Here is my CSF Logwatch

tooheys

Registered
Aug 16, 2008
2
0
51
Should i be concerned about any of this??

THANKS


################### Logwatch 7.3 (03/24/06) ####################
Processing Initiated: Sun Feb 8 04:02:04 2009
Date Range Processed: yesterday
( 2009-Feb-07 )
Period is day.
Detail Level of Output: 0
Type of Output: unformatted
Logfiles for Host: ****
##################################################################

--------------------- iptables firewall Begin ------------------------

Logged 108 packets on interface eth0
From 24.60.4.219 - 1 packet to udp(12342)
From 58.65.193.149 - 2 packets to tcp(23)
From 58.179.200.101 - 2 packets to tcp(23)
From 59.81.64.229 - 3 packets to udp(1434)
From 60.191.250.25 - 1 packet to udp(1434)
From 61.142.83.117 - 3 packets to tcp(90)
From 61.152.91.182 - 1 packet to tcp(8080)
From 61.160.213.214 - 9 packets to tcp(8088,8090)
From 66.229.91.230 - 4 packets to udp(12342)
From 66.252.62.216 - 1 packet to udp(12342)
From 67.10.112.254 - 3 packets to udp(12342)
From 68.56.167.251 - 1 packet to udp(12342)
From 68.94.99.186 - 1 packet to udp(12342)
From 69.124.197.236 - 1 packet to udp(12342)
From 70.80.252.177 - 1 packet to udp(12342)
From 76.16.25.208 - 2 packets to udp(12342)
From 76.71.141.157 - 2 packets to udp(12342)
From 85.71.96.223 - 1 packet to tcp(23)
From 88.163.196.44 - 1 packet to udp(12342)
From 90.32.54.33 - 2 packets to tcp(23)
From 98.220.157.115 - 2 packets to udp(12342)
From 114.168.119.248 - 2 packets to udp(12342)
From 115.73.199.213 - 2 packets to tcp(23)
From 115.75.160.227 - 2 packets to tcp(23)
From 116.71.186.107 - 2 packets to tcp(23)
From 117.103.192.49 - 3 packets to udp(1434)
From 119.30.100.185 - 2 packets to tcp(23)
From 121.97.223.114 - 1 packet to udp(12342)
From 122.3.25.51 - 3 packets to udp(12342)
From 123.254.43.140 - 2 packets to udp(1434)
From 125.64.17.179 - 3 packets to udp(1434)
From 125.212.12.95 - 2 packets to udp(12342)
From 151.56.64.199 - 2 packets to udp(12342)
From 173.69.144.17 - 1 packet to udp(12342)
From 201.122.14.213 - 1 packet to udp(12342)
From 202.69.177.90 - 1 packet to udp(12342)
From 202.101.118.195 - 3 packets to tcp(81)
From 202.101.165.202 - 3 packets to udp(1434)
From 206.74.74.150 - 1 packet to udp(12342)
From 210.3.247.117 - 1 packet to udp(1434)
From 211.167.39.241 - 3 packets to tcp(1433)
From 216.81.36.194 - 3 packets to udp(12342)
From 218.9.148.118 - 2 packets to tcp(8080)
From 218.22.244.42 - 3 packets to udp(1434)
From 218.89.137.11 - 2 packets to udp(1434)
From 218.98.106.53 - 1 packet to udp(1434)
From 218.98.192.8 - 1 packet to udp(1434)
From 218.180.134.67 - 2 packets to udp(12342)
From 219.139.130.139 - 3 packets to udp(1434)
From 220.180.135.70 - 1 packet to udp(1434)
From 221.143.42.188 - 3 packets to tcp(1433)
From 222.73.204.130 - 3 packets to tcp(1433)

Logged 5 packets on interface eth1
From 10.88.113.87 - 5 packets to udp(5353)

---------------------- iptables firewall End -------------------------


--------------------- pam_unix Begin ------------------------

sshd:
Authentication Failures:
unknown (84-16-234-189.internetserviceteam.com): 4 Time(s)
Invalid Users:
Unknown Account: 4 Time(s)


---------------------- pam_unix End -------------------------


--------------------- SSHD Begin ------------------------


Illegal users from:
84.16.234.189 (84-16-234-189.internetserviceteam.com): 4 times


Received disconnect:
11: Bye Bye : 3 Time(s)

**Unmatched Entries**
pam_succeed_if(sshd:auth): error retrieving information about user grupo2 : 1 time(s)
pam_succeed_if(sshd:auth): error retrieving information about user estudiante : 3 time(s)

---------------------- SSHD End -------------------------




###################### Logwatch End #########################
 

Infopro

Well-Known Member
May 20, 2003
17,076
524
613
Pennsylvania
cPanel Access Level
Root Administrator
Twitter
You might want to upgrade your logwatch. http://www.logwatch.org/tabs/download/

It is not CSF logwatch.

In CSF you can disable packets if you like.

If your default port number for SSH is 22, you should dig up instructions to change that on the forums here.

That logwatch report is the bare minimum. "Detail Level of Output: 0"

You can set that higher in logwatch if you like.
http://www.logwatch.org/tabs/docs/logwatch.8.html#lbAE


Should i be concerned about any of this??
I don't see any real issues, no.