Linux vps-61133.fhnet.fr 4.9.0-19-amd64 #1 SMP Debian 4.9.320-2 (2022-06-30) x86_64
Apache/2.4.25 (Debian)
Server IP : 93.113.207.21 & Your IP : 216.73.216.41
Domains :
Cant Read [ /etc/named.conf ]
User : www-data
Terminal
Auto Root
Create File
Create Folder
Localroot Suggester
Backdoor Destroyer
Readme
/
usr /
share /
logwatch /
scripts /
services /
Delete
Unzip
Name
Size
Permission
Date
Action
afpd
3.84
KB
-rwxr-xr-x
2017-01-21 17:44
amavis
176.48
KB
-rwxr-xr-x
2017-01-21 17:44
arpwatch
1.43
KB
-rwxr-xr-x
2017-01-21 17:44
audit
15.59
KB
-rwxr-xr-x
2017-01-21 17:44
automount
5.24
KB
-rwxr-xr-x
2017-01-21 17:44
autorpm
2.25
KB
-rwxr-xr-x
2017-01-21 17:44
barracuda
11.85
KB
-rwxr-xr-x
2017-01-21 17:44
bfd
2.2
KB
-rwxr-xr-x
2017-01-21 17:44
cisco
44.38
KB
-rwxr-xr-x
2016-07-26 19:43
citadel
58.58
KB
-rwxr-xr-x
2017-01-21 17:44
clam-update
6.93
KB
-rwxr-xr-x
2017-01-21 17:44
clamav
6.17
KB
-rwxr-xr-x
2017-01-21 17:44
clamav-milter
4.17
KB
-rwxr-xr-x
2017-01-21 17:44
courier
23.28
KB
-rwxr-xr-x
2017-01-21 17:44
cron
12.58
KB
-rwxr-xr-x
2017-01-21 17:44
denyhosts
1.75
KB
-rwxr-xr-x
2017-01-21 17:44
dhcpd
11
KB
-rwxr-xr-x
2017-01-21 17:44
dirsrv
4.85
KB
-rwxr-xr-x
2017-01-21 17:44
dnssec
4.99
KB
-rwxr-xr-x
2017-01-21 17:44
dovecot
24.72
KB
-rwxr-xr-x
2017-01-21 17:44
dpkg
3.21
KB
-rwxr-xr-x
2017-01-21 17:44
emerge
4.44
KB
-rwxr-xr-x
2017-01-21 17:44
evtapplication
5.92
KB
-rwxr-xr-x
2017-01-21 17:44
evtsecurity
12.7
KB
-rwxr-xr-x
2017-01-21 17:44
evtsystem
14.95
KB
-rwxr-xr-x
2017-01-21 17:44
exim
24.79
KB
-rwxr-xr-x
2017-01-21 17:44
eximstats
1.91
KB
-rwxr-xr-x
2017-01-21 17:44
extreme-networks
10.91
KB
-rwxr-xr-x
2017-01-21 17:44
fail2ban
9.98
KB
-rwxr-xr-x
2017-01-21 17:44
fetchmail
3.53
KB
-rwxr-xr-x
2017-01-21 17:44
freeradius
10.22
KB
-rwxr-xr-x
2017-01-21 17:44
ftpd-messages
7.67
KB
-rwxr-xr-x
2017-01-21 17:44
ftpd-xferlog
6.18
KB
-rwxr-xr-x
2017-01-21 17:44
http
23.73
KB
-rwxr-xr-x
2017-01-21 17:44
http-error
4.22
KB
-rwxr-xr-x
2016-07-26 19:43
identd
5.54
KB
-rwxr-xr-x
2017-01-21 17:44
imapd
11.15
KB
-rwxr-xr-x
2017-01-21 17:44
in.qpopper
4.84
KB
-rwxr-xr-x
2017-01-21 17:44
init
3.48
KB
-rwxr-xr-x
2017-01-21 17:44
ipop3d
4.08
KB
-rwxr-xr-x
2017-01-21 17:44
iptables
14.96
KB
-rwxr-xr-x
2017-01-21 17:44
kernel
10.56
KB
-rwxr-xr-x
2017-01-21 17:44
knockd
2.8
KB
-rwxr-xr-x
2017-01-21 17:44
lvm
3.12
KB
-rwxr-xr-x
2017-01-21 17:44
mailscanner
27.15
KB
-rwxr-xr-x
2017-01-21 17:44
mdadm
4.58
KB
-rwxr-xr-x
2017-01-21 17:44
mod_security2
7.82
KB
-rwxr-xr-x
2017-01-21 17:44
modprobe
4.17
KB
-rwxr-xr-x
2017-01-21 17:44
mountd
4.35
KB
-rwxr-xr-x
2017-01-21 17:44
mysql
4.52
KB
-rwxr-xr-x
2017-01-21 17:44
mysql-mmm
4.84
KB
-rwxr-xr-x
2017-01-21 17:44
named
31.26
KB
-rwxr-xr-x
2017-01-21 17:44
netopia
14.98
KB
-rwxr-xr-x
2017-01-21 17:44
netscreen
20.63
KB
-rwxr-xr-x
2017-01-21 17:44
oidentd
5.47
KB
-rwxr-xr-x
2017-01-21 17:44
omsa
2.59
KB
-rwxr-xr-x
2017-01-21 17:44
openvpn
13.68
KB
-rwxr-xr-x
2017-01-21 17:44
pam
1.86
KB
-rwxr-xr-x
2017-01-21 17:44
pam_pwdb
7.84
KB
-rwxr-xr-x
2017-01-21 17:44
pam_unix
16.03
KB
-rwxr-xr-x
2017-01-21 17:44
php
5.1
KB
-rwxr-xr-x
2017-01-21 17:44
pix
13.29
KB
-rwxr-xr-x
2017-01-21 17:44
pluto
11.97
KB
-rwxr-xr-x
2017-01-21 17:44
pop3
15.18
KB
-rwxr-xr-x
2017-01-21 17:44
portsentry
5
KB
-rwxr-xr-x
2017-01-21 17:44
postfix
241.59
KB
-rwxr-xr-x
2017-01-21 17:44
postgresql
5.39
KB
-rwxr-xr-x
2017-01-21 17:44
pound
3.52
KB
-rwxr-xr-x
2017-01-21 17:44
proftpd-messages
10.6
KB
-rwxr-xr-x
2017-01-21 17:44
puppet
10.37
KB
-rwxr-xr-x
2016-07-26 19:43
pureftpd
8.17
KB
-rwxr-xr-x
2017-01-21 17:44
qmail
5.73
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-pop3d
4.43
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-pop3ds
3.98
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-send
19.63
KB
-rwxr-xr-x
2017-01-21 17:44
qmail-smtpd
56.05
KB
-rwxr-xr-x
2017-01-21 17:44
raid
1.73
KB
-rwxr-xr-x
2017-01-21 17:44
resolver
3.43
KB
-rwxr-xr-x
2017-01-21 17:44
rsnapshot
3.33
KB
-rwxr-xr-x
2017-01-21 17:44
rsyslogd
1.79
KB
-rwxr-xr-x
2016-07-26 19:43
rt314
4.43
KB
-rwxr-xr-x
2017-01-21 17:44
samba
25.63
KB
-rwxr-xr-x
2017-01-21 17:44
saslauthd
4.06
KB
-rwxr-xr-x
2017-01-21 17:44
scsi
3.34
KB
-rwxr-xr-x
2017-01-21 17:44
secure
41.04
KB
-rwxr-xr-x
2017-01-21 17:44
sendmail
92.27
KB
-rwxr-xr-x
2017-01-21 17:44
sendmail-largeboxes
2.51
KB
-rwxr-xr-x
2017-01-21 17:44
shaperd
5.64
KB
-rwxr-xr-x
2017-01-21 17:44
slon
4.61
KB
-rwxr-xr-x
2017-01-21 17:44
smartd
16.1
KB
-rwxr-xr-x
2017-01-21 17:44
sonicwall
25
KB
-rwxr-xr-x
2017-01-21 17:44
spamassassin
7.56
KB
-rwxr-xr-x
2016-07-26 19:43
sshd
30.98
KB
-rwxr-xr-x
2017-01-21 17:44
sshd2
2.02
KB
-rwxr-xr-x
2017-01-21 17:44
sssd
2.45
KB
-rwxr-xr-x
2017-01-21 17:44
stunnel
5.61
KB
-rwxr-xr-x
2016-07-26 19:43
sudo
6.01
KB
-rwxr-xr-x
2017-01-21 17:44
syslog-ng
20.61
KB
-rwxr-xr-x
2017-01-21 17:44
syslogd
1.98
KB
-rwxr-xr-x
2017-01-21 17:44
systemd
7.53
KB
-rwxr-xr-x
2017-01-21 17:44
tac_acc
4.12
KB
-rwxr-xr-x
2017-01-21 17:44
tivoli-smc
4.41
KB
-rwxr-xr-x
2016-07-26 19:43
up2date
4.79
KB
-rwxr-xr-x
2017-01-21 17:44
vdr
8.3
KB
-rwxr-xr-x
2017-01-21 17:44
vpopmail
3.48
KB
-rwxr-xr-x
2017-01-21 17:44
vsftpd
8.28
KB
-rwxr-xr-x
2017-01-21 17:44
windows
16.12
KB
-rwxr-xr-x
2017-01-21 17:44
xntpd
8.59
KB
-rwxr-xr-x
2017-01-21 17:44
yum
2.8
KB
-rwxr-xr-x
2017-01-21 17:44
zypp
2.48
KB
-rwxr-xr-x
2017-01-21 17:44
zz-disk_space
6.02
KB
-rwxr-xr-x
2017-01-21 17:44
zz-fortune
1.69
KB
-rwxr-xr-x
2017-01-21 17:44
zz-lm_sensors
1.82
KB
-rwxr-xr-x
2017-01-21 17:44
zz-network
12.79
KB
-rwxr-xr-x
2017-01-21 17:44
zz-runtime
1.66
KB
-rwxr-xr-x
2017-01-21 17:44
zz-sys
3.01
KB
-rwxr-xr-x
2017-01-21 17:44
zz-zfs
5.91
KB
-rwxr-xr-x
2017-01-21 17:44
Save
Rename
#!/usr/bin/perl ########################################################################## # $Id$ ########################################################################## # $Log: proftpd-messages,v $ # Revision 1.27 2008/06/30 23:07:51 kirk # fixed copyright holders for files where I know who they should be # # Revision 1.26 2008/05/13 22:52:02 mike # Fix for debian bug 480761 -mgt # # Revision 1.25 2008/03/24 23:31:26 kirk # added copyright/license notice to each script # # Revision 1.24 2007/03/25 15:43:12 mike # Fixed BadShell bug, wrong hash name -mgt # # Revision 1.23 2007/03/25 15:31:40 mike # Added error and notice line reports, ignored chroot info -mgt # # Revision 1.22 2007/03/20 18:02:02 mike # More cleanups for both log formats, added secure log group and filtered plain no such user -mgt # # Revision 1.21 2007/03/16 21:10:12 mike # Some matching cleanups before the real work -mgt # # Revision 1.20 2005/12/30 18:40:30 bjorn # Filtering "masquerading" statements, and corrected bug submission string, # per B Wooster. # # Revision 1.19 2005/02/24 17:08:05 kirk # Applying consolidated patches from Mike Tremaine # # Revision 1.6 2005/02/13 22:50:46 mgt # patches from Pawel -mgt # # Revision 1.5 2005/02/13 20:28:42 mgt # More init corrections -mgt # # Revision 1.4 2004/07/29 19:33:29 mgt # Chmod and removed perl call -mgt # # Revision 1.3 2004/07/10 01:54:35 mgt # sync with kirk -mgt # # Revision 1.16 2004/02/03 02:45:26 kirk # Tons of patches, and new 'oidentd' and 'shaperd' filters from # Pawe? Go?aszewski" <blues@ds.pg.gda.pl> # ######################################################## # This was written by Simon Liddington for use with Logwatch # # Please send all comments, suggestions, bug reports, # etc, to logwatch-devel@lists.sourceforge.net ######################################################## ####################################################### ## Copyright (c) 2008 Simon Liddington ## Covered under the included MIT/X-Consortium License: ## http://www.opensource.org/licenses/mit-license.php ## All modifications and contributions by other persons to ## this script are assumed to have been donated to the ## Logwatch project and thus assume the above copyright ## and licensing terms. If you want to make contributions ## under your own copyright or a different license this ## must be explicitly stated in the contribution an the ## Logwatch project reserves the right to not accept such ## contributions. If you have made significant ## contributions to this script and want to claim ## copyright please contact logwatch-devel@lists.sourceforge.net. ######################################################### $Detail = $ENV{'LOGWATCH_DETAIL_LEVEL'} || 0; $IgnoreUnmatched = $ENV{'ftpd_ignore_unmatched'}; $NoEndpoints = 0; $UnmatchedEntries = 0; while (defined($ThisLine = <STDIN>)) { if ( ( $ThisLine =~ /^FTP session closed/ ) or ( $ThisLine =~ /^(ANONYMOUS )?FTP login as \'.*\' from [^ ]+ \[.*\] to .*/ ) or ( $ThisLine =~ /(PAM|pam_unix)\(.*\): [Aa]uthentication failure/ ) or ( $ThisLine =~ /(PAM|pam_unix)\(.*\): session (opened|closed) for user/ ) or ( $ThisLine =~ /^data_sendfile/ ) or ( $ThisLine =~ /(:| \-) FTP session (closed|opened)/ ) or ( $ThisLine =~ /(:| \-) No certificate files found/ ) or ( $ThisLine =~ /FTP (no transfer|session idle) timeout, disconnected/ ) or ( $ThisLine =~ / masquerading as / ) or ( $ThisLine =~ /mod_delay\// ) or ( $ThisLine =~ /FTP login timed out, disconnected/ ) or ( $ThisLine =~ /Preparing to chroot to directory/ ) or ( $ThisLine =~ /\(.*\[.*\]\)(\:| \-) no such user '.*'/ ) ) { #We don't care about these } elsif ( ($Host,$IP,$Email,) = ( $ThisLine =~ /^FTP session opened: ftp\/ftp (.*)\[(.*)\] (.*)$/ ) ) { $Temp = " " . $Host . " (" . $IP . "): " . $Email . " - "; $AnonLogins{$Temp}++; } elsif ( ($Host, $IP) = ( $ThisLine =~ /\((.*)\[(.*)\]\)(?:\:| \-) ANON .+: Login successful\./ ) ) { $Temp = " " . $Host . " (" . $IP . ")"; $AnonLogins{$Temp}++; } elsif ( ($User,$Host,$IP) = ( $ThisLine =~ /^FTP session opened: (.*\/.*) (.*)\[(.*)\] (.*)$/ ) ) { $Temp = " $Host : $User - "; $UserLogins{$Temp}++; } elsif ( ($Host,$IP,$User) = ( $ThisLine =~ /\((.*)\[(.*)\]\)(?:\:| \-) USER (.+): Login successful/ ) ) { $Temp = " " . $Host . ": " . $User . " - "; $UserLogins{$Temp}++; } elsif ( ($User) = ( $ThisLine =~ /^failed login, can\'t find user \'(.*)\' $/ ) ) { $Temp = " " . "Unknown" . " (" . "Unknown.IP" . "): " . $User . " - "; $BadUsers{$Temp}++; } elsif ( ($User,$Host,$IP) = ( $ThisLine =~ /USER (.*): no such user found from (.*) \[(.*)\] to/ ) ) { #$Temp = " $Host : $User - "; #$BadUsers{$Temp}++; $BadUsers{$User}{$Host}++; # } elsif ( ($Host,$Ip,$User) = ( $ThisLine =~ /\((.*)\[(.*)\]\)(?:\:| \-) no such user '(.*)'/ ) ) { # #$Temp = "$Host($Ip)"; # $BadUsers{$User}{$Host}++; } elsif ( ($Host,$User) = ( $ThisLine =~ /\[(.*)\]\)(?:\:| \-) USER (.*) \(Login failed\): Incorrect password/ ) ) { $Temp = " $Host : $User - "; $BadPasswds{$Temp}++; } elsif ( ($Host,$User) = ( $ThisLine =~ /\[(.*)\]\)(?:\:| \-) USER (.*) \(Login failed\): Invalid shell/ ) ) { $Temp = " $Host : $User - "; $BadShell{$Temp}++; } elsif ( ($Host,$Ip) = ( $ThisLine =~ /\((.*)\[(.*)\]\)(?:\:| \-) SECURITY VIOLATION: root login attempted/ ) ) { $RootLoginAttempt{$Host}++; } elsif ( ($Host) = ( $ThisLine =~ /\(((.*)\[(.*)\])\)(?:\:| \-) Maximum login attempts .*exceeded/ ) ) { $MaxLoginAttempts{$Host}++; } elsif ( ($Host,$Reason) = ( $ThisLine =~ /\[(.*)\]\)(?:\:| \-) Refused PORT [\d,]+ \((.*)\)/ ) ) { $Temp = " " . $Host . ": " . $Reason . " - "; $RefusedPorts{$Temp}++; } elsif ( ($Host,$Reason) = ( $ThisLine =~ /\(((.*)\[(.*)\])\)(?:\:| \-) Connection refused \((.*)\)/ ) ) { $ConnectionRefused{$Reason}{$Host}++; } elsif ( ($Host) = ( $ThisLine =~ /\(((.*)\[(.*)\])\)(?:\:| \-) Data transfer stall timeout/ ) ) { $TransferTimeout{$Host}++; } elsif ( $ThisLine =~ m/[^ ]*(?:\:| \-) Fatal: Transport endpoint is not connected/ ) { $NoEndpoints++; } elsif ( ($Option) = ( $ThisLine =~ /warning: (.*) is deprecated/ ) ) { $DeprecatedOptions{$Option}++; } elsif ( ($Host,$IP,$Error) = ( $ThisLine =~ /\((.*)\[(.*)\]\)(?:\:| \-) error: (.*)$/ ) ) { $ErrorLines{$Host}{$Error}++; } elsif ( ($Host,$IP,$Notice) = ( $ThisLine =~ /\((.*)\[(.*)\]\)(?:\:| \-) notice: (.*)$/ ) ) { $NoticeLines{$Host}{$Notice}++; } else { # Report any unmatched entries... push @OtherList,$ThisLine; } } ############################################## if (keys %DeprecatedOptions) { print "\nDeprecated options in config:\n"; foreach $Option (sort {$a cmp $b} keys %DeprecatedOptions) { print " $Option\n"; } } if ( (keys %AnonLogins) and ($Detail >= 5) ) { print "\nAnonymous FTP Logins:\n"; foreach $ThisOne (sort {$a cmp $b} keys %AnonLogins) { print $ThisOne . $AnonLogins{$ThisOne} . " Time(s)\n"; } } if ( (keys %DeletedFiles) and ($Detail >= 10) ) { print "\nFiles deleted through FTP:\n"; foreach $ThisOne (sort {$a cmp $b} keys %DeletedFiles) { print $ThisOne; print @{$DeletedFiles{$ThisOne}}; } } if (keys %UserLogins) { print "\nUser FTP Logins:\n"; foreach $ThisOne (sort {$a cmp $b} keys %UserLogins) { print $ThisOne . $UserLogins{$ThisOne} . " Time(s)\n"; } } if (keys %RootLoginAttempt) { print "\nSECURITY VIOLATION!!!!\n"; print "Root login attempt from:\n"; foreach $Host (sort {$a cmp $b} keys %RootLoginAttempt) { print " $Host : $RootLoginAttempt{$Host} Time(s)\n"; } } if (keys %MaxLoginAttempts) { print "\nMaximum login attempts exceeded from hosts:\n"; foreach $Host (sort {$a cmp $b} keys %MaxLoginAttempts) { print " $Host : $MaxLoginAttempts{$Host} Time(s)\n"; } } if (keys %ConnectionRefused) { print "\nConnection refused with reason:\n"; foreach $Reason (sort {$a cmp $b} keys %ConnectionRefused) { print " $Reason :\n"; foreach $Host (sort {$a cmp $b} keys %{$ConnectionRefused{$Reason}}) { print " $Host : $ConnectionRefused{$Reason}{$Host} Time(s)\n"; } } } if ( ( (keys %BadUsers) or (keys %BadPasswds) ) and ($Detail >= 5) ) { print "\nFailed FTP Logins:\n"; if ( (keys %BadUsers) and ($Detail >= 5) ) { print "\n Invalid Username:\n"; foreach $User (sort {$a cmp $b} keys %BadUsers) { print " $User:\n"; foreach $Host (sort {$a cmp $b} keys %{$BadUsers{$User}}) { print " $Host : $BadUsers{$User}{$Host} Time(s)\n"; } } } if ( (keys %BadPasswds) and ($Detail >= 5) ) { print "\n Incorrect Password:\n"; foreach $ThisOne (sort {$a cmp $b} keys %BadPasswds) { print $ThisOne . $BadPasswds{$ThisOne} . " Time(s)\n"; } } if ( (keys %BadShell) and ($Detail >= 5) ) { print "\n Invalid Shell:\n"; foreach $ThisOne (sort {$a cmp $b} keys %BadShell) { print $ThisOne . $BadShell{$ThisOne} . " Time(s)\n"; } } } if ( (keys %RefusedPorts) and ($Detail >= 5) ) { print "\nRefused PORTs:\n"; foreach $ThisOne (sort {$a cmp $b} keys %RefusedPorts) { print $ThisOne . $RefusedPorts{$ThisOne} . " Time(s)\n"; } } if ( (keys %TransferTimeout) and ($Detail >= 5) ) { print "\nData transfer stall timeout:\n"; foreach $Host (sort {$a cmp $b} keys %TransferTimeout) { print " $Host : $TransferTimeout{$Host} Time(s)\n"; } } if ( (keys %NoticeLines) and ($Detail >= 10) ) { print "\nNotices Reported by Host:\n"; foreach $Host (sort {$a cmp $b} keys %NoticeLines) { print " $Host:\n"; foreach $Notice (sort {$a cmp $b} keys %{$NoticeLines{$Host}}) { print " $Notices : $NoticeLines{$Host}{$Notice} Time(s)\n"; } } } if ( (keys %ErrorLines) and ($Detail >= 5) ) { print "\nErrors Reported by Host:\n"; foreach $Host (sort {$a cmp $b} keys %ErrorLines) { print " $Host:\n"; foreach $Errors (sort {$a cmp $b} keys %{$ErrorLines{$Host}}) { print " $Errors : $ErrorLines{$Host}{$Errors} Time(s)\n"; } } } if ($NoEndpoints > 0) { print "\nTransport endpoint is not connected error $NoEndpoints Time(s)\n"; } if (($#OtherList >= 0) and (not $IgnoreUnmatched)) { print "\n**Unmatched Entries**\n"; print @OtherList; } exit(0); # vi: shiftwidth=3 tabstop=3 syntax=perl et # Local Variables: # mode: perl # perl-indent-level: 3 # indent-tabs-mode: nil # End: