Linux vps-61133.fhnet.fr 4.9.0-19-amd64 #1 SMP Debian 4.9.320-2 (2022-06-30) x86_64
Apache/2.4.25 (Debian)
Server IP : 93.113.207.21 & Your IP : 216.73.216.112
Domains :
Cant Read [ /etc/named.conf ]
User : www-data
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
usr /
share /
logwatch /
scripts /
services /
Delete
Unzip
Name
Size
Permission
Date
Action
afpd
3.84
KB
-rwxr-xr-x
2017-01-21 17:44
amavis
176.48
KB
-rwxr-xr-x
2017-01-21 17:44
arpwatch
1.43
KB
-rwxr-xr-x
2017-01-21 17:44
audit
15.59
KB
-rwxr-xr-x
2017-01-21 17:44
automount
5.24
KB
-rwxr-xr-x
2017-01-21 17:44
autorpm
2.25
KB
-rwxr-xr-x
2017-01-21 17:44
barracuda
11.85
KB
-rwxr-xr-x
2017-01-21 17:44
bfd
2.2
KB
-rwxr-xr-x
2017-01-21 17:44
cisco
44.38
KB
-rwxr-xr-x
2016-07-26 19:43
citadel
58.58
KB
-rwxr-xr-x
2017-01-21 17:44
clam-update
6.93
KB
-rwxr-xr-x
2017-01-21 17:44
clamav
6.17
KB
-rwxr-xr-x
2017-01-21 17:44
clamav-milter
4.17
KB
-rwxr-xr-x
2017-01-21 17:44
courier
23.28
KB
-rwxr-xr-x
2017-01-21 17:44
cron
12.58
KB
-rwxr-xr-x
2017-01-21 17:44
denyhosts
1.75
KB
-rwxr-xr-x
2017-01-21 17:44
dhcpd
11
KB
-rwxr-xr-x
2017-01-21 17:44
dirsrv
4.85
KB
-rwxr-xr-x
2017-01-21 17:44
dnssec
4.99
KB
-rwxr-xr-x
2017-01-21 17:44
dovecot
24.72
KB
-rwxr-xr-x
2017-01-21 17:44
dpkg
3.21
KB
-rwxr-xr-x
2017-01-21 17:44
emerge
4.44
KB
-rwxr-xr-x
2017-01-21 17:44
evtapplication
5.92
KB
-rwxr-xr-x
2017-01-21 17:44
evtsecurity
12.7
KB
-rwxr-xr-x
2017-01-21 17:44
evtsystem
14.95
KB
-rwxr-xr-x
2017-01-21 17:44
exim
24.79
KB
-rwxr-xr-x
2017-01-21 17:44
eximstats
1.91
KB
-rwxr-xr-x
2017-01-21 17:44
extreme-networks
10.91
KB
-rwxr-xr-x
2017-01-21 17:44
fail2ban
9.98
KB
-rwxr-xr-x
2017-01-21 17:44
fetchmail
3.53
KB
-rwxr-xr-x
2017-01-21 17:44
freeradius
10.22
KB
-rwxr-xr-x
2017-01-21 17:44
ftpd-messages
7.67
KB
-rwxr-xr-x
2017-01-21 17:44
ftpd-xferlog
6.18
KB
-rwxr-xr-x
2017-01-21 17:44
http
23.73
KB
-rwxr-xr-x
2017-01-21 17:44
http-error
4.22
KB
-rwxr-xr-x
2016-07-26 19:43
identd
5.54
KB
-rwxr-xr-x
2017-01-21 17:44
imapd
11.15
KB
-rwxr-xr-x
2017-01-21 17:44
in.qpopper
4.84
KB
-rwxr-xr-x
2017-01-21 17:44
init
3.48
KB
-rwxr-xr-x
2017-01-21 17:44
ipop3d
4.08
KB
-rwxr-xr-x
2017-01-21 17:44
iptables
14.96
KB
-rwxr-xr-x
2017-01-21 17:44
kernel
10.56
KB
-rwxr-xr-x
2017-01-21 17:44
knockd
2.8
KB
-rwxr-xr-x
2017-01-21 17:44
lvm
3.12
KB
-rwxr-xr-x
2017-01-21 17:44
mailscanner
27.15
KB
-rwxr-xr-x
2017-01-21 17:44
mdadm
4.58
KB
-rwxr-xr-x
2017-01-21 17:44
mod_security2
7.82
KB
-rwxr-xr-x
2017-01-21 17:44
modprobe
4.17
KB
-rwxr-xr-x
2017-01-21 17:44
mountd
4.35
KB
-rwxr-xr-x
2017-01-21 17:44
mysql
4.52
KB
-rwxr-xr-x
2017-01-21 17:44
mysql-mmm
4.84
KB
-rwxr-xr-x
2017-01-21 17:44
named
31.26
KB
-rwxr-xr-x
2017-01-21 17:44
netopia
14.98
KB
-rwxr-xr-x
2017-01-21 17:44
netscreen
20.63
KB
-rwxr-xr-x
2017-01-21 17:44
oidentd
5.47
KB
-rwxr-xr-x
2017-01-21 17:44
omsa
2.59
KB
-rwxr-xr-x
2017-01-21 17:44
openvpn
13.68
KB
-rwxr-xr-x
2017-01-21 17:44
pam
1.86
KB
-rwxr-xr-x
2017-01-21 17:44
pam_pwdb
7.84
KB
-rwxr-xr-x
2017-01-21 17:44
pam_unix
16.03
KB
-rwxr-xr-x
2017-01-21 17:44
php
5.1
KB
-rwxr-xr-x
2017-01-21 17:44
pix
13.29
KB
-rwxr-xr-x
2017-01-21 17:44
pluto
11.97
KB
-rwxr-xr-x
2017-01-21 17:44
pop3
15.18
KB
-rwxr-xr-x
2017-01-21 17:44
portsentry
5
KB
-rwxr-xr-x
2017-01-21 17:44
postfix
241.59
KB
-rwxr-xr-x
2017-01-21 17:44
postgresql
5.39
KB
-rwxr-xr-x
2017-01-21 17:44
pound
3.52
KB
-rwxr-xr-x
2017-01-21 17:44
proftpd-messages
10.6
KB
-rwxr-xr-x
2017-01-21 17:44
puppet
10.37
KB
-rwxr-xr-x
2016-07-26 19:43
pureftpd
8.17
KB
-rwxr-xr-x
2017-01-21 17:44
qmail
5.73
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-pop3d
4.43
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-pop3ds
3.98
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-send
19.63
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-smtpd
56.05
KB
-rwxr-xr-x
2017-01-21 17:44
raid
1.73
KB
-rwxr-xr-x
2017-01-21 17:44
resolver
3.43
KB
-rwxr-xr-x
2017-01-21 17:44
rsnapshot
3.33
KB
-rwxr-xr-x
2017-01-21 17:44
rsyslogd
1.79
KB
-rwxr-xr-x
2016-07-26 19:43
rt314
4.43
KB
-rwxr-xr-x
2017-01-21 17:44
samba
25.63
KB
-rwxr-xr-x
2017-01-21 17:44
saslauthd
4.06
KB
-rwxr-xr-x
2017-01-21 17:44
scsi
3.34
KB
-rwxr-xr-x
2017-01-21 17:44
secure
41.04
KB
-rwxr-xr-x
2017-01-21 17:44
sendmail
92.27
KB
-rwxr-xr-x
2017-01-21 17:44
sendmail-largeboxes
2.51
KB
-rwxr-xr-x
2017-01-21 17:44
shaperd
5.64
KB
-rwxr-xr-x
2017-01-21 17:44
slon
4.61
KB
-rwxr-xr-x
2017-01-21 17:44
smartd
16.1
KB
-rwxr-xr-x
2017-01-21 17:44
sonicwall
25
KB
-rwxr-xr-x
2017-01-21 17:44
spamassassin
7.56
KB
-rwxr-xr-x
2016-07-26 19:43
sshd
30.98
KB
-rwxr-xr-x
2017-01-21 17:44
sshd2
2.02
KB
-rwxr-xr-x
2017-01-21 17:44
sssd
2.45
KB
-rwxr-xr-x
2017-01-21 17:44
stunnel
5.61
KB
-rwxr-xr-x
2016-07-26 19:43
sudo
6.01
KB
-rwxr-xr-x
2017-01-21 17:44
syslog-ng
20.61
KB
-rwxr-xr-x
2017-01-21 17:44
syslogd
1.98
KB
-rwxr-xr-x
2017-01-21 17:44
systemd
7.53
KB
-rwxr-xr-x
2017-01-21 17:44
tac_acc
4.12
KB
-rwxr-xr-x
2017-01-21 17:44
tivoli-smc
4.41
KB
-rwxr-xr-x
2016-07-26 19:43
up2date
4.79
KB
-rwxr-xr-x
2017-01-21 17:44
vdr
8.3
KB
-rwxr-xr-x
2017-01-21 17:44
vpopmail
3.48
KB
-rwxr-xr-x
2017-01-21 17:44
vsftpd
8.28
KB
-rwxr-xr-x
2017-01-21 17:44
windows
16.12
KB
-rwxr-xr-x
2017-01-21 17:44
xntpd
8.59
KB
-rwxr-xr-x
2017-01-21 17:44
yum
2.8
KB
-rwxr-xr-x
2017-01-21 17:44
zypp
2.48
KB
-rwxr-xr-x
2017-01-21 17:44
zz-disk_space
6.02
KB
-rwxr-xr-x
2017-01-21 17:44
zz-fortune
1.69
KB
-rwxr-xr-x
2017-01-21 17:44
zz-lm_sensors
1.82
KB
-rwxr-xr-x
2017-01-21 17:44
zz-network
12.79
KB
-rwxr-xr-x
2017-01-21 17:44
zz-runtime
1.66
KB
-rwxr-xr-x
2017-01-21 17:44
zz-sys
3.01
KB
-rwxr-xr-x
2017-01-21 17:44
zz-zfs
5.91
KB
-rwxr-xr-x
2017-01-21 17:44
Save
Rename
#!/usr/bin/perl ########################################################################## # freeradius logwatch filter # written by Jonas Marczona 28.12.2011 # ## Covered under the included MIT/X-Consortium License: ## http://www.opensource.org/licenses/mit-license.php ## All modifications and contributions by other persons to ## this script are assumed to have been donated to the ## Logwatch project and thus assume the above copyright ## and licensing terms. ########################################################################## $^W=1; use strict; my $Debug = $ENV{'LOGWATCH_DEBUG'} || 0; my $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0; my $DebugCounter = 0; if ( $Debug >= 5 ) { print STDERR "\n\nDEBUG: Inside freeradius Filter \n\n"; $DebugCounter = 1; } my %OtherList = (); my %loginsOk = (); my %wrongPassword = (); my %wrongUser = (); my %wrong_ip = (); my %invalidUser = (); my %discards = (); my %warnings = (); my %givingUps = (); my $killedChilds = 0; my $requests = 0; my $requests_duration = 0; my $ThisLine; while (defined($ThisLine = <STDIN>)) { if ( $Debug >= 5 ) { print STDERR "DEBUG($DebugCounter): $ThisLine"; $DebugCounter++; } chomp($ThisLine); if ( ( $ThisLine =~ /^F-TICKS/ ) || ( $ThisLine =~ /^Access-Request from/ ) || ( $ThisLine =~ /^ \.\.\. (?:closing|adding new) socket/ ) || ( $ThisLine =~ /^(?:SSL|TLS|rlm_(?:unix|eap|sql|radutmp)| TLS_accept| \[ldap\])/ ) || ( $ThisLine =~ /^Ready to process requests\.$/ ) || ( $ThisLine =~ /^Exiting normally\.$/ ) || ( $ThisLine =~ /^Loaded virtual server/ ) || ( $ThisLine =~ /^HUP - / ) || ( $ThisLine =~ /^Received HUP signal\.$/ ) || ( $ThisLine =~ /^ ?Module: Reloaded module/ ) ) { # ignore } # TD: Login OK: [user@example.com] (from client radius port 0) # TD: Login OK: [user@example.com] (from client radius port 9 cli 00-11-22-33-44-AA;eduroam via TLS tunnel) elsif ( my ($user) = ($ThisLine =~ m/^(?:Auth: )?Login OK: \[(.+)\] \(from client [^ ]* port \d{1,10}(?: cli [-0-9a-fA-F.:]+)?(?:;\w+)?(?: via TLS tunnel)?\)/) ) { $loginsOk{$user}++; } # TD: Login incorrect ( [ldap] User not found): [user@example.com] (from client radius port 13 cli 38-16-dd-aa-bb-cc via TLS tunnel) # TD: Login incorrect (mschap: External script says Logon failure (0xc000006d)): [user@example.com] (from client radius port 13 cli aa-bb-cc-11-22-33 via TLS tunnel) # TD: Login incorrect (TLS Alert write:fatal:handshake failure): [user@example.com] (from client radius port 13 cli aa-bb-cc-11-22-33) # TD: elsif ( my ($user, $ip) = ( $ThisLine =~ m/^(?:Auth: )?Login incorrect(?: \(.+\))?: \[(.*)\] \(from client [^ ]* port \d{1,10}(?: cli ([-0-9a-fA-F.:]+)(?:;\w+)?)?(?: via TLS tunnel)?\)/) ) { if (! $ip) { $ip = "*not named*"; } $wrongUser{$ip}{$user}++; $wrong_ip{$ip}++; } # TD: Login incorrect: [user@example.com] (from client radius port 175143 cli cc08.e051.a240) # TD: Login incorrect: [user@example.com] (from client radius1 port 0) elsif ( my ($user, $ip) = ($ThisLine =~ m/^(?:Auth: )?Login incorrect: \[(.+)\] \(from client [^ ]* port \d{1,10}(?: cli ([-0-9a-fA-F.:]+))?(?: via TLS tunnel)?\)/) ) { if (! $ip) { $ip = "*not named*"; } $wrongPassword{$ip}{$user}++; $wrong_ip{$ip}++; } # TD: Invalid user ( [ldap] Access Attribute denies access): [user@example.com] (from client radius port 13 cli aa-bb-cc-dd-ee-11 via TLS tunnel) # TD: Invalid user: [user@example.com] (from client <host> port 13 cli aa-bb-cc-dd-ee-11) elsif ( my ($reason, $user, $ip) = ($ThisLine =~ m/^(?:Auth: )?Invalid user(?: \(\s*(.+)\))?: \[(.+)\] \(from client [^ ]* port \d{1,10}(?: cli ([-0-9a-fA-F.:]+))?(?: via TLS tunnel)?\)/) ) { if (! $ip) { $ip = "*not named*"; } if (! $reason) { $reason = "*no reason*"; } $invalidUser{$reason}{$user}++; } # TD: Discarding duplicate request from client <host> port 47609 - ID: 182 due to unfinished request 12713766 # TD: Discarding conflicting packet from client <host> port 42221 - ID: 85 due to recent request 9008535. elsif ( my ($reason, $client) = ($ThisLine =~ /Discarding (duplicate request|conflicting packet) from client (\S+) port \d+ - ID: \d+ due to (unfinished|recent) request/) ) { $discards{$reason}{$client}++; } # TD: Received conflicting packet from client radius2 port 60612 - ID: 30 due to unfinished request 1136681. Giving up on old request. elsif ( my ($client) = ($ThisLine =~ /Received conflicting packet from client ([^ ]+) port \d{1,10} - ID: \d+ due to unfinished request \d+/) ) { $givingUps{$client}++; } # TD: Child PID 57436 is taking too much time: forcing failure and killing child. elsif ( $ThisLine =~ m/Child PID \d+ is taking too much time: forcing failure and killing child/ ) { $killedChilds++; } # TD: Request 67678577 has been waiting in the processing queue for 378 seconds. Check that all databases are running properly! elsif ($ThisLine =~ m/^Request \d+ has been waiting in the processing queue for (\d+) seconds/) { $requests++; $requests_duration += $1; } # TD: WARNING: Unresponsive child for request 4737598, in component accounting module unix # TD: WARNING: Child is hung for request 4737598 in component accounting module unix. elsif ( $ThisLine =~ m/^WARNING: (Unresponsive child|Child is hung) for request \d+,? in component ([<>\w]+) module ?([<>\w]*)/ ) { $warnings{"$1 in component:"}{"$2 [module: $3]"}++; } # TD: WARNING: Allowing fast client radius2 port 60612 - ID: 102 for recent request 9035637. elsif ( $ThisLine =~ m/^WARNING: (Allowing fast client) ([^ ]+) port \d{1,10} - ID: \d+/ ) { $warnings{"${1}s:"}{$2}++; } else { # Report any unmatched entries... $OtherList{$ThisLine}++; } } ################################# # Output section ################################ if ($requests > 0) { printf "Long running requests: Check that all databases are running properly!\n"; printf " %-40s : %5d\n", 'Long running requests', $requests; printf " %-40s : %5d s\n", 'avg queue time per long running request', $requests_duration / $requests; print "\n"; } sub compPerIp { return $wrong_ip{$b} <=> $wrong_ip{$a}; } if (keys %loginsOk) { if ($Detail >= 10) { print "\nSuccessful logins:\n"; foreach my $user (sort {$loginsOk{$b} <=> $loginsOk{$a}} keys %loginsOk) { printf " %-40s : %5d time(s)\n", $user, $loginsOk{$user}; } } elsif ($Detail >= 6) { my $loginsOkSum = 0; foreach my $user (keys %loginsOk) { $loginsOkSum += $loginsOk{$user}; } printf "\n%-42s : %5d time(s)\n", "Successful logins", $loginsOkSum; } } if ($Detail >= 8) { if (keys %wrong_ip) { print "\nSum of failed logins per ip (wrong password or user)\n"; foreach my $ip (sort compPerIp keys %wrong_ip) { printf " %-40s : %5d time(s)\n", $ip, $wrong_ip{$ip}; } } } if (keys %wrongUser) { if ($Detail >= 6) { print "\nFailed logins - wrong user name:\n"; foreach my $ip (sort compPerIp keys %wrongUser) { printf " %-40s\n", $ip; my $users = $wrongUser{$ip}; foreach my $user (sort {$users->{$b} <=> $users->{$a}} keys %$users) { printf " %-38s : %5d time(s)\n", $user, $users->{$user}; } } } else { my $userSum = 0; foreach my $ip (keys %wrongUser) { my $users = $wrongUser{$ip}; foreach my $user (keys %$users) { $userSum += $users->{$user}; } } printf "\n%-42s : %5d time(s)\n", "Failed logins - wrong user name", $userSum; } } if (keys %wrongPassword) { if ($Detail >= 6) { print "\nFailed logins - wrong password:\n"; foreach my $ip (sort compPerIp keys %wrongPassword) { my $users = $wrongPassword{$ip}; printf " %-40s\n", $ip ; foreach my $user (sort {$users->{$b} <=> $users->{$a}} keys %$users) { #print " $user ", $users->{$user}, " time(s)\n"; printf " %-38s : %5d time(s)\n", $user, $users->{$user}; } } } else { my $wrongPasswordSum = 0; foreach my $ip (%wrongPassword) { my $users = $wrongPassword{$ip}; foreach my $user (keys %$users) { $wrongPasswordSum += $users->{$user}; } } printf "\n%-42s : %5d time(s)\n", "Failed logins - wrong password", $wrongPasswordSum; } } if (keys %invalidUser) { if ($Detail >= 6) { print "\nInvalid User:\n"; foreach my $reason (keys %invalidUser) { my $users = $invalidUser{$reason}; printf " %-40s\n", $reason; foreach my $user (sort {$users->{$b} <=> $users->{$a}} keys %$users) { printf " %-38s : %5d time(s)\n", $user, $users->{$user}; } } } else { my $invalidUserSum = 0; foreach my $reason (keys %invalidUser) { my $users = $invalidUser{$reason}; foreach my $user (keys %$users) { $invalidUserSum += $users->{$user}; } } printf "\n%-42s : %5d time(s)\n", "Invalid Users", $invalidUserSum; } } if (keys %discards) { print "\nDiscards:\n"; foreach my $reason (keys %discards) { my $clients = $discards{$reason}; printf " %-40s\n", $reason; foreach my $client (keys %$clients) { printf " %-38s : %5d time(s)\n", $client, $clients->{$client}; } } } if (keys %givingUps) { print "\nGiving up on old requests:\n"; foreach my $client (keys %givingUps) { printf " %-40s : %5d time(s)\n", $client, $givingUps{$client}; } } if ($killedChilds) { printf "\n%-42s : %5d time(s)\n", "Killed Childs (taking too much time)", $killedChilds; } if (%warnings) { print "\nWarnings:\n"; foreach my $warning (keys %warnings) { my $components = $warnings{$warning}; printf " %-40s\n", $warning; foreach my $component (keys %$components) { printf " %-38s : %5d time(s)\n", $component, $components->{$component}; } } } if (keys %OtherList) { print "\n**** Unmatched entries ****\n"; foreach (keys %OtherList) { print " $_ : $OtherList{$_} Time(s)\n"; } } exit(0); # vi: shiftwidth=3 tabstop=3 syntax=perl et