Logwatch for lake.auton.cs.cmu.edu (Linux)
punosevac72 at gmail.com
punosevac72 at gmail.com
Sun Feb 5 03:22:15 EST 2017
################### Logwatch 7.3.6 (05/19/07) ####################
Processing Initiated: Sun Feb 5 03:22:15 2017
Date Range Processed: yesterday
( 2017-Feb-04 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: lake.auton.cs.cmu.edu
##################################################################
--------------------- clam-update Begin ------------------------
Last ClamAV update process started at Sat Feb 4 04:02:28 2017
Last Status:
main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
connect_error: getsockopt(SO_ERROR): fd=5 error=111: Connection refused
Can't connect to port 80 of host db.local.clamav.net (IP: 208.72.56.53)
nonblock_connect: connect timing out (30 secs)
Can't connect to port 80 of host db.local.clamav.net (IP: 172.110.204.67)
Trying host db.local.clamav.net (198.148.78.4)...
Downloading daily-22995.cdiff [100%]
Downloading daily-22996.cdiff [100%]
Downloading daily-22997.cdiff [100%]
Downloading daily-22998.cdiff [100%]
Downloading daily-22999.cdiff [100%]
Downloading daily-23000.cdiff [100%]
daily.cld updated (version: 23000, sigs: 1508067, f-level: 63, builder: neo)
bytecode.cld is up to date (version: 290, sigs: 55, f-level: 63, builder: neo)
[LibClamAV] Detected duplicate databases /var/lib/clamav/main.cld and /var/lib/clamav/main.cvd. The /var/lib/clamav/main.cld database is older and will not be loaded, you should manually remove it from the database directory.
Database updated (5726912 signatures) from db.local.clamav.net (IP: 198.148.78.4)
---------------------- clam-update End -------------------------
--------------------- OpenVPN Begin ------------------------
Ciphers used for Authentication:
Data Channel:
Decrypt:
160 bit SHA1 used 24 Time(s)
Encrypt:
160 bit SHA1 used 24 Time(s)
Ciphers used for Encryption:
Data Channel:
Decrypt:
256 bit AES-256-CBC used 24 Time(s)
Encrypt:
256 bit AES-256-CBC used 24 Time(s)
**Unmatched Entries**
Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA: 24 Time(s)
VERIFY OK: depth=0, C=US, ST=PA, L=Pittsburgh, O=Carnegie Mellon University, OU=Auton, CN=areas, name=changeme, emailAddress=predragp at andrew.cmu.edu: 24 Time(s)
VERIFY OK: depth=1, C=US, ST=PA, L=Pittsburgh, O=Carnegie Mellon University, OU=Auton, CN=changeme, name=changeme, emailAddress=predragp at andrew.cmu.edu: 24 Time(s)
---------------------- OpenVPN End -------------------------
--------------------- pam_unix Begin ------------------------
sshd:
Authentication Failures:
root (13.82.228.23): 9 Time(s)
root (124.227.113.23): 1 Time(s)
root (61.7.177.99): 1 Time(s)
root (89.190.203.54): 1 Time(s)
root (pda291c4f.aicint01.ap.so-net.ne.jp): 1 Time(s)
unknown (112.81.156.100): 1 Time(s)
unknown (77.73.65.164): 1 Time(s)
unknown (c-71-236-135-109.hsd1.or.comcast.net): 1 Time(s)
wherland (pool-173-75-1-236.pitbpa.fios.verizon.net): 1 Time(s)
Invalid Users:
Unknown Account: 13 Time(s)
---------------------- pam_unix End -------------------------
--------------------- Postfix Begin ------------------------
17.167K Bytes accepted 17,579
17.167K Bytes delivered 17,579
======== ================================================
2 Accepted 100.00%
-------- ------------------------------------------------
2 Total 100.00%
======== ================================================
2 Removed from queue
1 Sent via SMTP
1 Forwarded
1 Connection failure (outbound)
---------------------- Postfix End -------------------------
--------------------- SSHD Begin ------------------------
Disconnecting after too many authentication failures for user:
admin : 2 Time(s)
root : 3 Time(s)
Failed logins from:
13.82.228.23: 9 times
61.7.177.99: 6 times
89.190.203.54: 6 times
124.227.113.23: 1 time
218.41.28.79 (pda291c4f.aicint01.ap.so-net.ne.jp): 6 times
Illegal users from:
71.236.135.109 (c-71-236-135-109.hsd1.or.comcast.net): 6 times
77.73.65.164: 1 time
112.81.156.100: 6 times
Users logging in through sshd:
benediktb:
74.98.221.134 (pool-74-98-221-134.pitbpa.fios.verizon.net): 1 time
ckaffine:
98.239.129.163 (c-98-239-129-163.hsd1.pa.comcast.net): 3 times
predrag:
24.154.54.187 (dynamic-acs-24-154-54-187.zoominternet.net): 3 times
wherland:
173.75.1.236 (pool-173-75-1-236.pitbpa.fios.verizon.net): 1 time
Received disconnect:
11: Bye Bye : 9 Time(s)
11: disconnected by user : 7 Time(s)
Setting tty modes failed:
Invalid argument : 2 Time(s)
SFTP subsystem requests: 1 Time(s)
**Unmatched Entries**
PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.81.156.100 : 1 time(s)
PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=c-71-236-135-109.hsd1.or.comcast.net : 1 time(s)
PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=pda291c4f.aicint01.ap.so-net.ne.jp user=root : 1 time(s)
PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=89.190.203.54 user=root : 1 time(s)
PAM service(sshd) ignoring max retries; 6 > 3 : 5 time(s)
PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.7.177.99 user=root : 1 time(s)
---------------------- SSHD End -------------------------
--------------------- yum Begin ------------------------
Packages Updated:
GeoIP-GeoLite-data-2017.01-1.el6.noarch
GeoIP-GeoLite-data-extra-2017.01-1.el6.noarch
---------------------- yum End -------------------------
--------------------- Disk Space Begin ------------------------
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_loom-lv_root
50G 38G 9.2G 81% /
/dev/sda1 477M 216M 236M 48% /boot
/dev/mapper/vg_loom-lv_home
178G 50G 119G 30% /home
---------------------- Disk Space End -------------------------
###################### Logwatch End #########################
More information about the Autonlab-sysinfo
mailing list