Linux vps-61133.fhnet.fr 4.9.0-19-amd64 #1 SMP Debian 4.9.320-2 (2022-06-30) x86_64
Apache/2.4.25 (Debian)
Server IP : 93.113.207.21 & Your IP : 216.73.216.112
Domains :
Cant Read [ /etc/named.conf ]
User : www-data
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
usr /
share /
logwatch /
scripts /
services /
Delete
Unzip
Name
Size
Permission
Date
Action
afpd
3.84
KB
-rwxr-xr-x
2017-01-21 17:44
amavis
176.48
KB
-rwxr-xr-x
2017-01-21 17:44
arpwatch
1.43
KB
-rwxr-xr-x
2017-01-21 17:44
audit
15.59
KB
-rwxr-xr-x
2017-01-21 17:44
automount
5.24
KB
-rwxr-xr-x
2017-01-21 17:44
autorpm
2.25
KB
-rwxr-xr-x
2017-01-21 17:44
barracuda
11.85
KB
-rwxr-xr-x
2017-01-21 17:44
bfd
2.2
KB
-rwxr-xr-x
2017-01-21 17:44
cisco
44.38
KB
-rwxr-xr-x
2016-07-26 19:43
citadel
58.58
KB
-rwxr-xr-x
2017-01-21 17:44
clam-update
6.93
KB
-rwxr-xr-x
2017-01-21 17:44
clamav
6.17
KB
-rwxr-xr-x
2017-01-21 17:44
clamav-milter
4.17
KB
-rwxr-xr-x
2017-01-21 17:44
courier
23.28
KB
-rwxr-xr-x
2017-01-21 17:44
cron
12.58
KB
-rwxr-xr-x
2017-01-21 17:44
denyhosts
1.75
KB
-rwxr-xr-x
2017-01-21 17:44
dhcpd
11
KB
-rwxr-xr-x
2017-01-21 17:44
dirsrv
4.85
KB
-rwxr-xr-x
2017-01-21 17:44
dnssec
4.99
KB
-rwxr-xr-x
2017-01-21 17:44
dovecot
24.72
KB
-rwxr-xr-x
2017-01-21 17:44
dpkg
3.21
KB
-rwxr-xr-x
2017-01-21 17:44
emerge
4.44
KB
-rwxr-xr-x
2017-01-21 17:44
evtapplication
5.92
KB
-rwxr-xr-x
2017-01-21 17:44
evtsecurity
12.7
KB
-rwxr-xr-x
2017-01-21 17:44
evtsystem
14.95
KB
-rwxr-xr-x
2017-01-21 17:44
exim
24.79
KB
-rwxr-xr-x
2017-01-21 17:44
eximstats
1.91
KB
-rwxr-xr-x
2017-01-21 17:44
extreme-networks
10.91
KB
-rwxr-xr-x
2017-01-21 17:44
fail2ban
9.98
KB
-rwxr-xr-x
2017-01-21 17:44
fetchmail
3.53
KB
-rwxr-xr-x
2017-01-21 17:44
freeradius
10.22
KB
-rwxr-xr-x
2017-01-21 17:44
ftpd-messages
7.67
KB
-rwxr-xr-x
2017-01-21 17:44
ftpd-xferlog
6.18
KB
-rwxr-xr-x
2017-01-21 17:44
http
23.73
KB
-rwxr-xr-x
2017-01-21 17:44
http-error
4.22
KB
-rwxr-xr-x
2016-07-26 19:43
identd
5.54
KB
-rwxr-xr-x
2017-01-21 17:44
imapd
11.15
KB
-rwxr-xr-x
2017-01-21 17:44
in.qpopper
4.84
KB
-rwxr-xr-x
2017-01-21 17:44
init
3.48
KB
-rwxr-xr-x
2017-01-21 17:44
ipop3d
4.08
KB
-rwxr-xr-x
2017-01-21 17:44
iptables
14.96
KB
-rwxr-xr-x
2017-01-21 17:44
kernel
10.56
KB
-rwxr-xr-x
2017-01-21 17:44
knockd
2.8
KB
-rwxr-xr-x
2017-01-21 17:44
lvm
3.12
KB
-rwxr-xr-x
2017-01-21 17:44
mailscanner
27.15
KB
-rwxr-xr-x
2017-01-21 17:44
mdadm
4.58
KB
-rwxr-xr-x
2017-01-21 17:44
mod_security2
7.82
KB
-rwxr-xr-x
2017-01-21 17:44
modprobe
4.17
KB
-rwxr-xr-x
2017-01-21 17:44
mountd
4.35
KB
-rwxr-xr-x
2017-01-21 17:44
mysql
4.52
KB
-rwxr-xr-x
2017-01-21 17:44
mysql-mmm
4.84
KB
-rwxr-xr-x
2017-01-21 17:44
named
31.26
KB
-rwxr-xr-x
2017-01-21 17:44
netopia
14.98
KB
-rwxr-xr-x
2017-01-21 17:44
netscreen
20.63
KB
-rwxr-xr-x
2017-01-21 17:44
oidentd
5.47
KB
-rwxr-xr-x
2017-01-21 17:44
omsa
2.59
KB
-rwxr-xr-x
2017-01-21 17:44
openvpn
13.68
KB
-rwxr-xr-x
2017-01-21 17:44
pam
1.86
KB
-rwxr-xr-x
2017-01-21 17:44
pam_pwdb
7.84
KB
-rwxr-xr-x
2017-01-21 17:44
pam_unix
16.03
KB
-rwxr-xr-x
2017-01-21 17:44
php
5.1
KB
-rwxr-xr-x
2017-01-21 17:44
pix
13.29
KB
-rwxr-xr-x
2017-01-21 17:44
pluto
11.97
KB
-rwxr-xr-x
2017-01-21 17:44
pop3
15.18
KB
-rwxr-xr-x
2017-01-21 17:44
portsentry
5
KB
-rwxr-xr-x
2017-01-21 17:44
postfix
241.59
KB
-rwxr-xr-x
2017-01-21 17:44
postgresql
5.39
KB
-rwxr-xr-x
2017-01-21 17:44
pound
3.52
KB
-rwxr-xr-x
2017-01-21 17:44
proftpd-messages
10.6
KB
-rwxr-xr-x
2017-01-21 17:44
puppet
10.37
KB
-rwxr-xr-x
2016-07-26 19:43
pureftpd
8.17
KB
-rwxr-xr-x
2017-01-21 17:44
qmail
5.73
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-pop3d
4.43
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-pop3ds
3.98
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-send
19.63
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-smtpd
56.05
KB
-rwxr-xr-x
2017-01-21 17:44
raid
1.73
KB
-rwxr-xr-x
2017-01-21 17:44
resolver
3.43
KB
-rwxr-xr-x
2017-01-21 17:44
rsnapshot
3.33
KB
-rwxr-xr-x
2017-01-21 17:44
rsyslogd
1.79
KB
-rwxr-xr-x
2016-07-26 19:43
rt314
4.43
KB
-rwxr-xr-x
2017-01-21 17:44
samba
25.63
KB
-rwxr-xr-x
2017-01-21 17:44
saslauthd
4.06
KB
-rwxr-xr-x
2017-01-21 17:44
scsi
3.34
KB
-rwxr-xr-x
2017-01-21 17:44
secure
41.04
KB
-rwxr-xr-x
2017-01-21 17:44
sendmail
92.27
KB
-rwxr-xr-x
2017-01-21 17:44
sendmail-largeboxes
2.51
KB
-rwxr-xr-x
2017-01-21 17:44
shaperd
5.64
KB
-rwxr-xr-x
2017-01-21 17:44
slon
4.61
KB
-rwxr-xr-x
2017-01-21 17:44
smartd
16.1
KB
-rwxr-xr-x
2017-01-21 17:44
sonicwall
25
KB
-rwxr-xr-x
2017-01-21 17:44
spamassassin
7.56
KB
-rwxr-xr-x
2016-07-26 19:43
sshd
30.98
KB
-rwxr-xr-x
2017-01-21 17:44
sshd2
2.02
KB
-rwxr-xr-x
2017-01-21 17:44
sssd
2.45
KB
-rwxr-xr-x
2017-01-21 17:44
stunnel
5.61
KB
-rwxr-xr-x
2016-07-26 19:43
sudo
6.01
KB
-rwxr-xr-x
2017-01-21 17:44
syslog-ng
20.61
KB
-rwxr-xr-x
2017-01-21 17:44
syslogd
1.98
KB
-rwxr-xr-x
2017-01-21 17:44
systemd
7.53
KB
-rwxr-xr-x
2017-01-21 17:44
tac_acc
4.12
KB
-rwxr-xr-x
2017-01-21 17:44
tivoli-smc
4.41
KB
-rwxr-xr-x
2016-07-26 19:43
up2date
4.79
KB
-rwxr-xr-x
2017-01-21 17:44
vdr
8.3
KB
-rwxr-xr-x
2017-01-21 17:44
vpopmail
3.48
KB
-rwxr-xr-x
2017-01-21 17:44
vsftpd
8.28
KB
-rwxr-xr-x
2017-01-21 17:44
windows
16.12
KB
-rwxr-xr-x
2017-01-21 17:44
xntpd
8.59
KB
-rwxr-xr-x
2017-01-21 17:44
yum
2.8
KB
-rwxr-xr-x
2017-01-21 17:44
zypp
2.48
KB
-rwxr-xr-x
2017-01-21 17:44
zz-disk_space
6.02
KB
-rwxr-xr-x
2017-01-21 17:44
zz-fortune
1.69
KB
-rwxr-xr-x
2017-01-21 17:44
zz-lm_sensors
1.82
KB
-rwxr-xr-x
2017-01-21 17:44
zz-network
12.79
KB
-rwxr-xr-x
2017-01-21 17:44
zz-runtime
1.66
KB
-rwxr-xr-x
2017-01-21 17:44
zz-sys
3.01
KB
-rwxr-xr-x
2017-01-21 17:44
zz-zfs
5.91
KB
-rwxr-xr-x
2017-01-21 17:44
Save
Rename
#!/usr/bin/perl ########################################################################## # $Id$ ########################################################################## ##################################################### ## Copyright (c) 2008 Kirk Bauer ## Covered under the included MIT/X-Consortium License: ## http://www.opensource.org/licenses/mit-license.php ## All modifications and contributions by other persons to ## this script are assumed to have been donated to the ## Logwatch project and thus assume the above copyright ## and licensing terms. If you want to make contributions ## under your own copyright or a different license this ## must be explicitly stated in the contribution an the ## Logwatch project reserves the right to not accept such ## contributions. If you have made significant ## contributions to this script and want to claim ## copyright please contact logwatch-devel@lists.sourceforge.net. ######################################################### # NOTE: This script is for older (6.X era) Red Hat boxes $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0; while (defined($ThisLine = <STDIN>)) { if ( ( $ThisLine =~ /(.*) session closed for user .*$/ ) or ( $ThisLine =~ /^Logout user .* host .*$/ ) or ( $ThisLine =~ /^log: Password authentication/ ) or # apparently SSHD messages ( $ThisLine =~ /^log: Closing connection/ ) or # apparently SSHD messages ( $ThisLine =~ /^check pass; user unknown/ ) or ( $ThisLine =~ /^User account has expired/ ) or # This one is caught below (2-line message) ( $ThisLine =~ /^get passwd; pwdb: structure is no longer valid$/) or ( $ThisLine =~ /^fatal: Read error from remote host: Connection reset by peer$/) or ( $ThisLine =~ /^new password not acceptable$/ ) or ( $ThisLine =~ /^FTP session closed$/) or ( $ThisLine =~ /^FTP LOGIN REFUSED/) or ( $ThisLine =~ /^FAILED LOGIN SESSION FROM \S+ FOR , Error in service module/) or ( $ThisLine =~ /^FTP LOGIN FROM/ ) # I will let ftpd handle FTP messages.... ) { # We don't care about these } elsif ( $ThisLine =~ /password for \(.*\) changed by \(.*\)$/ ) { chomp($ThisLine); push @PWChanges, $ThisLine; } elsif ( ($RemoteHost,$User) = ( $ThisLine =~ /^failed login from ([^ ]+) \[.*\], ([^ ]+)$/) or ($RemoteHost,$User) = ( $ThisLine =~ /^Login failure user=(\S+) host=([^ ]+)$/) ) { chomp ($User); push @{$FailedLogins{$RemoteHost}}, $User; } elsif ( $ThisLine =~ s/auth could not identify password for \[([^ ]+)\]$/$1/ ) { chomp ($ThisLine); $CouldNotIDPW{$ThisLine}++; } elsif ( $ThisLine =~ s/^expiry check failed for \'([^ ]+)\'/$1/ ) { # user account expired? chomp($ThisLine); push @Expired, $ThisLine; } elsif ( $ThisLine =~ s/bad username \[(.*)\]$/$1/ ) { chomp($ThisLine); push @BadName, $ThisLine; } elsif ( ($StartName,$StartUID,$EndName,$ServiceName) = ( $ThisLine =~ m/authentication failure.*; ([^ ]*)\(uid=(\d+)\) -> ([^ ]+) for ([^ ]+) service$/ ) ) { $StartName = " " if (!$StartName); $ThisKey = $StartName . "(uid=" . $StartUID . ") -> " . $EndName; $AuthFailures{$ThisKey}{$ServiceName}++; } elsif ( ($Num,$StartName,$StartUID,$EndName,$ServiceName) = ( $ThisLine =~ m/^(\d+) authentication failure.*; ([^ ]*)\(uid=(\d+)\) -> ([^ ]+) for ([^ ]+) service$/ ) ) { $StartName = " " if (!$StartName); $ThisKey = $StartName . "(uid=" . $StartUID . ") -> " . $EndName; $AuthFailures{$ThisKey}{$ServiceName}+=$Num; } elsif ( ($ThisKey,$ServiceName) = ( $ThisLine =~ /([^ ]+) authentication failed for ([^ ]+)$/ ) ) { chomp($ThisKey); chomp($ServiceName); $AuthFailures{$ThisKey}{$ServiceName}++; } elsif ( ($RemoteHost, $User) = ( $ThisLine =~ m/^FAILED LOGIN .* FROM ([^ ]+) FOR (.+), .*$/ ) ) { push @{$FailedLogins{$RemoteHost}}, $User; } elsif ( $ThisLine =~ s/^ROOT LOGIN ON ([^ ]+)/$1/ ) { chomp ($ThisLine); $RootLogins{$ThisLine}++; } elsif ( ($User,$From) = ( $ThisLine =~ /^LOGIN ON [^ ]+ BY ([^ ]+) FROM ([^ ]+)$/ ) or ($User,$From) = ( $ThisLine =~ /^Login user=([^ ]+) host=([^ ]+)$/ ) ) { chomp ($From); ${$RemoteLogins{$User}}{$From}++; } elsif ( $ThisLine =~ s/^LOGIN ON [^ ]+ BY ([^ ]+$)/$1/ ) { chomp ($ThisLine); $LocalLogins{$ThisLine}++; } elsif ( ($ServiceName,$StartName,$StartUID,$EndName) = ( $ThisLine =~ m/([^ ]+)\[[0-9]+\]:\s+authentication\s+failure;\s*logname=([^ ]+)\s+uid=([^ ]+).*user=([^ ]+)/ ) ) { $StartName = " " if (!$StartName); $ThisKey = $StartName . "(uid=" . $StartUID . ") -> " . $EndName; $AuthFailures{$ThisKey}{$ServiceName}++; } elsif ( ($Service, $User, $Orig) = ( $ThisLine =~ /^\((.*)\) session opened for user ([^ ]+) by (.*\(uid=.*\))/ ) ) { if (( $Service eq "su" ) and ($Orig =~ /[^ ]+\(uid=.*\)$/)) { $Temp = " " . $Orig . " -> " . $User; $SUList{$Temp}++; } else { ${$OpenedSessions{$Service}}{$User}++; } } else { # Report any unmatched entries... chomp($ThisLine); $OtherList{$ThisLine}++; } } if (keys %SUList) { print "\nSU Sessions:\n"; foreach $SU (keys %SUList) { print " " . $SU . " - " . $SUList{$SU} . " Time(s)\n"; } } if (($Detail >= 10) and (keys %CouldNotIDPW)) { print "\nCould not identify password for:\n"; foreach $User (keys %CouldNotIDPW) { print " " . $User . " - " . $CouldNotIDPW{$User} . " Time(s)\n"; } } if (@PWChanges) { print "\nPassword Changes:\n"; foreach $Change (@PWChanges) { print " " . $Change . "\n"; } } if (($Detail >= 5) and (@BadName)) { print "\nBad Usernames Received:\n"; foreach $User (@BadName) { print " " . $User . "\n"; } } if (@Expired) { print "\nExpired User Accounts:\n"; foreach $User (@Expired) { print " " . $User . "\n"; } } if (keys %OpenedSessions) { print "\nOpened Sessions:\n"; foreach $Service (keys %OpenedSessions) { print " Service: " . $Service . "\n"; foreach $User (keys %{$OpenedSessions{$Service}}) { print " User " . $User . " - " . ${$OpenedSessions{$Service}}{$User} . " Time(s)\n"; } } } if (keys %RemoteLogins) { print "\nRemote Logins:\n"; foreach $User (keys %RemoteLogins) { print " User " . $User . ":\n"; foreach $Remote (keys %{$RemoteLogins{$User}} ) { print " Remote Host " . $Remote . " - " . ${$RemoteLogins{$User}}{$Remote} . " Time(s)\n"; } } } if (keys %LocalLogins) { print "\nLocal Logins:\n"; foreach $User (keys %LocalLogins) { print " " . $User . " - " . $LocalLogins{$User} . " Time(s)\n"; } } if (keys %RootLogins) { print "\nRoot Logins:\n"; foreach $tty (keys %RootLogins) { print " " . $tty . ": " . $RootLogins{$tty} . " time(s)\n"; } } if (($Detail >= 5) and (keys %AuthFailures)) { print "\nAuthentication Failures:\n"; foreach $Users (keys %AuthFailures) { print " " . $Users . "\n"; foreach $Service (keys %{$AuthFailures{$Users}}) { print " Service: " . $Service . ": " . ${$AuthFailures{$Users}}{$Service} . " time(s)\n"; } } } if (($Detail >= 5) and (keys %FailedLogins)) { print "\nLogin Failures:\n"; foreach $RemoteHost (keys %FailedLogins) { print " " . $RemoteHost . ": "; foreach $User ( @{$FailedLogins{$RemoteHost}} ) { print $User . ", "; } print "\n"; } } if (keys %OtherList) { print "\n**Unmatched Entries**\n"; foreach $line (sort {$a cmp $b} keys %OtherList) { print "$line: $OtherList{$line} Time(s)\n"; } } exit(0); # vi: shiftwidth=3 tabstop=3 syntax=perl et # Local Variables: # mode: perl # perl-indent-level: 3 # indent-tabs-mode: nil # End: