The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Here is my CSF Logwatch

Discussion in 'General Discussion' started by tooheys, Feb 7, 2009.

  1. tooheys

    tooheys Registered

    Joined:
    Aug 16, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Should i be concerned about any of this??

    THANKS


    ################### Logwatch 7.3 (03/24/06) ####################
    Processing Initiated: Sun Feb 8 04:02:04 2009
    Date Range Processed: yesterday
    ( 2009-Feb-07 )
    Period is day.
    Detail Level of Output: 0
    Type of Output: unformatted
    Logfiles for Host: ****
    ##################################################################

    --------------------- iptables firewall Begin ------------------------

    Logged 108 packets on interface eth0
    From 24.60.4.219 - 1 packet to udp(12342)
    From 58.65.193.149 - 2 packets to tcp(23)
    From 58.179.200.101 - 2 packets to tcp(23)
    From 59.81.64.229 - 3 packets to udp(1434)
    From 60.191.250.25 - 1 packet to udp(1434)
    From 61.142.83.117 - 3 packets to tcp(90)
    From 61.152.91.182 - 1 packet to tcp(8080)
    From 61.160.213.214 - 9 packets to tcp(8088,8090)
    From 66.229.91.230 - 4 packets to udp(12342)
    From 66.252.62.216 - 1 packet to udp(12342)
    From 67.10.112.254 - 3 packets to udp(12342)
    From 68.56.167.251 - 1 packet to udp(12342)
    From 68.94.99.186 - 1 packet to udp(12342)
    From 69.124.197.236 - 1 packet to udp(12342)
    From 70.80.252.177 - 1 packet to udp(12342)
    From 76.16.25.208 - 2 packets to udp(12342)
    From 76.71.141.157 - 2 packets to udp(12342)
    From 85.71.96.223 - 1 packet to tcp(23)
    From 88.163.196.44 - 1 packet to udp(12342)
    From 90.32.54.33 - 2 packets to tcp(23)
    From 98.220.157.115 - 2 packets to udp(12342)
    From 114.168.119.248 - 2 packets to udp(12342)
    From 115.73.199.213 - 2 packets to tcp(23)
    From 115.75.160.227 - 2 packets to tcp(23)
    From 116.71.186.107 - 2 packets to tcp(23)
    From 117.103.192.49 - 3 packets to udp(1434)
    From 119.30.100.185 - 2 packets to tcp(23)
    From 121.97.223.114 - 1 packet to udp(12342)
    From 122.3.25.51 - 3 packets to udp(12342)
    From 123.254.43.140 - 2 packets to udp(1434)
    From 125.64.17.179 - 3 packets to udp(1434)
    From 125.212.12.95 - 2 packets to udp(12342)
    From 151.56.64.199 - 2 packets to udp(12342)
    From 173.69.144.17 - 1 packet to udp(12342)
    From 201.122.14.213 - 1 packet to udp(12342)
    From 202.69.177.90 - 1 packet to udp(12342)
    From 202.101.118.195 - 3 packets to tcp(81)
    From 202.101.165.202 - 3 packets to udp(1434)
    From 206.74.74.150 - 1 packet to udp(12342)
    From 210.3.247.117 - 1 packet to udp(1434)
    From 211.167.39.241 - 3 packets to tcp(1433)
    From 216.81.36.194 - 3 packets to udp(12342)
    From 218.9.148.118 - 2 packets to tcp(8080)
    From 218.22.244.42 - 3 packets to udp(1434)
    From 218.89.137.11 - 2 packets to udp(1434)
    From 218.98.106.53 - 1 packet to udp(1434)
    From 218.98.192.8 - 1 packet to udp(1434)
    From 218.180.134.67 - 2 packets to udp(12342)
    From 219.139.130.139 - 3 packets to udp(1434)
    From 220.180.135.70 - 1 packet to udp(1434)
    From 221.143.42.188 - 3 packets to tcp(1433)
    From 222.73.204.130 - 3 packets to tcp(1433)

    Logged 5 packets on interface eth1
    From 10.88.113.87 - 5 packets to udp(5353)

    ---------------------- iptables firewall End -------------------------


    --------------------- pam_unix Begin ------------------------

    sshd:
    Authentication Failures:
    unknown (84-16-234-189.internetserviceteam.com): 4 Time(s)
    Invalid Users:
    Unknown Account: 4 Time(s)


    ---------------------- pam_unix End -------------------------


    --------------------- SSHD Begin ------------------------


    Illegal users from:
    84.16.234.189 (84-16-234-189.internetserviceteam.com): 4 times


    Received disconnect:
    11: Bye Bye : 3 Time(s)

    **Unmatched Entries**
    pam_succeed_if(sshd:auth): error retrieving information about user grupo2 : 1 time(s)
    pam_succeed_if(sshd:auth): error retrieving information about user estudiante : 3 time(s)

    ---------------------- SSHD End -------------------------




    ###################### Logwatch End #########################
     
  2. Infopro

    Infopro cPanel Sr. Product Evangelist
    Staff Member

    Joined:
    May 20, 2003
    Messages:
    14,480
    Likes Received:
    203
    Trophy Points:
    63
    Location:
    Pennsylvania
    cPanel Access Level:
    Root Administrator
    Twitter:
    You might want to upgrade your logwatch. http://www.logwatch.org/tabs/download/

    It is not CSF logwatch.

    In CSF you can disable packets if you like.

    If your default port number for SSH is 22, you should dig up instructions to change that on the forums here.

    That logwatch report is the bare minimum. "Detail Level of Output: 0"

    You can set that higher in logwatch if you like.
    http://www.logwatch.org/tabs/docs/logwatch.8.html#lbAE


    I don't see any real issues, no.
     
  3. tooheys

    tooheys Registered

    Joined:
    Aug 16, 2008
    Messages:
    2
    Likes Received:
    0
    Trophy Points:
    1
    Many thanks Infopro
     
Loading...

Share This Page