about user gt05 : 1
time(s)
pam_succeed_if(sshd:auth): error retrieving information about user trash : 1
time(s)
pam_succeed_if(sshd:auth): error retrieving information about user stud : 1
time(s)
---------------------- SSHD End -------------------------
--------------------- XNTPD Begin ------------------------
Time Reset 9 times (total: 44.691858 s average: 4.965762 s)
Total synchronizations 184 (hosts: 3)
---------------------- XNTPD End -------------------------
--------------------- yum Begin ------------------------
Packages Installed:
kernel.i686 2.6.18-8.1.15.el5
Packages Updated:
xfsprogs-devel.i386 2.9.4-1.el5.centos
openssl.i686 0.9.8b-8.3.el5_0.2
xfsdump.i386 2.2.46-1.el5.centos
lirc.i386 0.8.1-1.el5.af
kernel-headers.i386 2.6.18-8.1.15.el5
xfsprogs.i386 2.9.4-1.el5.centos
---------------------- yum End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/hda5 36G 8.1G 26G 24% /
/dev/hdb1 37G 3.3G 32G 10% /home
/dev/hdc1 150G 33G 117G 22% /mrr
---------------------- Disk Space End -------------------------
More information about the CentOS
mailing list