Thread: rkhunter and fail2ban logs not showing at ispconfig
View Single Post
  #5  
Old 7th February 2012, 09:33
RioSif RioSif is offline
Member
  
Join Date: Jan 2012
Posts: 30
Thanks: 7
Thanked 0 Times in 0 Posts
Default
Code:
System checks summary
=====================

File properties checks...
    Files checked: 137
    Suspect files: 2

Rootkit checks...
    Rootkits checked : 246
    Possible rootkits: 0

Applications checks...
    All checks skipped

The system checks took: 1 minute and 50 seconds

All results have been written to the log file (/var/log/rkhunter/rkhunter.log)

One or more warnings have been found while checking the system.
Please check the log file (/var/log/rkhunter/rkhunter.log)
I get warnings for:
Checking for hidden files and directories [ Warning ]
Checking if SSH protocol v1 is allowed [ Warning ]
/usr/bin/unhide [ Warning ]
/usr/bin/unhide-tcp [ Warning ]

which was there since forever.

for fail2ban here is the last lines of the non-empty log:
Code:
2012-02-04 13:40:57,191 fail2ban.jail   : INFO   Creating new jail 'ssh-iptables'
2012-02-04 13:40:57,194 fail2ban.jail   : INFO   Jail 'ssh-iptables' uses Gamin
2012-02-04 13:40:57,261 fail2ban.filter : INFO   Added logfile = /var/log/secure
2012-02-04 13:40:57,262 fail2ban.filter : INFO   Set maxRetry = 5
2012-02-04 13:40:57,262 fail2ban.filter : INFO   Set findtime = 600
2012-02-04 13:40:57,262 fail2ban.actions: INFO   Set banTime = 600
2012-02-04 13:40:57,315 fail2ban.jail   : INFO   Jail 'ssh-iptables' started
2012-02-04 15:14:49,107 fail2ban.actions: WARNING [ssh-iptables] Ban 1.202.148.22
2012-02-04 15:24:50,058 fail2ban.actions: WARNING [ssh-iptables] Unban 1.202.148.22
2012-02-04 17:13:58,486 fail2ban.actions: WARNING [ssh-iptables] Ban 88.208.218.199
2012-02-04 17:23:58,592 fail2ban.actions: WARNING [ssh-iptables] Unban 88.208.218.199
2012-02-04 21:46:27,468 fail2ban.actions: WARNING [ssh-iptables] Ban 212.156.126.210
2012-02-04 21:56:27,636 fail2ban.actions: WARNING [ssh-iptables] Unban 212.156.126.210
2012-02-05 03:02:08,959 fail2ban.actions: WARNING [ssh-iptables] Ban 49.254.98.187
2012-02-05 03:12:09,586 fail2ban.actions: WARNING [ssh-iptables] Unban 49.254.98.187
2012-02-05 03:34:10,542 fail2ban.filter : INFO   Log rotation detected for /var/log/secure
2012-02-05 03:35:10,606 fail2ban.filter : INFO   Log rotation detected for /var/log/secure
2012-02-05 17:10:30,482 fail2ban.actions: WARNING [ssh-iptables] Ban 210.212.250.35
2012-02-05 17:20:30,860 fail2ban.actions: WARNING [ssh-iptables] Unban 210.212.250.35
2012-02-05 18:30:09,754 fail2ban.actions: WARNING [ssh-iptables] Ban 184.107.179.242
2012-02-05 18:40:09,807 fail2ban.actions: WARNING [ssh-iptables] Unban 184.107.179.242
2012-02-05 18:53:31,804 fail2ban.jail   : INFO   Jail 'ssh-iptables' stopped
2012-02-05 18:53:31,824 fail2ban.server : INFO   Exiting Fail2ban
2012-02-05 18:56:30,726 fail2ban.server : INFO   Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.4
2012-02-05 18:56:30,726 fail2ban.jail   : INFO   Creating new jail 'ssh-iptables'
2012-02-05 18:56:30,754 fail2ban.jail   : INFO   Jail 'ssh-iptables' uses Gamin
2012-02-05 18:56:31,202 fail2ban.filter : INFO   Added logfile = /var/log/secure
2012-02-05 18:56:31,202 fail2ban.filter : INFO   Set maxRetry = 5
2012-02-05 18:56:31,220 fail2ban.filter : INFO   Set findtime = 600
2012-02-05 18:56:31,220 fail2ban.actions: INFO   Set banTime = 600
2012-02-05 18:56:31,273 fail2ban.jail   : INFO   Jail 'ssh-iptables' started
2012-02-05 18:56:34,455 fail2ban.jail   : INFO   Jail 'ssh-iptables' stopped
2012-02-05 18:56:34,456 fail2ban.server : INFO   Exiting Fail2ban
2012-02-05 18:56:35,643 fail2ban.server : INFO   Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.4
2012-02-05 18:56:35,644 fail2ban.jail   : INFO   Creating new jail 'ssh-iptables'
2012-02-05 18:56:35,644 fail2ban.jail   : INFO   Jail 'ssh-iptables' uses Gamin
2012-02-05 18:56:35,655 fail2ban.filter : INFO   Added logfile = /var/log/secure
2012-02-05 18:56:35,656 fail2ban.filter : INFO   Set maxRetry = 5
2012-02-05 18:56:35,656 fail2ban.filter : INFO   Set findtime = 600
2012-02-05 18:56:35,657 fail2ban.actions: INFO   Set banTime = 600
2012-02-05 18:56:35,711 fail2ban.jail   : INFO   Jail 'ssh-iptables' started
2012-02-05 18:57:29,770 fail2ban.jail   : INFO   Jail 'ssh-iptables' stopped
2012-02-05 18:57:29,771 fail2ban.server : INFO   Exiting Fail2ban
2012-02-05 18:59:23,555 fail2ban.server : INFO   Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.4
2012-02-05 18:59:23,555 fail2ban.jail   : INFO   Creating new jail 'ssh-iptables'
2012-02-05 18:59:23,556 fail2ban.jail   : INFO   Jail 'ssh-iptables' uses Gamin
2012-02-05 18:59:23,616 fail2ban.filter : INFO   Added logfile = /var/log/secure
2012-02-05 18:59:23,617 fail2ban.filter : INFO   Set maxRetry = 5
2012-02-05 18:59:23,618 fail2ban.filter : INFO   Set findtime = 600
2012-02-05 18:59:23,618 fail2ban.actions: INFO   Set banTime = 600
2012-02-05 18:59:23,672 fail2ban.jail   : INFO   Jail 'ssh-iptables' started
2012-02-05 18:59:26,967 fail2ban.jail   : INFO   Jail 'ssh-iptables' stopped
2012-02-05 18:59:26,967 fail2ban.server : INFO   Exiting Fail2ban
2012-02-05 18:59:28,184 fail2ban.server : INFO   Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.4
2012-02-05 18:59:28,184 fail2ban.jail   : INFO   Creating new jail 'ssh-iptables'
2012-02-05 18:59:28,185 fail2ban.jail   : INFO   Jail 'ssh-iptables' uses Gamin
2012-02-05 18:59:28,194 fail2ban.filter : INFO   Added logfile = /var/log/secure
2012-02-05 18:59:28,195 fail2ban.filter : INFO   Set maxRetry = 5
2012-02-05 18:59:28,196 fail2ban.filter : INFO   Set findtime = 600
2012-02-05 18:59:28,196 fail2ban.actions: INFO   Set banTime = 600
2012-02-05 18:59:28,249 fail2ban.jail   : INFO   Jail 'ssh-iptables' started
2012-02-06 21:40:02,482 fail2ban.jail   : INFO   Jail 'ssh-iptables' stopped
2012-02-06 21:40:02,564 fail2ban.server : INFO   Exiting Fail2ban
2012-02-06 21:42:08,946 fail2ban.server : INFO   Changed logging target to /var/log/fail2ban.log for Fail2ban v0.8.4
2012-02-06 21:42:08,959 fail2ban.jail   : INFO   Creating new jail 'ssh-iptables'
2012-02-06 21:42:08,983 fail2ban.jail   : INFO   Jail 'ssh-iptables' uses Gamin
2012-02-06 21:42:09,093 fail2ban.filter : INFO   Added logfile = /var/log/secure
2012-02-06 21:42:09,093 fail2ban.filter : INFO   Set maxRetry = 5
2012-02-06 21:42:09,095 fail2ban.filter : INFO   Set findtime = 600
2012-02-06 21:42:09,095 fail2ban.actions: INFO   Set banTime = 600
2012-02-06 21:42:09,159 fail2ban.jail   : INFO   Jail 'ssh-iptables' started
2012-02-06 22:21:17,721 fail2ban.jail   : INFO   Jail 'ssh-iptables' stopped
2012-02-06 22:21:17,734 fail2ban.server : INFO   Exiting Fail2ban
Reply With Quote