Logwatch for lake.auton.cs.cmu.edu (Linux)

punosevac72 at gmail.com punosevac72 at gmail.com
Mon Feb 6 04:48:16 EST 2017 

 ################### Logwatch 7.3.6 (05/19/07) #################### 
        Processing Initiated: Mon Feb  6 04:48:15 2017
        Date Range Processed: yesterday
                              ( 2017-Feb-05 )
                              Period is day.
      Detail Level of Output: 0
              Type of Output: unformatted
           Logfiles for Host: lake.auton.cs.cmu.edu
  ################################################################## 
 
 --------------------- clam-update Begin ------------------------ 

 Last ClamAV update process started at Sun Feb  5 03:27:29 2017
 
 Last Status:
    main.cvd is up to date (version: 57, sigs: 4218790, f-level: 60, builder: amishhammer)
    nonblock_connect: connect timing out (30 secs)
    Can't connect to port 80 of host db.local.clamav.net (IP: 168.143.19.95)
    Trying host db.local.clamav.net (194.8.197.22)...
    Downloading daily-23001.cdiff [100%]
    Downloading daily-23002.cdiff [100%]
    Downloading daily-23003.cdiff [100%]
    Downloading daily-23004.cdiff [100%]
    Downloading daily-23005.cdiff [100%]
    daily.cld updated (version: 23005, sigs: 1508758, f-level: 63, builder: neo)
    bytecode.cld is up to date (version: 290, sigs: 55, f-level: 63, builder: neo)
    [LibClamAV] Detected duplicate databases /var/lib/clamav/main.cld and /var/lib/clamav/main.cvd. The /var/lib/clamav/main.cld database is older and will not be loaded, you should manually remove it from the database directory.
    Database updated (5727603 signatures) from db.local.clamav.net (IP: 194.8.197.22)
 
 ---------------------- clam-update End ------------------------- 

 
 --------------------- OpenVPN Begin ------------------------ 

 
 Ciphers used for Authentication:
    Data Channel:
       Decrypt:
          160 bit SHA1 used 24 Time(s)
       Encrypt:
          160 bit SHA1 used 24 Time(s)
 
 Ciphers used for Encryption:
    Data Channel:
       Decrypt:
          256 bit AES-256-CBC used 24 Time(s)
       Encrypt:
          256 bit AES-256-CBC used 24 Time(s)
 
 **Unmatched Entries**
    Control Channel: TLSv1.2, cipher TLSv1/SSLv3 DHE-RSA-AES256-GCM-SHA384, 1024 bit RSA: 24 Time(s)
    VERIFY OK: depth=0, C=US, ST=PA, L=Pittsburgh, O=Carnegie Mellon University, OU=Auton, CN=areas, name=changeme, emailAddress=predragp at andrew.cmu.edu: 24 Time(s)
    VERIFY OK: depth=1, C=US, ST=PA, L=Pittsburgh, O=Carnegie Mellon University, OU=Auton, CN=changeme, name=changeme, emailAddress=predragp at andrew.cmu.edu: 24 Time(s)
 
 ---------------------- OpenVPN End ------------------------- 

 
 --------------------- pam_unix Begin ------------------------ 

 sshd:
    Authentication Failures:
       igitman (pool-74-111-100-11.pitbpa.fios.verizon.net): 5 Time(s)
       unknown (218.17.179.149): 3 Time(s)
       igitman (igor-ubuntu.wv.cc.cmu.edu): 2 Time(s)
       root (218.17.179.149): 2 Time(s)
       wherland (williams-mbp-4.wv.cc.cmu.edu): 2 Time(s)
       kburleigh (uva-123-102.reshall.berkeley.edu): 1 Time(s)
       root (124.227.113.23): 1 Time(s)
       root (187-163-167-84.static.axtel.net): 1 Time(s)
       root (85.105.71.138): 1 Time(s)
       root (ool-44c61614.dyn.optonline.net): 1 Time(s)
       unknown (150.red-79-145-11.dynamicip.rima-tde.net): 1 Time(s)
       yjchoe (75-151-240-1-pennsylvania.hfc.comcastbusiness.net): 1 Time(s)
    Invalid Users:
       Unknown Account: 9 Time(s)
 
 
 ---------------------- pam_unix End ------------------------- 

 
 --------------------- Postfix Begin ------------------------ 

   14.423K  Bytes accepted                            14,769
   14.423K  Bytes delivered                           14,769
 ========   ================================================
 
        2   Accepted                                 100.00%
 --------   ------------------------------------------------
        2   Total                                    100.00%
 ========   ================================================
 
        2   Removed from queue    
        1   Sent via SMTP         
        1   Forwarded             
 
        1   Connection failure (outbound) 
 
 
 
 ---------------------- Postfix End ------------------------- 

 
 --------------------- Connections (secure-log) Begin ------------------------ 

 
 **Unmatched Entries**
    polkitd(authority=local): Operator of unix-session:/org/freedesktop/ConsoleKit/Session2 FAILED to authenticate to gain authorization for action org.freedesktop.packagekit.system-update for system-bus-name::1.43 [gpk-update-icon] (owned by unix-user:predrag): 1 Time(s)
 
 ---------------------- Connections (secure-log) End ------------------------- 

 
 --------------------- SSHD Begin ------------------------ 

 
 Disconnecting after too many authentication failures for user:
    root : 4 Time(s)
    usuario : 1 Time(s)
 
 Failed logins from:
    68.198.22.20 (ool-44c61614.dyn.optonline.net): 6 times
    85.105.71.138 (85.105.71.138.static.ttnet.com.tr): 6 times
    124.227.113.23: 6 times
    128.237.200.73: 1 time
    187.163.167.84 (187-163-167-84.static.axtel.net): 6 times
    218.17.179.149 (149.179.17.218.broad.sz.gd.dynamic.163data.com.cn): 2 times
 
 Illegal users from:
    79.145.11.150 (150.red-79-145-11.dynamicip.rima-tde.net): 6 times
    218.17.179.149 (149.179.17.218.broad.sz.gd.dynamic.163data.com.cn): 3 times
 
 Users logging in through sshd:
    ckaffine:
       98.239.129.163 (c-98-239-129-163.hsd1.pa.comcast.net): 5 times
    igitman:
       74.111.100.11 (pool-74-111-100-11.pitbpa.fios.verizon.net): 5 times
       128.237.213.209: 2 times
    kburleigh:
       169.229.123.102 (uva-123-102.ResHall.Berkeley.EDU): 1 time
    kkandasa:
       128.2.210.190 (gs13103.sp.cs.cmu.edu): 2 times
    predrag:
       24.154.54.187 (dynamic-acs-24-154-54-187.zoominternet.net): 2 times
    wherland:
       128.237.200.73: 2 times
    yjchoe:
       75.151.240.1 (75-151-240-1-Pennsylvania.hfc.comcastbusiness.net): 1 time
 
 
 Authentication refused:
    bad ownership or modes for file /zfsauton/home/kburleigh/.ssh/authorized_keys : 1 Time(s)
 
 
 Received disconnect:
    11: disconnected by user : 14 Time(s)
 
 Setting tty modes failed:
    Invalid argument : 2 Time(s)
 
 **Unmatched Entries**
 PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=187-163-167-84.static.axtel.net  user=root : 1 time(s)
 error: connect_to localhost port 8891: failed. : 20 time(s)
 PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.105.71.138  user=root : 1 time(s)
 PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=124.227.113.23  user=root : 1 time(s)
 reverse mapping checking getaddrinfo for 149.179.17.218.broad.sz.gd.dynamic.163data.com.cn [218.17.179.149] failed - POSSIBLE BREAK-IN ATTEMPT! : 5 time(s)
 PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=ool-44c61614.dyn.optonline.net  user=root : 1 time(s)
 PAM 5 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=150.red-79-145-11.dynamicip.rima-tde.net  : 1 time(s)
 reverse mapping checking getaddrinfo for 85.105.71.138.static.ttnet.com.tr [85.105.71.138] failed - POSSIBLE BREAK-IN ATTEMPT! : 1 time(s)
 PAM service(sshd) ignoring max retries; 6 > 3 : 5 time(s)
 
 ---------------------- SSHD End ------------------------- 

 
 --------------------- yum Begin ------------------------ 

 
 Packages Updated:
    opus-1.1.3-2.el6.x86_64
 
 ---------------------- yum End ------------------------- 

 
 --------------------- Disk Space Begin ------------------------ 

 Filesystem            Size  Used Avail Use% Mounted on
 /dev/mapper/vg_loom-lv_root
                        50G   38G  9.1G  81% /
 /dev/sda1             477M  216M  236M  48% /boot
 /dev/mapper/vg_loom-lv_home
                       178G   50G  119G  30% /home
 
 
 ---------------------- Disk Space End ------------------------- 

 
 ###################### Logwatch End #########################

More information about the Autonlab-sysinfo mailing list