659 lines
71 KiB
Plaintext
659 lines
71 KiB
Plaintext
första raden i loggen
|
|
Aug 23 18:39:24 nada fredrik[1713]: Kontrollrad. Syns detta har vi problem...
|
|
Mar 16 21:43:05 kvarnen named[8896]: master 66.23.226.92#53 (source 0.0.0.0#0) deleted from unreachable cache
|
|
Mar 16 21:43:05 kvarnen named[8896]: transfer of 'wahlberg.se/IN' from 66.23.226.92#53: connected using 95.170.86.14#37390
|
|
Mar 17 04:51:05 kvarnen freshclam[485]: Empty script main-56.cdiff, need to download entire database
|
|
Mar 17 04:51:48 kvarnen freshclam[485]: nonblock_recv: recv timing out (30 secs)
|
|
Mar 17 04:51:48 kvarnen freshclam[485]: WARNING: getfile: Download interrupted: Inappropriate ioctl for device (IP: 145.58.29.83)
|
|
Mar 17 04:51:48 kvarnen freshclam[485]: WARNING: Can't download main.cvd from db.local.clamav.net
|
|
Mar 17 04:51:48 kvarnen freshclam[485]: Trying again in 5 secs...
|
|
Mar 17 04:52:54 kvarnen freshclam[485]: Empty script main-56.cdiff, need to download entire database
|
|
Mar 17 04:53:24 kvarnen freshclam[485]: nonblock_recv: recv timing out (30 secs)
|
|
Mar 17 04:53:24 kvarnen freshclam[485]: WARNING: getfile: Error while reading database from db.local.clamav.net (IP: 194.109.6.97): Operation now in progress
|
|
Mar 17 04:53:24 kvarnen freshclam[485]: WARNING: Can't download main.cvd from db.local.clamav.net
|
|
Mar 17 04:53:24 kvarnen freshclam[485]: Trying again in 5 secs...
|
|
Mar 17 04:53:37 kvarnen freshclam[485]: WARNING: getfile: Error while reading database from db.local.clamav.net (IP: 217.19.16.188): Connection reset by peer
|
|
Mar 17 04:53:37 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
|
|
Mar 17 04:53:37 kvarnen freshclam[485]: connect_error: getsockopt(SO_ERROR): fd=4 error=111: Connection refused
|
|
Mar 17 04:54:07 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
|
|
Mar 17 04:54:07 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
|
|
Mar 17 04:54:07 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
|
|
Mar 17 04:54:07 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
|
|
Mar 17 04:54:07 kvarnen freshclam[485]: WARNING: Incremental update failed, trying to download main.cvd
|
|
Mar 17 04:54:37 kvarnen freshclam[485]: connect_error: getsockopt(SO_ERROR): fd=4 error=111: Connection refused
|
|
Mar 17 04:54:37 kvarnen freshclam[485]: WARNING: Can't download main.cvd from db.local.clamav.net
|
|
Mar 17 04:54:37 kvarnen freshclam[485]: Trying again in 5 secs...
|
|
Mar 17 04:54:44 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
|
|
Mar 17 04:54:44 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
|
|
Mar 17 04:54:44 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
|
|
Mar 17 04:54:44 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
|
|
Mar 17 04:54:44 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
|
|
Mar 17 04:54:44 kvarnen freshclam[485]: WARNING: Incremental update failed, trying to download main.cvd
|
|
Mar 17 05:02:18 kvarnen freshclam[485]: nonblock_recv: recv timing out (30 secs)
|
|
Mar 17 05:02:18 kvarnen freshclam[485]: WARNING: getfile: Download interrupted: Inappropriate ioctl for device (IP: 145.58.29.83)
|
|
Mar 17 05:02:18 kvarnen freshclam[485]: WARNING: Can't download main.cvd from db.local.clamav.net
|
|
Mar 17 05:02:18 kvarnen freshclam[485]: Trying again in 5 secs...
|
|
Mar 17 05:02:24 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from db.local.clamav.net
|
|
Mar 17 05:02:24 kvarnen freshclam[485]: ERROR: getpatch: Can't download main-56.cdiff from db.local.clamav.net
|
|
Mar 17 05:02:24 kvarnen freshclam[485]: WARNING: Incremental update failed, trying to download main.cvd
|
|
Mar 17 05:07:21 kvarnen freshclam[485]: nonblock_recv: recv timing out (30 secs)
|
|
Mar 17 05:07:21 kvarnen freshclam[485]: ERROR: getfile: Download interrupted: Inappropriate ioctl for device (IP: 145.58.29.83)
|
|
Mar 17 05:07:21 kvarnen freshclam[485]: ERROR: Can't download main.cvd from db.local.clamav.net
|
|
Mar 17 05:07:21 kvarnen freshclam[485]: Giving up on db.local.clamav.net...
|
|
Mar 17 05:07:22 kvarnen freshclam[485]: WARNING: getpatch: Can't download main-56.cdiff from database.clamav.net
|
|
Mar 17 05:07:22 kvarnen freshclam[485]: ERROR: getpatch: Can't download main-56.cdiff from database.clamav.net
|
|
Mar 17 05:07:22 kvarnen freshclam[485]: WARNING: Incremental update failed, trying to download main.cvd
|
|
Mar 17 05:07:22 kvarnen freshclam[485]: connect_error: getsockopt(SO_ERROR): fd=4 error=111: Connection refused
|
|
Mar 17 05:07:22 kvarnen freshclam[485]: Can't connect to port 80 of host database.clamav.net (IP: 145.58.29.83)
|
|
Mar 17 05:07:22 kvarnen freshclam[485]: Trying host database.clamav.net (213.73.255.243)...
|
|
Mar 17 05:07:52 kvarnen freshclam[485]: Can't connect to port 80 of host database.clamav.net (IP: 213.73.255.243)
|
|
Mar 17 05:07:52 kvarnen freshclam[485]: ERROR: Can't download main.cvd from database.clamav.net
|
|
Mar 17 05:07:52 kvarnen freshclam[485]: Giving up on database.clamav.net...
|
|
Mar 17 05:07:52 kvarnen freshclam[485]: Update failed. Your network may be down or none of the mirrors listed in /etc/clamav/freshclam.conf is working. Check http://www.clamav.net/doc/mirrors-faq.html for possible reasons.
|
|
Mar 17 06:27:00 kvarnen freshclam[485]: Downloading main.cvd [100%]
|
|
Mar 17 06:27:06 kvarnen freshclam[485]: WARNING: getfile: Unknown response from remote server (IP: 145.58.29.83)
|
|
Mar 17 06:30:26 kvarnen freshclam[485]: Update failed. Your network may be down or none of the mirrors listed in /etc/clamav/freshclam.conf is working. Check http://www.clamav.net/doc/mirrors-faq.html for possible reasons.
|
|
Mar 18 20:23:08 kvarnen dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=200.68.99.217, lip=95.170.86.14, session=<y+JQrVcuJwDIRGPZ>
|
|
Mar 20 11:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
|
|
Mar 21 00:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
|
|
Mar 21 01:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
|
|
Mar 21 02:40:01 kvarnen dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=200.68.99.217, lip=95.170.86.14, session=<ZBvPLIUufADIRGPZ>
|
|
Mar 21 02:40:02 kvarnen dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=200.68.99.217, lip=95.170.86.14, session=<vA/kLIUuLADIRGPZ>
|
|
Mar 21 02:40:04 kvarnen dovecot: pop3-login: Aborted login (tried to use disallowed plaintext auth): user=<>, rip=200.68.99.217, lip=95.170.86.14, session=<7uj4LIUuMQDIRGPZ>
|
|
Mar 21 02:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
|
|
Mar 21 03:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
|
|
Mar 21 04:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
|
|
Mar 21 05:52:56 kvarnen freshclam[485]: bytecode.cvd is up to date (version: 275, sigs: 45, f-level: 63, builder: amishhammer)
|
|
Mar 21 05:58:32 kvarnen named[8896]: zone happysthlm.se/IN: refresh: retry limit for master 66.23.226.92#53 exceeded (source 0.0.0.0#0)
|
|
Mar 21 05:58:39 kvarnen named[8896]: transfer of 'happysthlm.se/IN' from 66.23.226.92#53: connected using 95.170.86.14#33872
|
|
Mar 22 13:03:22 kvarnen dovecot: pop3-login: Disconnected (tried to use disallowed plaintext auth): user=<>, rip=218.29.231.21, lip=95.170.86.14, session=<zjjk/6EudwDaHecV>
|
|
Mar 22 13:03:26 kvarnen dovecot: pop3-login: Disconnected (tried to use disallowed plaintext auth): user=<>, rip=218.29.231.21, lip=95.170.86.14, session=<OsoiAKIu3ADaHecV>
|
|
Mar 22 13:03:29 kvarnen dovecot: pop3-login: Disconnected (tried to use disallowed plaintext auth): user=<>, rip=218.29.231.21, lip=95.170.86.14, session=<vGlWAKIu5QDaHecV>
|
|
Mar 22 15:00:30 kvarnen dovecot: imap-login: Aborted login (no auth attempts in 0 secs): user=<>, rip=188.138.1.218, lip=95.170.86.14, session=<ZMLXoqMuFwC8igHa>
|
|
Mar 22 13:31:42 nada sendmail[24653]: gethostbyaddr(127.0.0.2) failed: 1
|
|
Mar 22 18:05:16 nada sshd[29644]: Received disconnect from 91.193.74.7: 11: Bye [preauth]
|
|
Mar 23 02:41:44 nada spamd[19688]: pyzor: check failed: internal error, python traceback seen in response
|
|
Mar 23 05:48:21 nada auth: pam_krb5(dovecot:auth): authentication failure; logname=ammis@lubcke.se uid=0 euid=0 tty=dovecot ruser=ammis@lubcke.se rhost=182.68.167.174
|
|
Mar 23 05:48:21 nada auth: pam_unix(dovecot:auth): check pass; user unknown
|
|
Mar 23 05:48:21 nada auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=ammis@lubcke.se rhost=182.68.167.174
|
|
Mar 23 05:48:25 nada dovecot: imap-login: Aborted login (auth failed, 1 attempts in 4 secs): user=<ammis@lubcke.se>, method=PLAIN, rip=182.68.167.174, lip=66.23.226.92, TLS, session=<rVEJCrAubwC2RKeu>
|
|
Mar 23 07:01:37 nada spamd[14446]: pyzor: check failed: internal error, python traceback seen in response
|
|
Mar 23 10:07:56 nada sm-mta[20809]: u2N97qjp020809: hostby.ankas-group.net [46.161.40.200] (may be forged): possible SMTP attack: command=AUTH, count=5
|
|
Mar 23 07:34:37 kvarnen sshd[25479]: Disconnecting: Change of username or service not allowed: (vmware,ssh-connection) -> (a,ssh-connection) [preauth]
|
|
Mar 23 09:24:01 kvarnen sshd[19594]: Disconnecting: Change of username or service not allowed: (suser,ssh-connection) -> (user,ssh-connection) [preauth]
|
|
Mar 23 13:36:12 nada spamd[3731]: pyzor: check failed: internal error, python traceback seen in response
|
|
Mar 23 19:49:48 nada auth: pam_krb5(dovecot:auth): authentication failure; logname=petter@lidberg.se uid=0 euid=0 tty=dovecot ruser=petter@lidberg.se rhost=187.131.22.215
|
|
Mar 23 19:49:48 nada auth: pam_unix(dovecot:auth): check pass; user unknown
|
|
Mar 23 19:49:48 nada auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=petter@lidberg.se rhost=187.131.22.215
|
|
Mar 23 19:49:52 nada dovecot: imap-login: Aborted login (auth failed, 1 attempts in 4 secs): user=<petter@lidberg.se>, method=PLAIN, rip=187.131.22.215, lip=66.23.226.92, TLS, session=<K0NMy7sukQC7gxbX>
|
|
Mar 24 02:08:41 nada named[5002]: client 192.42.132.103#45345: notify question section contains no SOA
|
|
Mar 24 11:06:17 kvarnen sshd[5495]: channel 4: open failed: administratively prohibited: open failed
|
|
Mar 24 11:06:21 kvarnen sshd[5495]: channel 4: open failed: administratively prohibited: open failed
|
|
Mar 24 13:04:10 nada dovecot: imap(ninnie): Warning: Subscriptions file /home/ninnie/Maildir/subscriptions: Removing invalid entry: mail/sent-mail
|
|
Mar 24 13:04:10 nada dovecot: imap(ninnie): Warning: Subscriptions file /home/ninnie/Maildir/subscriptions: Removing invalid entry: mail/Trash
|
|
Mar 24 13:04:10 nada dovecot: imap(ninnie): Warning: Subscriptions file /home/ninnie/Maildir/subscriptions: Removing invalid entry: mail/Drafts
|
|
Mar 24 13:04:10 nada dovecot: imap(ninnie): Warning: Subscriptions file /home/ninnie/Maildir/subscriptions: Removing invalid entry: mail/mormors 100-&AOU-rsdag
|
|
Mar 24 14:05:39 nada sshd[16936]: Received disconnect from 91.193.74.7: 11: Bye [preauth]
|
|
Mar 24 18:13:26 nada auth: pam_krb5(dovecot:auth): authentication failure; logname=fredmiranda@mc-cabe.com uid=0 euid=0 tty=dovecot ruser=fredmiranda@mc-cabe.com rhost=41.105.13.141
|
|
Mar 24 18:13:26 nada auth: pam_unix(dovecot:auth): authentication failure; logname= uid=0 euid=0 tty=dovecot ruser=fredmiranda@mc-cabe.com rhost=41.105.13.141
|
|
Mar 25 05:10:17 nada sm-mta[16638]: u2P0LqlN016638: Milter (greylist): write(Q) returned -1, expected 5: Broken pipe
|
|
Mar 25 05:10:17 nada sm-mta[16638]: u2P0LqlN016638: Milter (greylist): to error state
|
|
Mar 25 05:10:17 nada sm-mta[16638]: u2P0LqlN016638: Milter (spamassassin): write(Q) returned -1, expected 5: Broken pipe
|
|
Mar 25 05:10:17 nada sm-mta[16638]: u2P0LqlN016638: Milter (spamassassin): to error state
|
|
Mar 25 05:10:17 nada sm-mta[16638]: u2P0LqlN016638: Milter (clamav): write(Q) returned -1, expected 5: Broken pipe
|
|
Mar 25 05:10:17 nada sm-mta[16638]: u2P0LqlN016638: Milter (clamav): to error state
|
|
Mar 25 19:44:04 nada sshd[20872]: Received disconnect from 91.193.74.33: 11: Bye [preauth]
|
|
Mar 26 06:57:05 nada spamd[10050]: spamd: server hit by SIGHUP, restarting
|
|
Mar 26 06:57:05 nada spamd[10050]: spamd: child [20105] killed successfully: interrupted, signal 2 (0002)
|
|
Mar 26 06:57:05 nada spamd[10050]: spamd: child [23926] killed successfully: interrupted, signal 2 (0002)
|
|
Mar 26 06:57:05 nada spamd.pid[10050]: spamd: restarting using '/usr/sbin/spamd --create-prefs --max-children 5 --helper-home-dir --user-config -d --pidfile=/var/run/spamd.pid'
|
|
Mar 26 06:57:06 nada spamd[17910]: server socket setup failed, retry 1: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
|
|
Mar 26 06:57:07 nada spamd[17910]: server socket setup failed, retry 2: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
|
|
Mar 26 06:57:08 nada spamd[17910]: server socket setup failed, retry 3: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
|
|
Mar 26 06:57:09 nada spamd[17905]: spamd: server started on port 783/tcp (running version 3.3.2)
|
|
Mar 26 06:57:09 nada spamd[17910]: server socket setup failed, retry 4: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
|
|
Mar 26 06:57:10 nada spamd[17910]: server socket setup failed, retry 5: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
|
|
Mar 26 06:57:11 nada spamd[17910]: server socket setup failed, retry 6: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
|
|
Mar 26 06:57:12 nada spamd[17910]: server socket setup failed, retry 7: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
|
|
Mar 26 06:57:13 nada spamd[17910]: server socket setup failed, retry 8: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
|
|
Mar 26 06:57:14 nada spamd[17910]: server socket setup failed, retry 9: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
|
|
Mar 26 06:57:15 nada spamd[17910]: spamd: could not create INET socket on 127.0.0.1:783: Address already in use
|
|
Mar 26 16:18:46 nada sshd[3298]: Received disconnect from 91.193.74.33: 11: Bye [preauth]
|
|
Mar 26 18:09:14 nada monit[5075]: 'localhost' 'localhost' cpu wait usage check succeeded [current cpu wait usage=0.0%]
|
|
Mar 26 21:45:26 nada named[5002]: validating @0xb82ba940: . NS: got insecure response; parent indicates it should be secure
|
|
Mar 26 21:45:26 nada named[5002]: managed-keys-zone ./IN: No DNSKEY RRSIGs found for '.': success
|
|
Mar 26 22:10:17 nada dovecot: pop3(ammis): Connection closed top=0/0, retr=29/1819516, del=0/73, size=4433634
|
|
Mar 26 18:09:14 nada monit[5075]: 'localhost' 'localhost' cpu wait usage check succeeded [current cpu wait usage=0.0%]
|
|
Mar 26 21:45:26 nada named[5002]: validating @0xb82ba940: . NS: got insecure response; parent indicates it should be secure
|
|
Mar 26 21:45:26 nada named[5002]: managed-keys-zone ./IN: No DNSKEY RRSIGs found for '.': success
|
|
Mar 26 22:10:17 nada dovecot: pop3(ammis): Connection closed top=0/0, retr=29/1819516, del=0/73, size=4433634
|
|
Mar 27 06:31:18 nada monit[5075]: 'clamav-milter' process PID changed from 26461 to 14050
|
|
Mar 27 06:33:18 nada monit[5075]: 'clamav-milter' process PID has not changed since last cycle
|
|
Mar 27 10:28:35 nada sshd[2326]: Received disconnect from 91.193.74.33: 11: Bye [preauth]
|
|
Mar 27 10:28:38 nada sshd[2328]: Received disconnect from 91.193.74.33: 11: Bye [preauth]
|
|
Mar 27 22:21:47 nada sm-mta[3607]: u2RKLiXq003607: ruleset=check_rcpt, arg1=eax_64@yahoo.com, relay=125-227-60-218.HINET-IP.hinet.net [125.227.60.218] (may be forged), reject=550 5.7.1 eax_64@yahoo.com... Relaying denied. IP name possibly forged [125.227.60.218]
|
|
Mar 28 06:34:18 nada sshd[16291]: Received disconnect from 91.193.74.33: 11: Bye [preauth]
|
|
Mar 28 10:48:05 nada spamd[17905]: prefork: server reached --max-children setting, consider raising it
|
|
Mar 30 03:49:50 nada sshd[9974]: Received disconnect from 125.212.232.159: 11: Closed due to user request. [preauth]
|
|
Mar 30 13:04:11 nada sm-mta[30164]: STARTTLS=client, relay=mailgw.swip.net., field=cn_subject, status=failed to extract CN
|
|
Mar 30 14:57:07 nada sshd[8420]: error: PAM: Cannot make/remove an entry for the specified session for illegal user admin from d5152db40.static.telenet.be
|
|
Mar 30 14:57:09 nada sshd[8420]: error: PAM: Cannot make/remove an entry for the specified session for illegal user admin from d5152db40.static.telenet.be
|
|
Mar 30 15:36:53 nada sm-mta[12291]: u2U9XkgT020620: u2UDarTR012291: sender notify: Warning: could not send message for past 4 hours
|
|
Mar 30 19:01:40 nada sm-mta[30590]: u2UGiH7o030590: collect: premature EOM: No route to host
|
|
Mar 30 20:47:04 nada sm-mta[9603]: STARTTLS=client, relay=mail-gw01.fsdata.se., version=TLSv1/SSLv3, verify=FAIL, cipher=RC4-SHA, bits=128/128
|
|
Mar 30 20:59:38 nada dovecot: imap(katarina): Disconnected: Disconnected in=139 out=8902
|
|
Apr 1 06:03:28 nada dovecot: imap(gregory): Disconnected: Disconnected in=219 out=22999
|
|
Apr 4 01:58:18 nada sm-mta[23839]: u33Nw9KS023839: Milter: to=webmex@hotmail.com%nada.wahlberg.se, reject=451 4.7.1 Greylisting in action, please come back later
|
|
Apr 3 12:26:03 nada sshd[15236]: Received disconnect from 125.212.232.83: 11: Closed due to user request. [preauth]
|
|
Apr 3 10:49:36 nada named[5002]: managed-keys-zone ./IN: Unable to fetch DNSKEY set 'dlv.isc.org': SERVFAIL
|
|
Apr 2 22:49:14 nada named[5002]: managed-keys-zone ./IN: Unable to fetch DNSKEY set 'dlv.isc.org': SERVFAIL
|
|
Apr 2 22:58:50 nada sshd[3878]: Received disconnect from 91.197.232.30: 11: Bye [preauth]
|
|
Apr 2 06:38:03 nada spamd[16362]: rules: failed to run NO_DNS_FOR_FROM RBL test, skipping:
|
|
Apr 5 22:05:33 nada sshd[14320]: Received disconnect from 91.197.232.30: 11: Bye [preauth]
|
|
Apr 5 22:05:35 nada sshd[14322]: Received disconnect from 91.197.232.30: 11: Bye [preauth]
|
|
Apr 6 15:59:18 nada sshd[17076]: Received disconnect from 91.197.232.30: 11: Bye [preauth]
|
|
Apr 6 15:59:21 nada sshd[17078]: Received disconnect from 91.197.232.30: 11: Bye [preauth]
|
|
Apr 6 17:17:53 nada dovecot: imap(gertie): Disconnected in APPEND (1 msgs, 0 secs, 0/44908 bytes) in=884034 out=368982
|
|
Apr 7 05:56:43 kvarnen sshd[2034]: error: Received disconnect from 212.83.191.8: 3: com.jcraft.jsch.JSchException: Auth fail [preauth]
|
|
Apr 7 13:59:42 nada sshd[19013]: Received disconnect from 2.234.148.20: 11: ok [preauth]
|
|
Apr 9 09:51:26 nada sm-mta[6169]: u397pP13006169: rejecting commands from [113.240.250.156] [113.240.250.156] due to pre-greeting traffic after 1 seconds
|
|
Apr 8 19:43:15 kvarnen freshclam[485]: Empty script bytecode-276.cdiff, need to download entire database
|
|
Apr 8 19:43:15 kvarnen freshclam[485]: Downloading bytecode.cvd [100%]
|
|
Apr 8 19:43:15 kvarnen freshclam[485]: bytecode.cvd updated (version: 276, sigs: 46, f-level: 63, builder: amishhammer)
|
|
Apr 10 20:46:18 nada sshd[6046]: pam_unix(sshd:auth): conversation failed
|
|
Apr 10 20:50:19 nada sshd(pam_google_authenticator)[6490]: Trying to reuse a previously used time-based code. Retry again in 30 seconds. Warning! This might mean, you are currently subject to a man-in-the-middle attack.
|
|
Apr 10 20:50:33 nada sshd[6491]: pam_unix(sshd:auth): conversation failed
|
|
Apr 10 20:50:44 nada sshd(pam_google_authenticator)[6494]: Trying to reuse a previously used time-based code. Retry again in 30 seconds. Warning! This might mean, you are currently subject to a man-in-the-middle attack.
|
|
Apr 10 20:50:57 nada sshd(pam_google_authenticator)[6501]: Trying to reuse a previously used time-based code. Retry again in 30 seconds. Warning! This might mean, you are currently subject to a man-in-the-middle attack.
|
|
Apr 10 20:50:58 nada sshd[6501]: pam_unix(sshd:auth): conversation failed
|
|
Apr 11 15:54:13 nada named[5002]: validating @0xb83c76e0: . NS: got insecure response; parent indicates it should be secure
|
|
Apr 13 09:42:28 kvarnen saslauthd[620]: pam_unix(:auth): check pass; user unknown
|
|
Apr 13 09:42:28 kvarnen saslauthd[620]: pam_unix(:auth): authentication failure; logname= uid=0 euid=0 tty= ruser= rhost=
|
|
Apr 13 09:42:29 kvarnen saslauthd[620]: do_auth : auth failure: [user=test] [service=] [realm=] [mech=pam] [reason=PAM auth error]
|
|
Apr 14 11:05:05 nada sm-mta[15662]: u3E955KV015662: li1068-122.members.linode.com [106.184.3.122]: probable open proxy: command=GET http://www.ipip.net/ HTTP/1.1\r\n
|
|
Apr 15 10:19:48 nada sm-mta[23177]: u3F8JhXs023173: u3F8JmXr023177: DSN: Service unavailable
|
|
Apr 15 10:25:06 nada sm-mta[23906]: u3F8P26J023665: u3F8P66I023906: DSN: Service unavailable
|
|
Apr 15 17:29:00 nada sm-mta[687]: u3FFSq2F000687: collect: premature EOM: Connection reset by 99-198-26-191.cust.wildblue.net
|
|
Apr 15 19:27:33 nada saslauthd[1732]: do_auth : auth failure: [user=backuppc ] [service=smtp] [realm=wahlberg.se] [mech=shadow] [reason=Unknown]
|
|
Apr 18 09:23:16 nada saslauthd[1734]: do_auth : auth failure: [user=backuppc ] [service=smtp] [realm=wahlberg.se] [mech=shadow] [reason=Unknown]
|
|
Apr 18 11:07:40 nada sm-mta[22391]: u3I87Z3E022391: collect: premature EOM: Connection timed out with rs-mta-31.anpdm.com
|
|
Apr 18 18:27:55 nada sm-mta[6940]: u3IGRtDq006940: li1068-122.members.linode.com [106.184.3.122]: probable open proxy: command=GET http://www.ipip.net/ HTTP/1.1\r\n
|
|
Apr 19 21:14:31 nada suhosin[28060]: ALERT - ASCII-NUL chars not allowed within request variables - dropped variable 'file' (attacker '62.210.203.159', file '/home/happysthlm/www.happysthlm.se/index.php')
|
|
Apr 20 12:25:05 nada dovecot: imap(kajsa): Disconnected: EOF while appending in=413894 out=733
|
|
Apr 20 15:10:44 nada sm-mta[5182]: u3KDAiZT005182: li1068-122.members.linode.com [106.184.3.122]: probable open proxy: command=GET / HTTP/1.1\r\n
|
|
Apr 20 15:10:50 nada sm-mta[5183]: u3KDAo2M005183: li1068-122.members.linode.com [106.184.3.122]: probable open proxy: command=GET http://www.ipip.net/ HTTP/1.1\r\n
|
|
Apr 21 16:11:24 nada sshd[20234]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=host.94.220.181.95.rev.numer.gy user=root
|
|
Apr 21 22:40:41 nada saslauthd[1732]: do_auth : auth failure: [user=backuppc ] [service=smtp] [realm=wahlberg.se] [mech=shadow] [reason=Unknown]
|
|
Apr 22 14:23:22 nada sshd[19599]: subsystem request for sftp by user petter
|
|
Apr 23 21:41:58 nada saslauthd[1735]: do_auth : auth failure: [user=backuppc ] [service=smtp] [realm=wahlberg.se] [mech=shadow] [reason=Unknown]
|
|
Apr 27 00:44:20 nada spamd[23159]: razor2: razor2 check failed: Invalid argument razor2: razor2 had unknown error during get_server_info at /usr/share/perl5/Mail/SpamAssassin/Plugin/Razor2.pm line 185. at /usr/share/perl5/Mail/SpamAssassin/Plugin/Razor2.pm line 325.
|
|
Apr 27 14:28:26 nada dovecot: pop3(kajsa): Disconnected for inactivity top=0/0, retr=0/0, del=0/67, size=5179534
|
|
Apr 27 12:36:48 kvarnen sshd[26292]: Bad protocol version identification 'GET / HTTP/1.1' from 106.184.2.29 port 63976
|
|
Apr 27 12:36:56 kvarnen sshd[26293]: Bad protocol version identification 'GET http://clientapi.ipip.net/echo.php?info=20160427185402 HTTP/1.1' from 106.184.2.29 port 7680
|
|
Apr 28 06:41:57 nada sm-mta[11484]: u3S4fvP5011484: li1068-122.members.linode.com [106.184.3.122]: probable open proxy: command=GET / HTTP/1.1\r\n
|
|
May 11 01:17:42 kvarnen sshd[14739]: fatal: Unable to negotiate a key exchange method [preauth]
|
|
May 10 19:21:13 nada sshd[5327]: subsystem request for sftp by user petter
|
|
May 10 13:57:54 nada dovecot: pop3(kajsa): Disconnected for inactivity top=0/0, retr=0/0, del=0/91, size=19989948
|
|
May 9 21:06:23 nada sm-mta[8993]: u49J6NYD008993: li1068-122.members.linode.com [106.184.3.122]: probable open proxy: command=GET / HTTP/1.1\r\n
|
|
May 6 11:19:15 kvarnen sshd[24101]: fatal: Unable to negotiate a key exchange method [preauth]
|
|
May 5 10:08:49 nada sshd[4523]: fatal: no hostkey alg [preauth]
|
|
May 3 16:54:08 nada spamd[18801]: razor2: razor2 check failed: Invalid argument razor2: razor2 had unknown error during get_server_info at /usr/share/perl5/Mail/SpamAssassin/Plugin/Razor2.pm line 185. at /usr/share/perl5/Mail/SpamAssassin/Plugin/Razor2.pm line 325.
|
|
May 11 19:13:29 nada sshd[10882]: input_userauth_request: invalid user ai_luat [preauth]
|
|
May 11 19:13:29 nada sshd[10882]: pam_krb5(sshd:auth): authentication failure; logname=ai_luat uid=0 euid=0 tty=ssh ruser= rhost=218.200.188.213
|
|
May 13 16:59:50 kvarnen sshd[21380]: Bad protocol version identification '' from 171.13.14.52 port 59637
|
|
May 14 10:15:47 nada sshd[26005]: Received disconnect from 115.239.230.223: 11: disconnect [preauth]
|
|
May 15 03:18:15 nada sshd[23461]: input_userauth_request: invalid user .php [preauth]
|
|
May 15 03:18:15 nada sshd[23461]: pam_krb5(sshd:auth): authentication failure; logname=.php uid=0 euid=0 tty=ssh ruser= rhost=59.0.85.43
|
|
May 27 23:53:37 nada sshd[499]: input_userauth_request: invalid user tbs\\r [preauth]
|
|
May 27 23:53:37 nada sshd[499]: pam_krb5(sshd:auth): authentication failure; logname=tbs#015 uid=0 euid=0 tty=ssh ruser= rhost=58.117.82.210
|
|
May 28 00:22:32 nada sshd[4355]: input_userauth_request: invalid user oliver\\r [preauth]
|
|
May 28 00:22:32 nada sshd[4355]: pam_krb5(sshd:auth): authentication failure; logname=oliver#015 uid=0 euid=0 tty=ssh ruser= rhost=58.117.82.210
|
|
Jun 25 12:58:28 kvarnen freshclam[15554]: WARNING: getfile: Unknown response from db.local.clamav.net (IP: 145.58.29.83)
|
|
Jun 25 16:58:32 kvarnen freshclam[15554]: WARNING: getfile: daily-21788.cdiff not found on db.local.clamav.net (IP: 217.19.16.188)
|
|
Jun 25 17:16:28 nada sshd[7066]: input_userauth_request: invalid user secret\\r [preauth]
|
|
Jun 25 17:26:26 nada sshd[7935]: input_userauth_request: invalid user user\\r [preauth]
|
|
Aug 16 19:28:06 nada sshd[12135]: Postponed keyboard-interactive/pam for invalid user admin from 75.149.180.141 port 65264 ssh2 [preauth]
|
|
Aug 16 21:57:30 nada sshd[26976]: Postponed keyboard-interactive/pam for invalid user support from 103.207.36.244 port 59302 ssh2 [preauth]
|
|
Aug 17 10:52:11 nada sshd[24804]: Received disconnect from 89.97.55.33: 11: disconnected by user [preauth]
|
|
Aug 23 06:06:16 nada suhosin[4003]: ALERT - configured GET variable value length limit exceeded - dropped variable 'page' (attacker '216.172.189.152', file '/home/fredrik/www.wahlis.com/dnsupdate/man.php')
|
|
Oct 13 08:31:17 kvarnen systemd[1]: Starting Cleanup of Temporary Directories...
|
|
Oct 13 08:31:17 kvarnen systemd[1]: Started Cleanup of Temporary Directories.
|
|
Aug 23 18:39:24 nada saslauthd[1713]: do_request : NULL login received
|
|
Oct 24 06:04:11 nada sm-mta[7813]: STARTTLS=client, error: connect failed=-1, SSL_error=1, errno=0, retry=-1
|
|
Oct 24 06:04:11 nada sm-mta[7813]: STARTTLS=client: 7813:error:1407741A:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert decode error:s23_clnt.c:757:
|
|
Oct 24 06:04:11 nada sm-mta[7813]: ruleset=tls_server, arg1=SOFTWARE, relay=mail.adlibris.com, reject=403 4.7.0 TLS handshake failed.
|
|
Oct 24 06:33:25 nada sshd[10577]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-68-161-233-215.ny325.east.verizon.net user=lp
|
|
Oct 24 17:54:12 nada sm-mta[11900]: STARTTLS=client: 11900:error:1407741A:SSL routines:SSL23_GET_SERVER_HELLO:tlsv1 alert decode error:s23_clnt.c:757:
|
|
Nov 3 00:10:37 nada sshd[29893]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=host26-153-static.37-88-b.business.telecomitalia.it user=root
|
|
Nov 3 03:00:15 nada sshd[12808]: PAM 2 more authentication failures; logname= uid=0 euid=0 tty=ssh ruser= rhost=static-200-105-158-166.acelerate.net user=root
|
|
Feb 28 06:10:08 nada sshd[15753]: Disconnecting: Too many authentication failures for support [preauth]
|
|
Feb 28 08:37:12 nada sshd[30563]: Disconnecting: Too many authentication failures for mother [preauth]
|
|
Feb 28 11:10:33 nada sshd[15274]: Disconnecting: Too many authentication failures for usuario [preauth]
|
|
Feb 28 11:29:39 nada sshd[17072]: Disconnecting: Too many authentication failures for admin [preauth]
|
|
Feb 27 16:45:52 nada sshd[2023]: Received disconnect from 74.208.146.17: 3: com.jcraft.jsch.JSchException: Auth cancel [preauth]
|
|
Feb 28 03:09:57 nada sshd[30462]: Received disconnect from 47.89.188.218: 3: com.jcraft.jsch.JSchException: Auth cancel [preauth]
|
|
Mar 1 09:28:37 nada sshd[4919]: Postponed keyboard-interactive/pam for root from 218.65.30.43 port 23516 ssh2 [preauth]
|
|
Mar 1 09:28:40 nada sshd[4919]: Postponed keyboard-interactive/pam for root from 218.65.30.43 port 23516 ssh2 [preauth]
|
|
Mar 1 09:28:43 nada sshd[4919]: Postponed keyboard-interactive/pam for root from 218.65.30.43 port 23516 ssh2 [preauth]
|
|
Mar 1 09:29:01 nada sshd[4939]: Postponed keyboard-interactive/pam for root from 218.65.30.43 port 58713 ssh2 [preauth]
|
|
Mar 1 03:03:26 nada sshd[28313]: fatal: Write failed: Broken pipe [preauth]
|
|
Mar 2 07:21:44 nada spamc[16024]: connect to spamd on 127.0.0.1 failed, retrying (#1 of 3): Connection refused
|
|
Mar 2 14:16:53 marconi sshd[4282]: Connection closed by 163.172.210.106 port 56708 [preauth]
|
|
Mar 2 13:42:26 marconi sshd[25003]: Received disconnect from 155.4.131.66 port 2983:11: disconnected by user
|
|
Mar 2 13:42:26 marconi sshd[25003]: Disconnected from 155.4.131.66 port 2983
|
|
Mar 2 17:16:35 marconi systemd-logind[1241]: New session 85612 of user fredrik.
|
|
Mar 2 17:16:35 marconi systemd-logind[1241]: Removed session 85603.
|
|
Mar 2 16:25:24 marconi dhclient[22777]: bound to 192.168.1.118 -- renewal in 30618 seconds.
|
|
Mar 2 17:00:04 marconi sshd[31419]: Received disconnect from 116.31.116.18 port 20137:11: [preauth]
|
|
Mar 2 13:32:26 marconi sshd[21878]: Received disconnect from 155.4.131.66 port 2982:11: disconnected by user
|
|
Mar 2 13:26:35 marconi sshd[22990]: Accepted publickey for fredrik from 155.4.131.66 port 2984 ssh2: RSA SHA256:nN4hIQerkj/cftGXDuAmeiduRLomIKBSxT0ssoPTysc
|
|
Mar 2 14:05:55 marconi sshd[1776]: Disconnected from 116.31.116.18 port 61532 [preauth]
|
|
Mar 2 14:16:35 marconi sshd[1828]: Disconnected from 155.4.131.66 port 2982
|
|
Mar 2 17:04:13 marconi sshd[1368]: Disconnecting: Too many authentication failures [preauth]
|
|
Mar 2 13:25:14 marconi smartd[17895]: Device: /dev/sdc [SAT], 1 Currently unreadable (pending) sectors
|
|
Mar 2 13:25:14 marconi smartd[17895]: Device: /dev/sdc [SAT], 1 Offline uncorrectable sectors
|
|
Mar 2 13:25:14 marconi smartd[17895]: Device: /dev/sdc [SAT], Failed SMART usage Attribute: 184 End-to-End_Error.
|
|
Mar 2 16:25:24 marconi dhclient[22777]: DHCPACK of 192.168.1.118 from 192.168.1.1
|
|
Mar 2 16:25:24 marconi dhclient[22777]: DHCPREQUEST of 192.168.1.118 on enp4s0 to 192.168.1.1 port 67 (xid=0x74f7120)
|
|
Mar 2 17:00:24 marconi sshd[556]: Connection reset by 119.147.115.37 port 1841 [preauth]
|
|
Mar 2 14:07:17 marconi sshd[1863]: Received disconnect from 116.31.116.18 port 60507:11: [preauth]
|
|
Mar 2 14:16:35 marconi sshd[1828]: Received disconnect from 155.4.131.66 port 2982:11: disconnected by user
|
|
Mar 2 14:06:35 marconi sshd[1797]: Accepted publickey for fredrik from 155.4.131.66 port 2982 ssh2: RSA SHA256:nN4hIQerkj/cftGXDuAmeiduRLomIKBSxT0ssoPTysc
|
|
Mar 2 14:12:26 marconi sshd[679]: Received disconnect from 155.4.131.66 port 2983:11: disconnected by user
|
|
Mar 2 14:16:51 marconi sshd[4277]: Connection closed by 163.172.210.106 port 14388 [preauth]
|
|
Mar 2 17:07:35 marconi sshd[2635]: Connection reset by 119.147.115.37 port 1070 [preauth]
|
|
Mar 2 16:26:52 marconi sshd[22218]: Connection reset by 119.147.115.37 port 4993 [preauth]
|
|
Mar 2 14:12:26 marconi sshd[679]: Disconnected from 155.4.131.66 port 2983
|
|
Mar 2 17:04:13 marconi sshd[1368]: error: maximum authentication attempts exceeded for root from 39.173.242.89 port 61397 ssh2 [preauth]
|
|
Mar 2 14:02:26 marconi sshd[648]: Accepted publickey for fredrik from 155.4.131.66 port 2983 ssh2: RSA SHA256:nN4hIQerkj/cftGXDuAmeiduRLomIKBSxT0ssoPTysc
|
|
Mar 2 16:25:24 marconi nm-dispatcher: req:1 'dhcp4-change' [enp4s0]: new request (1 scripts)
|
|
Mar 2 16:25:24 marconi nm-dispatcher: req:1 'dhcp4-change' [enp4s0]: start running ordered scripts...
|
|
Mar 2 13:31:22 marconi sshd[24935]: error: maximum authentication attempts exceeded for root from 14.155.151.175 port 49156 ssh2 [preauth]
|
|
Mar 2 13:23:45 marconi systemd[1]: Started CUPS Scheduler.
|
|
Mar 2 16:25:24 marconi systemd[1]: Started Network Manager Script Dispatcher Service.
|
|
Mar 2 17:16:35 marconi systemd[1]: Started Session 85612 of user fredrik.
|
|
Mar 2 16:25:24 marconi systemd[1]: Starting Network Manager Script Dispatcher Service...
|
|
Mar 2 13:32:26 marconi sshd[21878]: Disconnected from 155.4.131.66 port 2982
|
|
Mar 2 13:31:22 marconi sshd[24935]: Disconnecting: Too many authentication failures [preauth]
|
|
Mar 2 16:25:24 marconi dbus[1185]: [system] Activating via systemd: service name='org.freedesktop.nm_dispatcher' unit='dbus-org.freedesktop.nm-dispatcher.service'
|
|
Mar 2 16:25:24 marconi dbus[1185]: [system] Successfully activated service 'org.freedesktop.nm_dispatcher'
|
|
Mar 2 16:48:02 marconi telldusd: Execute a TellStick Action for device 1
|
|
Mar 2 16:49:02 marconi telldusd: Execute a TellStick Action for device 2
|
|
Mar 2 16:48:02 marconi telldusd: Execute a TellStick Action for device 3
|
|
Mar 2 20:18:14 marconi sshd[31811]: Received disconnect from 72.167.13.11 port 32867:11: Bye Bye [preauth]
|
|
Mar 2 20:33:25 marconi sshd[3723]: fatal: Unable to negotiate with 103.207.39.105 port 59502: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth]
|
|
Mar 2 20:51:23 marconi sshd[8330]: error: maximum authentication attempts exceeded for invalid user admin from 182.45.153.221 port 54407 ssh2 [preauth]
|
|
Feb 27 16:18:14 marconi sshd[30894]: Accepted publickey for fredrik from 213.153.113.136 port 60681 ssh2: RSA SHA256:wtbGEMuojY+6IMUyU8t0rkg4bZoxeb07q1PqctZODzQ
|
|
Feb 27 18:16:55 marconi sshd[30123]: fatal: mm_answer_moduli: bad parameters: 2048 2048 1024
|
|
Feb 28 03:15:06 marconi sshd[9243]: Accepted publickey for root from 66.23.226.92 port 35645 ssh2: RSA SHA256:Z0G8XQQjwahIdAJmj/DA0j29v+zA2v17C4b0rvOV6Nw
|
|
Feb 28 03:17:11 marconi systemd: pam_unix(systemd-user:session): session opened for user root by (uid=0)
|
|
Feb 28 03:17:18 marconi systemd: pam_unix(systemd-user:session): session closed for user root
|
|
Mar 2 22:01:02 marconi systemd[1]: Starting Daily apt activities...
|
|
Mar 2 22:01:04 marconi systemd[1]: Started Daily apt activities.
|
|
Mar 2 22:01:04 marconi systemd[1]: apt-daily.timer: Adding 6h 5min 38.342426s random time.
|
|
Mar 2 22:01:04 marconi systemd[1]: apt-daily.timer: Adding 6h 2min 20.962257s random time.
|
|
Mar 3 06:21:50 marconi named[27570]: client 106.185.43.131#50963: message parsing failed: unexpected end of input
|
|
Mar 3 07:30:02 marconi systemd[1]: Started Run anacron jobs.
|
|
Mar 3 07:36:04 marconi systemd[1]: Reloading The Apache HTTP Server.
|
|
Mar 3 07:36:06 marconi systemd[1]: Reloaded The Apache HTTP Server.
|
|
Mar 3 07:36:06 marconi systemd[1]: Stopping Make remote CUPS printers available locally...
|
|
Mar 3 07:36:06 marconi systemd[1]: Stopped Make remote CUPS printers available locally.
|
|
Mar 3 07:36:06 marconi systemd[1]: Stopping CUPS Scheduler...
|
|
Mar 3 07:36:06 marconi systemd[1]: Stopped CUPS Scheduler.
|
|
Mar 3 07:36:07 marconi systemd[1]: Started Make remote CUPS printers available locally.
|
|
Mar 3 03:15:04 marconi systemd[1]: Created slice User Slice of root.
|
|
Mar 3 03:15:04 marconi systemd[1]: Starting User Manager for UID 0...
|
|
Mar 3 03:15:06 marconi systemd[17958]: Reached target Paths.
|
|
Mar 3 03:15:06 marconi systemd[17958]: Reached target Timers.
|
|
Mar 3 03:15:06 marconi systemd[17958]: Reached target Sockets.
|
|
Mar 3 03:15:06 marconi systemd[17958]: Reached target Basic System.
|
|
Mar 3 03:15:06 marconi systemd[17958]: Reached target Default.
|
|
Mar 3 03:15:06 marconi systemd[17958]: Startup finished in 665ms.
|
|
Mar 3 03:15:06 marconi systemd[1]: Started User Manager for UID 0.
|
|
Mar 3 03:15:07 marconi systemd[1]: Stopping User Manager for UID 0...
|
|
Mar 3 03:15:07 marconi systemd[17958]: Reached target Shutdown.
|
|
Mar 3 03:15:07 marconi systemd[17958]: Starting Exit the Session...
|
|
Mar 3 03:15:07 marconi systemd[17958]: Stopped target Default.
|
|
Mar 3 03:15:07 marconi systemd[17958]: Stopped target Basic System.
|
|
Mar 3 03:15:07 marconi systemd[17958]: Stopped target Timers.
|
|
Mar 3 03:15:07 marconi systemd[17958]: Stopped target Sockets.
|
|
Mar 3 03:15:07 marconi systemd[17958]: Stopped target Paths.
|
|
Mar 3 03:15:07 marconi systemd[17958]: Received SIGRTMIN+24 from PID 18190 (kill).
|
|
Mar 3 03:15:07 marconi systemd[1]: Stopped User Manager for UID 0.
|
|
Mar 3 03:15:07 marconi systemd[1]: Removed slice User Slice of root.
|
|
Mar 3 03:15:08 marconi systemd[1]: Created slice User Slice of root.
|
|
Mar 3 03:15:08 marconi systemd[1]: Starting User Manager for UID 0...
|
|
Mar 3 03:15:09 marconi systemd[18209]: Reached target Paths.
|
|
Mar 3 03:15:09 marconi systemd[18209]: Reached target Timers.
|
|
Mar 3 03:15:09 marconi systemd[18209]: Reached target Sockets.
|
|
Mar 3 03:15:09 marconi systemd[18209]: Reached target Basic System.
|
|
Mar 3 03:15:09 marconi systemd[18209]: Reached target Default.
|
|
Mar 3 03:15:09 marconi systemd[18209]: Startup finished in 124ms.
|
|
Mar 3 03:15:09 marconi systemd[1]: Started User Manager for UID 0.
|
|
Mar 3 03:17:28 marconi systemd[1]: Stopping User Manager for UID 0...
|
|
Mar 3 03:17:28 marconi systemd[18209]: Reached target Shutdown.
|
|
Mar 3 03:17:28 marconi systemd[18209]: Starting Exit the Session...
|
|
Mar 3 03:17:28 marconi systemd[18209]: Stopped target Default.
|
|
Mar 3 03:17:28 marconi systemd[18209]: Stopped target Basic System.
|
|
Mar 3 03:17:28 marconi systemd[18209]: Stopped target Paths.
|
|
Mar 3 03:17:28 marconi systemd[18209]: Stopped target Sockets.
|
|
Mar 3 03:17:28 marconi systemd[18209]: Stopped target Timers.
|
|
Mar 3 03:17:29 marconi systemd[18209]: Received SIGRTMIN+24 from PID 19176 (kill).
|
|
Mar 3 03:17:29 marconi systemd[1]: Stopped User Manager for UID 0.
|
|
Mar 3 03:17:29 marconi systemd[1]: Removed slice User Slice of root.
|
|
Mar 3 03:17:29 marconi systemd[1]: Created slice User Slice of root.
|
|
Mar 3 03:17:29 marconi systemd[1]: Starting User Manager for UID 0...
|
|
Mar 3 03:17:30 marconi systemd[19182]: Reached target Paths.
|
|
Mar 3 03:17:30 marconi systemd[19182]: Reached target Timers.
|
|
Mar 3 03:17:30 marconi systemd[19182]: Reached target Sockets.
|
|
Mar 3 03:17:30 marconi systemd[19182]: Reached target Basic System.
|
|
Mar 3 03:17:30 marconi systemd[19182]: Reached target Default.
|
|
Mar 3 03:17:30 marconi systemd[19182]: Startup finished in 526ms.
|
|
Mar 3 03:17:30 marconi systemd[1]: Started User Manager for UID 0.
|
|
Mar 3 03:17:42 marconi systemd[1]: Stopping User Manager for UID 0...
|
|
Mar 3 03:17:42 marconi systemd[19182]: Reached target Shutdown.
|
|
Mar 3 03:17:42 marconi systemd[19182]: Stopped target Default.
|
|
Mar 3 03:17:42 marconi systemd[19182]: Stopped target Basic System.
|
|
Mar 3 03:17:42 marconi systemd[19182]: Stopped target Paths.
|
|
Mar 3 03:17:42 marconi systemd[19182]: Stopped target Sockets.
|
|
Mar 3 03:17:42 marconi systemd[19182]: Stopped target Timers.
|
|
Mar 3 03:17:42 marconi systemd[19182]: Starting Exit the Session...
|
|
Mar 3 03:17:42 marconi systemd[19182]: Received SIGRTMIN+24 from PID 19222 (kill).
|
|
Mar 3 03:17:42 marconi systemd[1]: Stopped User Manager for UID 0.
|
|
Mar 3 03:17:42 marconi systemd[1]: Removed slice User Slice of root.
|
|
Mar 3 03:17:43 marconi systemd[1]: Created slice User Slice of root.
|
|
Mar 3 03:17:43 marconi systemd[1]: Starting User Manager for UID 0...
|
|
Mar 3 03:17:43 marconi systemd[19230]: Reached target Timers.
|
|
Mar 3 03:17:43 marconi systemd[19230]: Reached target Sockets.
|
|
Mar 3 03:17:43 marconi systemd[19230]: Reached target Paths.
|
|
Mar 3 03:17:43 marconi systemd[19230]: Reached target Basic System.
|
|
Mar 3 03:17:43 marconi systemd[19230]: Reached target Default.
|
|
Mar 3 03:17:43 marconi systemd[19230]: Startup finished in 85ms.
|
|
Mar 3 03:17:43 marconi systemd[1]: Started User Manager for UID 0.
|
|
Mar 3 03:17:46 marconi systemd[1]: Stopping User Manager for UID 0...
|
|
Mar 3 03:17:46 marconi systemd[19230]: Stopped target Default.
|
|
Mar 3 03:17:46 marconi systemd[19230]: Reached target Shutdown.
|
|
Mar 3 03:17:46 marconi systemd[19230]: Starting Exit the Session...
|
|
Mar 3 03:17:46 marconi systemd[19230]: Stopped target Basic System.
|
|
Mar 3 03:17:46 marconi systemd[19230]: Stopped target Timers.
|
|
Mar 3 03:17:46 marconi systemd[19230]: Stopped target Sockets.
|
|
Mar 3 03:17:46 marconi systemd[19230]: Stopped target Paths.
|
|
Mar 3 03:17:46 marconi systemd[19230]: Received SIGRTMIN+24 from PID 19268 (kill).
|
|
Mar 3 03:17:46 marconi systemd[1]: Stopped User Manager for UID 0.
|
|
Mar 3 03:17:46 marconi systemd[1]: Removed slice User Slice of root.
|
|
Mar 3 03:17:47 marconi systemd[1]: Created slice User Slice of root.
|
|
Mar 3 03:17:47 marconi systemd[1]: Starting User Manager for UID 0...
|
|
Mar 3 03:17:48 marconi systemd[19275]: Reached target Sockets.
|
|
Mar 3 03:17:48 marconi systemd[19275]: Reached target Paths.
|
|
Mar 3 03:17:48 marconi systemd[19275]: Reached target Timers.
|
|
Mar 3 03:17:48 marconi systemd[19275]: Reached target Basic System.
|
|
Mar 3 03:17:48 marconi systemd[19275]: Reached target Default.
|
|
Mar 3 03:17:48 marconi systemd[19275]: Startup finished in 80ms.
|
|
Mar 3 03:17:48 marconi systemd[1]: Started User Manager for UID 0.
|
|
Mar 3 03:18:09 marconi systemd[1]: Stopping User Manager for UID 0...
|
|
Mar 3 03:18:09 marconi systemd[19275]: Stopped target Default.
|
|
Mar 3 03:18:09 marconi systemd[19275]: Stopped target Basic System.
|
|
Mar 3 03:18:09 marconi systemd[19275]: Stopped target Sockets.
|
|
Mar 3 03:18:09 marconi systemd[19275]: Stopped target Paths.
|
|
Mar 3 03:18:09 marconi systemd[19275]: Stopped target Timers.
|
|
Mar 3 03:18:09 marconi systemd[19275]: Reached target Shutdown.
|
|
Mar 3 03:18:09 marconi systemd[19275]: Starting Exit the Session...
|
|
Mar 3 03:18:09 marconi systemd[19275]: Received SIGRTMIN+24 from PID 19328 (kill).
|
|
Mar 3 03:18:09 marconi systemd[1]: Stopped User Manager for UID 0.
|
|
Mar 3 03:18:09 marconi systemd[1]: Removed slice User Slice of root.
|
|
Mar 3 00:02:36 marconi BACKUP: Automysqlbackup
|
|
Mar 3 00:02:37 marconi BACKUP: Daglig backup klar
|
|
Mar 3 00:00:01 marconi BACKUP: Startar daglig backup
|
|
Mar 3 00:00:01 marconi BACKUP: Hemkatalogerna
|
|
Mar 3 00:01:06 marconi BACKUP: Etc
|
|
Mar 3 00:01:09 marconi BACKUP: Prylarna i opt
|
|
Mar 3 00:01:26 marconi BACKUP: Webservern
|
|
Mar 3 12:57:42 nada sshd(pam_google_authenticator)[20838]: Failed to update secret file "/root/.google_authenticator"
|
|
Mar 3 18:03:34 marconi named[27570]: transfer of 'wahlberg.se/IN' from 66.23.226.92#53: Transfer status: success
|
|
Mar 3 21:19:31 marconi sshd[17576]: error: Received disconnect from 212.83.160.203 port 57458:3: com.jcraft.jsch.JSchException: Auth cancel [preauth]
|
|
Mar 4 07:38:01 nada sshd[15794]: input_userauth_request: invalid user [preauth]
|
|
Mar 4 09:14:31 nada sm-mta[25219]: v248EUKL025219: AUTH decode64 error [-5 for "Y2FzdG9yQHdhaGxiZXJnLnNlAGNhc3RvckB3YWhsYmVyZy5zZQBwb2tlbW9uDQ==\r"], relay=[156.67.106.207]
|
|
Mar 4 15:06:28 marconi named[27570]: client 113.240.250.154#43169: message parsing failed: bad compression pointer
|
|
Mar 4 16:21:01 marconi sudo: fredrik : TTY=unknown ; PWD=/home/fredrik ; USER=root ; COMMAND=/home/fredrik/bin/kdbx_backup.sh
|
|
Mar 4 18:46:37 marconi telldusd: message repeated 2 times: [ Execute a TellStick Action for device 4]
|
|
Mar 5 00:00:01 marconi sudo: fredrik : TTY=unknown ; PWD=/home/fredrik ; USER=root ; COMMAND=/home/fredrik/bin/kdbx_backup.sh
|
|
Mar 5 07:36:35 marconi nmbd[28262]: [2017/03/05 07:36:35.791823, 0] ../source3/nmbd/nmbd.c:169(nmbd_sig_hup_handler)
|
|
Mar 5 07:36:35 marconi nmbd[28262]: [2017/03/05 07:36:35.792332, 0] ../source3/nmbd/nmbd_workgroupdb.c:276(dump_workgroups)
|
|
Mar 5 07:36:35 marconi nmbd[28262]: [2017/03/05 07:36:35.792760, 0] ../source3/nmbd/nmbd_workgroupdb.c:276(dump_workgroups)
|
|
Mar 6 04:03:02 nada sshd[11959]: fatal: Write failed: Connection reset by peer [preauth]
|
|
Mar 6 22:43:34 nada sshd[4306]: Bad packet length 4081589265. [preauth]
|
|
Mar 6 22:43:34 nada sshd[4306]: Disconnecting: Packet corrupt [preauth]
|
|
Mar 6 23:47:37 nada sm-mta[11119]: v26MlObG011113: Fixed MIME Content-Type header field (possible attack)
|
|
Mar 8 03:17:11 nada sshd[23415]: Received disconnect from 91.195.103.166: 11: Client disconnecting normally [preauth]
|
|
Mar 7 19:37:07 nada sshd[9647]: Received disconnect from 91.195.103.173: 11: Client disconnecting normally [preauth]
|
|
Mar 8 07:31:45 nada sm-mta[16598]: v286VitB016598: AUTH decode64 error [-5 for "Y2FzdG9yAGNhc3RvcgBwb2tlbW9uDQ==\r"], relay=[156.67.106.207]
|
|
Mar 9 05:30:02 marconi backup[1895]: Startar backup av marconi
|
|
Mar 9 05:42:53 marconi sshd[6125]: fatal: Unable to negotiate with 84.241.42.101 port 61319: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1,diffie-hellman-group-exchange-sha1 [preauth]
|
|
Mar 9 09:18:45 marconi backup[12320]: Jobbet avslutat och alla filer flyttade
|
|
Mar 9 15:08:55 marconi sshd[25800]: Received disconnect from 61.158.188.21 port 59944:11: ok [preauth]
|
|
Mar 9 15:22:40 marconi sshd[29305]: Received disconnect from 202.163.123.135 port 59164:11: ok [preauth]
|
|
OA
|
|
Mar 17 07:29:31 nada sshd[7692]: Received disconnect from 178.162.211.197: 13: User request [preauth]
|
|
Mar 17 11:32:29 nada sm-mta[775]: v2HAWQ2g000768: v2HAWT2f000775: DSN: Host unknown (Name server: hgadvokat.se: host not found)
|
|
Mar 17 09:44:38 marconi sshd[27920]: fatal: Unable to negotiate with 212.129.20.230 port 51562: no matching cipher found. Their offer: aes256-cbc,rijndael-cbc@lysator.liu.se,aes192-cbc,aes128-cbc,arcfour128,arcfour,3des-cbc,none [preauth]
|
|
Mar 16 16:34:12 nada sshd[11591]: input_userauth_request: invalid user [preauth]
|
|
Mar 16 10:33:41 nada named[31321]: received control channel command 'reload happysthlm.se'
|
|
Mar 16 10:33:41 nada named[31321]: zone happysthlm.se/IN: loaded serial 2017031600
|
|
Mar 16 10:33:42 nada named[31321]: client 192.3.61.229#33639: transfer of 'happysthlm.se/IN': AXFR-style IXFR started
|
|
Mar 16 10:33:42 nada named[31321]: client 192.3.61.229#33639: transfer of 'happysthlm.se/IN': AXFR-style IXFR ended
|
|
Mar 16 11:47:51 nada named[31321]: client 46.162.117.83#39505: transfer of 'happysthlm.se/IN': AXFR-style IXFR started
|
|
Mar 16 11:47:51 nada named[31321]: client 46.162.117.83#39505: transfer of 'happysthlm.se/IN': AXFR-style IXFR ended
|
|
Mar 16 03:41:06 nada sm-mta[28708]: STARTTLS: write error=syscall error (-1), errno=32, get_error=error:00000000:lib(0):func(0):reason(0), retry=99, ssl_err=5
|
|
Mar 15 06:24:30 nada sm-mta[29141]: v2F5OSbF029141: AUTH decode64 error [-5 for "Y2FzdG9yAGNhc3RvcgBwb2tlbW9uDQ==\r"], relay=[156.67.106.207]
|
|
Mar 15 06:24:51 nada sm-mta[29155]: v2F5OoMX029155: AUTH decode64 error [-5 for "Y2FzdG9yAGNhc3RvcgBwb2tlbW9uDQ==\r"], relay=[156.67.106.207]
|
|
Mar 15 06:25:13 nada sm-mta[29160]: v2F5PClb029160: AUTH decode64 error [-5 for "Y2FzdG9yAGNhc3RvcgBwb2tlbW9uDQ==\r"], relay=[156.67.106.207]
|
|
Mar 15 06:25:35 nada sm-mta[29590]: v2F5PYa1029590: AUTH decode64 error [-5 for "Y2FzdG9yAGNhc3RvcgBwb2tlbW9uDQ==\r"], relay=[156.67.106.207]
|
|
Mar 20 06:54:52 nada sshd[7359]: input_userauth_request: invalid user [preauth]
|
|
Mar 20 04:00:44 nada sm-mta[21983]: v2K30iPx021983: [180.163.2.117]: probable open proxy: command=GET / HTTP/1.1\r\n
|
|
Mar 19 06:47:45 nada clamav-milter: ClamAV: mi_stop=1
|
|
Mar 19 04:36:45 marconi sshd[26598]: error: Received disconnect from 46.165.220.212 port 52999:13: User request [preauth]
|
|
Mar 19 00:00:01 marconi sudo: fredrik : TTY=unknown ; PWD=/home/fredrik ; USER=root ; COMMAND=/home/fredrik/bin/kdbx_backup.sh
|
|
Mar 25 05:53:41 marconi dhcpcd[2859]: enp4s0: adding route to 192.168.1.0/24
|
|
Mar 25 05:53:41 marconi dhcpcd[2859]: if_route (ADD): File exists
|
|
Mar 25 05:53:41 marconi dhcpcd[2859]: enp4s0: adding default route via 192.168.1.1
|
|
Mar 25 05:53:41 marconi dhcpcd[2859]: enp4s0: removing default route via 192.168.1.1
|
|
Mar 25 02:59:08 marconi dhclient[31370]: DHCPREQUEST of 192.168.1.118 on enp4s0 to 192.168.1.1 port 67 (xid=0x3d70f3bb)
|
|
Mar 24 01:42:10 nada sshd[31304]: input_userauth_request: invalid user [preauth]
|
|
Mar 23 19:07:02 nada sm-mta[20228]: v2NI71CW020228: rejecting commands from ec2-35-165-194-208.us-west-2.compute.amazonaws.com [35.165.194.208] due to pre-greeting traffic after 1 seconds
|
|
Mar 23 23:44:38 nada sm-mta[17761]: v2NMibVZ017761: rejecting commands from ecs-160-44-202-130.reverse.open-telekom-cloud.com [160.44.202.130] due to pre-greeting traffic after 1 seconds
|
|
Apr 2 16:50:49 nada sshd[1363]: Received disconnect from 58.218.199.145: 11: [preauth]
|
|
Apr 2 16:58:34 nada saslauthd[619]: do_auth : auth failure: [user=prueba] [service=smtp] [realm=] [mech=shadow] [reason=Invalid username]
|
|
Apr 2 19:08:45 nada saslauthd[604]: do_auth : auth failure: [user=backup] [service=smtp] [realm=] [mech=shadow] [reason=Incorrect password]
|
|
Apr 2 18:28:04 nada milter-greylist: DKIM failed: No signature
|
|
Apr 2 18:34:03 nada milter-greylist: DKIM failed: Unable to verify
|
|
Apr 2 18:36:37 nada milter-greylist: DKIM failed: Key retrieval failed
|
|
Apr 2 18:36:58 nada milter-greylist: DKIM failed: Invalid parameter
|
|
Apr 2 18:28:04 nada spamc[20324]: connect to spamd on ::1 failed, retrying (#1 of 3): Connection refused
|
|
Apr 2 18:28:04 nada spamd[12078]: spamd: connection from localhost.localdomain [127.0.0.1]:57662 to port 783, fd 5
|
|
Apr 2 18:28:06 nada spamd[12078]: dns: reply to 9869/IN/A/22211110.com truncated (EDNS 4096 bytes), 89 answer records
|
|
Apr 2 19:00:12 nada spamd[12078]: dns: reply to 38195/IN/A/22211110.com truncated (EDNS 4096 bytes), 89 answer records
|
|
Apr 2 18:36:44 nada sm-mta[21418]: v32GagN8021418: Milter: data, reject=451 4.3.2 Please try again later
|
|
Apr 2 18:34:46 nada HORDE: [horde] Login success for fredrik to horde (46.162.117.83) [pid 25921 on line 164 of "/usr/share/horde/login.php"]
|
|
Apr 2 18:34:47 nada HORDE: [imp] Login success for fredrik (46.162.117.83) to {imap://nada.wahlberg.se:993/} [pid 25921 on line 157 of "/usr/share/horde/imp/lib/Auth.php"]
|
|
Apr 2 19:31:34 nada HORDE: [kronolith] Failed to retrieve remote calendar: url = "https://calendar.google.com/calendar/ical/wahlis%40gmail.com/private-d6b56e71ef78fa437bcb4df46aaeebad/basic.ics", status = 28 [pid 25488 on line 593 of "/usr/share/horde/kronolith/lib/Driver/Ical.php"]
|
|
Apr 2 19:44:16 nada sshd[15909]: Disconnecting: Too many authentication failures for invalid user openvpn from 177.40.96.203 port 58746 ssh2 [preauth]
|
|
Apr 2 20:02:18 nada milter-greylist: DKIM failed: No key
|
|
Apr 2 19:45:30 nada spamd[12078]: spamd: result: Y 17 - BAYES_50,DATE_IN_PAST_96_XX,HTML_MESSAGE,MIMEOLE_DIRECT_TO_MX,MISSING_MID,PYZOR_CHECK,RCVD_IN_BRBL_LASTEXT,RCVD_IN_PBL,RCVD_IN_SBL_CSS,RCVD_IN_SORBS_DUL,RCVD_IN_XBL,RDNS_NONE,URIBL_BLACK scantime=1.8,size=1914,user=spamass-milter,uid=111,required_score=5.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=33068,mid=(unknown),bayes=0.499958,autolearn=no autolearn_force=no
|
|
Apr 2 19:49:28 nada spamd[12078]: spamd: result: Y 11 - BAYES_50,DATE_IN_FUTURE_24_48,MISSING_MID,RAZOR2_CF_RANGE_51_100,RAZOR2_CF_RANGE_E8_51_100,RAZOR2_CHECK,RCVD_IN_BRBL_LASTEXT,SPF_HELO_SOFTFAIL,URIBL_DBL_SPAM,URIBL_SBL_A scantime=2.5,size=3208,user=spamass-milter,uid=111,required_score=5.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=39030,mid=(unknown),bayes=0.508483,autolearn=no autolearn_force=no
|
|
Apr 2 20:17:48 nada HORDE: User is not authorized for imp [pid 21121 on line 324 of "/usr/share/php/Horde/Registry.php"]
|
|
Apr 2 20:37:14 nada spamd[12078]: dns: reply to 52792/IN/TXT/freemediainternet.com truncated (EDNS 4096 bytes), 2 answer records
|
|
Apr 2 21:13:53 nada spamd[12078]: dns: reply to 28509/IN/TXT/bronto.com truncated (EDNS 4096 bytes), 13 answer records
|
|
Apr 2 22:17:28 nada named[300]: managed-keys-zone: No DNSKEY RRSIGs found for '.': success
|
|
Apr 10 05:59:24 marconi named[7781]: validating formelracing.se/SOA: no valid signature found
|
|
Apr 10 05:59:24 marconi named[7781]: validating formelracing.se/A: no valid signature found
|
|
Apr 10 05:59:24 marconi named[7781]: validating cmqpg0nlq5bi4s4ucti6jj2avrd7mhtj.formelracing.se/NSEC3: no valid signature found
|
|
Apr 10 06:49:43 nada named[297]: automatic empty zone: 10.IN-ADDR.ARPA
|
|
Apr 10 06:49:43 nada named[297]: automatic empty zone: 8.B.D.0.1.0.0.2.IP6.ARPA
|
|
Apr 9 22:13:12 nada spamd[15599]: spamd: result: . 4 - BAYES_50,DATE_IN_FUTURE_96_Q,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,HTML_MESSAGE,MISSING_MID,RP_MATCHES_RCVD,SPF_PASS scantime=2.6,size=11507,user=spamass-milter,uid=111,required_score=5.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=45326,mid=(unknown),bayes=0.485144,autolearn=no autolearn_force=no
|
|
Apr 11 00:55:11 nada spamd[13608]: dns: reply to 34774/IN/A/relayhi2.mysmtp.com truncated (EDNS 4096 bytes), 120 answer records
|
|
Apr 11 03:51:10 nada spamd[13608]: dns: reply to 64012/IN/A/relayhi2.mysmtp.com truncated (EDNS 4096 bytes), 120 answer records
|
|
Apr 11 03:51:10 nada spamd[13608]: dns: reply to 15832/IN/A/relayhi3.euro.email truncated (EDNS 4096 bytes), 34 answer records
|
|
Apr 11 06:47:59 nada systemd: pam_unix(systemd-user:session): session opened for user nobody by (uid=0)
|
|
Apr 11 06:47:59 nada systemd-logind[306]: Existing logind session ID 264242 used by new audit session, ignoring
|
|
Apr 11 06:47:59 nada systemd-logind[306]: New session c12 of user nobody.
|
|
Apr 11 06:47:59 nada systemd-logind[306]: Removed session c12.
|
|
Apr 11 06:48:04 nada systemd: pam_unix(systemd-user:session): session closed for user nobody
|
|
Apr 11 06:48:06 nada rndc[15568]: server reload successful
|
|
Apr 11 06:48:06 nada named[297]: all zones loaded
|
|
Apr 11 06:48:06 nada named[297]: running
|
|
Apr 10 18:55:12 nada spamd[22038]: dns: reply to 59370/IN/A/relayhi2.mysmtp.com truncated (EDNS 4096 bytes), 120 answer records
|
|
Apr 10 19:14:32 nada HORDE: User is not authorized for horde [pid 20920 on line 324 of "/usr/share/php/Horde/Registry.php"]
|
|
Apr 10 19:14:32 nada HORDE: User is not authorized for horde [pid 20920 on line 324 of "/usr/share/php/Horde/Registry.php"]
|
|
Apr 10 19:18:06 nada sendmail[17597]: v3AHI6dq017597: Authentication-Warning: nada.wahlberg.se: www-data set sender to katarina@happysthlm.se using -f
|
|
Apr 10 20:11:54 nada HORDE: User is not authorized for horde [pid 15446 on line 324 of "/usr/share/php/Horde/Registry.php"]
|
|
Apr 10 20:31:42 nada sendmail[24393]: v3AIVgPU024393: Authentication-Warning: nada.wahlberg.se: www-data set sender to katarina@happysthlm.se using -f
|
|
Apr 10 21:18:28 nada HORDE: User is not authorized for horde [pid 28010 on line 324 of "/usr/share/php/Horde/Registry.php"]
|
|
Apr 10 21:57:16 nada spamd[19842]: dns: reply to 60884/IN/A/relayhi2.mysmtp.com truncated (EDNS 4096 bytes), 120 answer records
|
|
Apr 10 21:57:16 nada spamd[19842]: dns: reply to 43885/IN/A/relayhi3.euro.email truncated (EDNS 4096 bytes), 34 answer records
|
|
Apr 11 10:58:01 nada systemd-logind[306]: New session c14 of user fredrik.
|
|
Apr 11 11:04:24 nada systemd-logind[306]: New session c15 of user fredrik.
|
|
Apr 11 17:47:56 nada milter-greylist: DKIM failed: Syntax error
|
|
Apr 11 23:02:34 nada milter-greylist: DKIM failed: Bad signature
|
|
Apr 13 16:22:06 nada named[296]: managed-keys-zone: Unable to fetch DNSKEY set 'dlv.isc.org': SERVFAIL
|
|
Apr 13 05:20:04 nada spamd[4701]: spamd: result: . -1 - ALL_TRUSTED,BAYES_00,MISSING_DATE,MISSING_MID scantime=2.4,size=697,user=spamass-milter,uid=111,required_score=5.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=59968,mid=(unknown),bayes=0.000000,autolearn=no autolearn_force=no
|
|
Apr 13 00:24:51 marconi named[7781]: DNS format error from 8.8.8.8#53 resolving slashdot.org/DS: Name . (SOA) not subdomain of zone org -- invalid response
|
|
Apr 12 14:10:54 nada sshd[15793]: error: Received disconnect from 37.229.184.255: 2: Handshake failed [preauth]
|
|
Apr 16 07:45:39 nada sshd[31491]: error: Received disconnect from 37.229.184.255: 2: Handshake failed [preauth]
|
|
Apr 13 09:47:05 marconi sshd[695]: error: Received disconnect from 37.229.184.255 port 61294:2: Handshake failed [preauth]
|
|
Apr 12 15:05:34 nada sm-mta[20644]: v3CD5WoV020644: [60.191.40.195]: probable open proxy: command=GET / HTTP/1.0\r\n
|
|
Apr 12 09:45:33 marconi org.gnome.evolution.dataserver.Sources5[25620]: ** (evolution-source-registry:26188): WARNING **: secret_service_search_sync: must specify at least one attribute to match
|
|
Apr 13 09:45:33 marconi org.gnome.evolution.dataserver.Sources5[25620]: ** (evolution-source-registry:26188): WARNING **: secret_service_search_sync: must specify at least one attribute to match
|
|
Apr 16 16:46:57 nada spamd[17910]: dns: reply to 27982/IN/TXT/micro-campus.com truncated (EDNS 4096 bytes), 1 answer records
|
|
Apr 16 00:00:02 marconi sudo: fredrik : TTY=unknown ; PWD=/home/fredrik ; USER=root ; COMMAND=/home/fredrik/bin/kdbx_backup.sh
|
|
Apr 14 13:41:44 nada spamd[3869]: spamd: result: . -2 - BAYES_00,DATE_IN_FUTURE_48_96,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,FROM_EXCESS_BASE64,HTML_MESSAGE,MIME_HTML_ONLY,MISSING_MID,RCVD_IN_DNSWL_HI,RCVD_IN_MSPIKE_H3,RCVD_IN_MSPIKE_WL,RP_MATCHES_RCVD,SPF_HELO_PASS scantime=2.1,size=34843,user=spamass-milter,uid=111,required_score=5.0,rhost=localhost.localdomain,raddr=127.0.0.1,rport=60296,mid=(unknown),bayes=0.000000,autolearn=ham autolearn_force=no
|
|
Apr 18 13:27:36 nada HORDE: [imp] Message sent to fram.art@comhem.se from katarina (213.112.4.122) [pid 12862 on line 964 of "/usr/share/horde/imp/lib/Compose.php"]
|
|
Apr 18 14:38:04 nada HORDE: [imp] Message sent to hello@happysthlm.se from katarina (213.112.4.122) [pid 1013 on line 964 of "/usr/share/horde/imp/lib/Compose.php"]
|
|
Apr 18 17:29:30 nada systemd-logind[305]: New session c36 of user petter.
|
|
Apr 18 17:29:30 nada systemd: pam_unix(systemd-user:session): session opened for user petter by (uid=0)
|
|
Apr 18 17:33:38 nada systemd: pam_unix(systemd-user:session): session closed for user petter
|
|
Apr 18 17:29:30 nada internal-sftp[9277]: session opened for local user petter from [212.16.177.66]
|
|
Apr 18 17:29:31 nada internal-sftp[9277]: opendir "/home/petter/www.lidberg.se/mazda/Old"
|
|
Apr 18 17:29:31 nada internal-sftp[9277]: closedir "/home/petter/www.lidberg.se/mazda/Old"
|
|
Apr 18 17:29:38 nada internal-sftp[9277]: open "/home/petter/www.lidberg.se/mazda/Old/demo.html" flags READ mode 0666
|
|
Apr 18 17:29:38 nada internal-sftp[9277]: close "/home/petter/www.lidberg.se/mazda/Old/demo.html" bytes read 3754 written 0
|
|
Apr 18 17:33:38 nada internal-sftp[9277]: session closed for local user petter from [212.16.177.66]
|
|
Apr 17 17:04:31 nada systemd-logind[305]: New session c24 of user petter.
|
|
Apr 17 17:04:31 nada systemd-logind[305]: New session c25 of user petter.
|
|
Apr 20 20:40:11 marconi named[11602]: client 125.64.94.201#52717: message parsing failed: bad label type
|
|
Apr 20 15:39:53 nada freshclam[302]: Downloading bytecode-293.cdiff [100%]
|
|
Apr 20 23:40:45 nada freshclam[302]: Downloading bytecode-294.cdiff [100%]
|
|
Apr 21 04:37:54 nada HORDE: [imp] PHP ERROR: Invalid argument supplied for foreach() [pid 7168 on line 96 of "/usr/share/horde/imp/lib/Factory/MailboxList.php"]
|
|
Apr 20 04:49:50 nada HORDE: [imp] PHP ERROR: Invalid argument supplied for foreach() [pid 27097 on line 96 of "/usr/share/horde/imp/lib/Factory/MailboxList.php"]
|
|
Apr 20 13:03:42 nada HORDE: [gollem] PHP ERROR: Invalid argument supplied for foreach() [pid 6356 on line 338 of "/usr/share/horde/gollem/lib/Auth.php"]
|
|
Apr 24 07:22:45 marconi hass[18805]: #033[32m17-04-24 07:22:45 INFO (MainThread) [homeassistant.components.automation] Executing Portvakten#033[0m
|
|
Apr 24 07:22:45 marconi hass[18805]: #033[32m17-04-24 07:22:45 INFO (MainThread) [homeassistant.helpers.script] Script Portvakten: Running script#033[0m
|
|
Apr 24 09:35:01 nada HORDE: [horde] User stiy logged out of Horde (80.251.192.97) [pid 6775 on line 107 of "/usr/share/horde/login.php"]
|
|
May 3 18:14:45 nada sshd[30553]: error: Received disconnect from 178.215.81.7: 14: No more user authentication methods available. [preauth]
|
|
Jun 21 16:00:42 marconi update_daemon2.php[27565]: [14:00:42/31191] Purged 0 orphaned posts.
|
|
Jun 21 16:00:42 marconi update_daemon2.php[27565]: [14:00:42/31191] Removed 0 (feeds) 0 (cats) orphaned counter cache entries.
|
|
Jun 21 16:00:43 marconi update_daemon2.php[27565]: [14:00:43/27565] [reap_children] child 31186 reaped.
|
|
Jun 21 16:00:43 marconi update_daemon2.php[27565]: [14:00:43/27565] [SIGCHLD] jobs left: 0
|
|
Jun 21 16:01:07 marconi update_daemon2.php[27565]: [14:01:07/27565] [MASTER] active jobs: 0, next spawn at 60 sec.
|
|
Aug 7 13:15:02 marconi mosquitto[31703]: mosquitto version 1.4.8 (build date Mon, 26 Jun 2017 09:31:02 +0100) starting
|
|
Aug 7 13:15:02 marconi mosquitto[31703]: Config loaded from /etc/mosquitto/mosquitto.conf.
|
|
Aug 7 13:15:02 marconi mosquitto[31703]: Opening ipv4 listen socket on port 1883.
|
|
Aug 7 13:15:02 marconi mosquitto[31703]: Opening ipv6 listen socket on port 1883.
|
|
Aug 7 13:15:03 marconi mosquitto[31703]: New connection from 192.168.1.118 on port 1883.
|
|
Aug 7 13:15:04 marconi mosquitto[31703]: New connection from 192.168.1.118 on port 1883.
|
|
Aug 7 13:15:04 marconi mosquitto[31703]: New client connected from 192.168.1.118 as home-assistant-1 (c1, k60).
|
|
Aug 7 13:15:34 marconi mosquitto[31703]: New connection from 82.196.161.66 on port 1883.
|
|
Aug 7 13:15:34 marconi mosquitto[31703]: Client fredrikmaximilian disconnected.
|
|
Aug 7 13:15:34 marconi mosquitto[31703]: New client connected from 82.196.161.66 as fredrikmaximilian (c0, k3600).
|
|
Aug 7 13:45:02 marconi mosquitto[31703]: Saving in-memory database to /var/lib/mosquitto/mosquitto.db.
|
|
Aug 21 23:05:12 marconi kernel: [701686.112239] sd 7:0:0:0: [sdd] tag#0
|
|
Aug 22 09:00:18 marconi kernel: [737391.088869] sd 7:0:0:0: [sdd] tag#0 FAILED Result: hostbyte=DID_ERROR driverbyte=DRIVER_SENSE
|
|
Aug 22 09:00:18 marconi kernel: [737391.088892] sd 7:0:0:0: [sdd] tag#0 Sense Key : Hardware Error [current] [descriptor]
|
|
Aug 22 09:00:18 marconi kernel: [737391.088904] sd 7:0:0:0: [sdd] tag#0 Add. Sense: No additional sense information
|
|
Aug 22 09:00:18 marconi kernel: [737391.088919] sd 7:0:0:0: [sdd] tag#0 CDB: ATA command pass through(16) 85 06 2c 00 00 00 00 00 00 00 00 00 00 00 e5 00
|
|
Sep 9 03:34:14 marconi root: /etc/dhcp/dhclient-enter-hooks.d/avahi-autoipd returned non-zero exit status 1
|
|
Sep 9 03:34:14 marconi smbd[2261]: * Reloading /etc/samba/smb.conf smbd
|
|
Sep 9 03:34:14 marconi smbd[2261]: ...done.
|
|
Sep 9 06:55:41 marconi sshd[11486]: Invalid user 0101 from 91.197.232.109
|
|
Sep 9 06:55:41 marconi sshd[11486]: input_userauth_request: invalid user 0101 [preauth]
|
|
Sep 9 10:56:11 marconi sshd[2798]: fatal: Unable to negotiate with 54.156.158.234 port 41078: no matching host key type found. Their offer: ecdsa-sha2-nistp384 [preauth]
|
|
Sep 9 10:56:12 marconi sshd[2802]: fatal: Unable to negotiate with 54.156.158.234 port 41330: no matching host key type found. Their offer: ecdsa-sha2-nistp521 [preauth]
|
|
Sep 9 10:56:14 marconi sshd[2816]: fatal: Unable to negotiate with 54.156.158.234 port 42036: no matching host key type found. Their offer: ssh-dss [preauth]
|
|
Sep 10 07:35:57 marconi freeradius[3649]: * Reloading FreeRADIUS daemon freeradius
|
|
Sep 10 07:35:58 marconi freeradius[3649]: ...done.
|
|
Sep 12 10:27:41 nada sm-mta[4522]: STARTTLS: read error=syscall error (-1), errno=104, get_error=error:00000000:lib(0):func(0):reason(0), retry=1, ssl_err=5
|
|
Sep 8 20:49:21 nada sm-mta[14243]: STARTTLS: read error=syscall error (-1), errno=110, get_error=error:00000000:lib(0):func(0):reason(0), retry=1, ssl_err=5
|
|
Sep 11 00:02:05 cocacola sm-mta[4678]: STARTTLS=client, relay=mail.wahlberg.se., version=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
|
|
Sep 11 11:32:09 cocacola sshd[5924]: Received disconnect from 5.189.139.2: 11: Normal Shutdown, Thank you for playing [preauth]
|
|
Sep 8 13:32:49 marconi sshd[20127]: Received disconnect from 103.27.239.143 port 40512:11: Normal Shutdown, Thank you for playing [preauth]
|
|
Sep 12 00:02:08 cocacola sm-mta[8158]: STARTTLS=client, relay=mail.wahlberg.se., version=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
|
|
Nov 2 07:25:58 marconi sshd[22932]: Connection closed by invalid user foo 175.6.27.49 port 6920 [preauth]
|
|
Nov 2 07:34:03 marconi sshd[25979]: ssh_dispatch_run_fatal: Connection from 170.250.140.52 port 45852: DH GEX group out of range [preauth]
|
|
Nov 2 07:34:15 marconi sshd[26033]: Did not receive identification string from 163.172.136.101 port 37627
|
|
Nov 2 07:48:30 marconi sshd[30673]: Did not receive identification string from 121.156.90.110 port 44398
|
|
Nov 2 07:49:45 marconi sshd[30998]: Disconnecting authenticating user root 180.130.191.9 port 45306: Too many authentication failures [preauth]
|
|
Nov 2 07:59:27 marconi sshd[1655]: Disconnected from invalid user admin 121.156.90.110 port 46078 [preauth]
|
|
Nov 2 08:01:51 marconi sshd[3848]: Disconnected from authenticating user root 121.18.238.123 port 47854 [preauth]
|
|
Nov 2 11:03:21 marconi sshd[15313]: Disconnecting authenticating user root 72.1.255.192 port 56702: Too many authentication failures [preauth]
|
|
Nov 2 11:03:25 marconi sshd[15340]: Did not receive identification string from 212.83.136.85 port 63067
|
|
Nov 2 11:03:44 marconi sshd[15390]: Did not receive identification string from 212.83.136.85 port 49903
|
|
Nov 2 11:48:29 marconi sshd[30727]: Did not receive identification string from 97.79.239.20 port 43399
|
|
Nov 2 11:03:28 marconi sshd[15354]: Disconnected from invalid user admin 212.83.136.85 port 62912 [preauth]
|
|
Nov 2 11:05:41 marconi sshd[16346]: Disconnected from authenticating user root 121.18.238.119 port 47256 [preauth]
|
|
Nov 2 11:55:07 marconi sshd[32705]: Disconnected from authenticating user root 221.194.47.221 port 40633 [preauth]
|
|
Nov 2 11:19:59 marconi sshd[20563]: Connection closed by authenticating user root 58.214.22.74 port 6920 [preauth]
|
|
Nov 2 11:28:15 marconi sshd[23379]: Connection closed by invalid user admin 218.206.69.40 port 2049 [preauth]
|
|
Nov 2 11:29:01 marconi sshd[23537]: Connection closed by invalid user test 106.247.228.75 port 6920 [preauth]
|
|
Nov 2 11:55:16 marconi sshd[496]: Connection closed by authenticating user root 112.29.245.145 port 2049 [preauth]
|
|
Nov 2 13:11:27 marconi sshd[31688]: Disconnecting invalid user admin 114.97.151.158 port 40382: Too many authentication failures [preauth]
|
|
Nov 2 13:26:23 marconi sshd[4249]: Disconnected from user fredrik 66.23.226.92 port 38190
|
|
Nov 2 13:28:15 marconi sshd[5020]: Disconnected from user fredrik 66.23.226.92 port 39248
|
|
Nov 7 09:58:47 nada freshclam[304]: WARNING: DNS record is older than 3 hours.
|
|
Nov 7 09:58:47 nada freshclam[304]: WARNING: Invalid DNS reply. Falling back to HTTP mode.
|
|
Nov 7 09:58:48 nada freshclam[304]: Reading CVD header (main.cvd): OK (IMS)
|
|
Nov 7 09:58:48 nada freshclam[304]: Reading CVD header (daily.cvd): OK
|
|
Nov 7 09:58:49 nada freshclam[304]: Reading CVD header (bytecode.cvd): OK
|
|
Nov 7 10:35:56 marconi 50-motd-news[31369]: * Ubuntu 17.10 releases with Gnome, Kubernetes 1.8, and minimal
|
|
Nov 7 10:35:56 marconi 50-motd-news[31369]: base images
|
|
Nov 7 10:35:56 marconi 50-motd-news[31369]: - https://ubu.one/u1710
|
|
Nov 7 10:50:46 marconi sshd[3881]: Unable to negotiate with 173.255.227.186 port 51816: no matching host key type found. Their offer: ssh-dss [preauth]
|
|
Nov 13 06:05:46 marconi nmbd[5134]: Packet send failed to 172.18.255.255(138) ERRNO=Ogiltigt argument
|
|
Nov 13 10:02:01 marconi sshd[675]: Connection reset by authenticating user root 27.148.158.148 port 3403 [preauth]
|
|
Nov 14 08:21:59 marconi systemd-resolved[24610]: Positive Trust Anchors:
|
|
Nov 14 08:21:59 marconi systemd-resolved[24610]: . IN DS 19036 8 2 49aac11d7b6f6446702e54a1607371607a1a41855200fd2ce1cdde32f24e8fb5
|
|
Nov 14 08:21:59 marconi systemd-resolved[24610]: . IN DS 20326 8 2 e06d44b80b8f1d39a95c0b0d7c65d08458e880409bbc683457104237c7f8ec8d
|
|
Nov 14 08:21:59 marconi systemd-resolved[24610]: Negative trust anchors: 10.in-addr.arpa 16.172.in-addr.arpa 17.172.in-addr.arpa 18.172.in-addr.arpa 19.172.in-addr.arpa 20.172.in-addr.arpa 21.172.in-addr.arpa 22.172.in-addr.arpa 23.172.in-addr.arpa 24.172.in-addr.arpa 25.172.in-addr.arpa 26.172.in-addr.arpa 27.172.in-addr.arpa 28.172.in-addr.arpa 29.172.in-addr.arpa 30.172.in-addr.arpa 31.172.in-addr.arpa 168.192.in-addr.arpa d.f.ip6.arpa corp home internal intranet lan local private test
|
|
Nov 14 08:21:59 marconi systemd-resolved[24610]: Using system hostname 'marconi'.
|
|
Nov 16 12:17:46 marconi sshd[32197]: Invalid user cloud-user from 115.47.122.242 port 6920
|
|
Nov 16 12:17:47 marconi sshd[32197]: Connection closed by invalid user cloud-user 115.47.122.242 port 6920 [preauth]
|
|
Nov 30 06:02:55 marconi sshd[23738]: error: Received disconnect from 103.99.0.207 port 63247:14: No more user authentication methods available. [preauth]
|
|
Feb 5 13:02:12 nada milter-greylist: ignoring message beyond maxpeek = 0
|
|
Feb 5 13:07:56 nada milter-greylist: ignoring message beyond maxpeek = 0
|
|
Feb 5 05:36:40 marconi sshd[12309]: Unable to negotiate with 36.255.159.233 port 65061: no matching cipher found. Their offer: aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc [preauth]
|
|
Feb 5 07:17:24 marconi sshd[31872]: Connection closed by invalid user sap_user 47.205.250.5 port 33272 [preauth]
|
|
Feb 5 14:59:07 marconi sshd[21801]: Connection closed by invalid user 0101 5.188.10.179 port 60847 [preauth]
|
|
Feb 6 02:20:14 nada saslauthd[610]: do_auth : auth failure: [user=Adm1n!] [service=smtp] [realm=#] [mech=shadow] [reason=Invalid username]
|
|
Mar 10 00:04:24 marconi platform[16851]: [2018/03/10 00:04:24 CET] [INFO] Incoming webhook received. Content={"text": "Daglig backup klar
|
|
Mar 10 00:04:24 marconi platform[16851]: Daglig backup klar"}
|
|
Mar 9 00:02:06 cocacola sm-mta[30768]: STARTTLS=client, relay=mail.wahlberg.se., version=TLSv1.2, verify=FAIL, cipher=ECDHE-RSA-AES256-GCM-SHA384, bits=256/256
|
|
Mar 9 05:03:24 cocacola sshd[31876]: Unable to negotiate with 81.3.154.136 port 49595: no matching cipher found. Their offer: aes128-cbc,3des-cbc,aes256-cbc,aes192-cbc [preauth]
|
|
Mar 9 22:51:13 cocacola sshd[1575]: Invalid user from 139.162.122.110 port 47280
|
|
Mar 9 23:47:14 nada freshclam[31063]: WARNING: Your ClamAV installation is OUTDATED!
|
|
Mar 9 23:47:14 nada freshclam[31063]: WARNING: Local version: 0.99.3 Recommended version: 0.99.4
|
|
Mar 9 23:47:14 nada freshclam[31063]: DON'T PANIC! Read http://www.clamav.net/documents/upgrading-clamav
|
|
Mar 9 06:51:00 nada spamd[29947]: spamd: server socket closed, type IO::Socket::IP
|
|
Mar 9 06:51:00 nada spamassassin.pid --create-prefs --max-children 5 --helper-home-dir --user-config: spamd: restarting using '/usr/sbin/spamd -d --pidfile=/var/run/spamassassin.pid --create-prefs --max-children 5 --helper-home-dir --user-config'
|
|
Mar 9 06:51:02 nada spamd[31055]: zoom: able to use 345/345 'body_0' compiled rules (100%)
|
|
Mar 9 06:51:04 nada spamd[31055]: spamd: server started on IO::Socket::IP [127.0.0.1]:783 (running version 3.4.0)
|
|
Apr 7 17:14:40 marconi sshd[7328]: Disconnected from invalid user ftp_user 91.121.77.149 port 34669 [preauth]
|
|
Apr 7 16:23:06 marconi sshd[28989]: Disconnected from invalid user wp-user 188.166.216.84 port 59622 [preauth]
|
|
Aug 4 06:09:58 nada urbackupclientbackend[27338]: ERROR: Token id for user "dkim-milter-python" not found
|
|
Aug 4 06:09:58 nada urbackupclientbackend[27338]: ERROR: Token id for group "daemon" not found
|
|
Aug 4 06:10:06 nada urbackupclientbackend[27338]: ERROR: Creating shadowcopy of "bind" failed.
|
|
Aug 4 06:10:07 nada urbackupclientbackend[27338]: ERROR: Error stating file "/var/www/html/WebCalendar-1.0.0/webcalendar" to get file tokens. Errno: 40
|
|
Nov 13 07:54:09 nada spamd[12307]: zoom: able to use 343/343 'body_0' compiled rules (100%)
|
|
Nov 13 08:50:17 nada urbackupclientbackend[27338]: ERROR: Error getting file type of /home/fredrik/Maildir/.Administrator/new/1542093981.12828_1.nada
|
|
Nov 13 08:51:01 nada urbackupclientbackend[27338]: ERROR: Error getting file type of /home/katarina/Maildir/new/1542092429.12402_0.nada
|
|
|
|
Aug 23 18:39:24 nada fredrik[1713]: Kontrollrad. Syns detta har vi problem...
|
|
Aug 23 18:39:24 nada fredrik[1713]: Sista raden
|