Suche:Hilfe bei Interpretation einer Logdatei.

[Johannes7146]

Hallo zusammen,
ich bin nicht sooo der Linux-Guru und habe daher eine frage.
Ich habe einen V-Server. Darauf läuft ein Apache-Webserver.
Dieser ist in letzterzeit zeitweise nicht zu erreichen.

Prozessor auslastung ist minimal. Speicherauslastung ebenso.
Nun habe ich mir die logs mal durchgeschaut uns sowas hier entdeckt:

Nov 10 15:08:19 lvps83-169-22-101 postfix/smtpd[5661]: connect from unknown[59.58.240.82]
Nov 10 15:08:20 lvps83-169-22-101 postfix/smtpd[5683]: connect from unknown[59.58.240.82]
Nov 10 15:08:23 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:23 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:24 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:24 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:26 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:26 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:27 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:27 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:28 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:28 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:29 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:29 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:30 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:30 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:31 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:31 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:32 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:32 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:33 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:33 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:34 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:34 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:35 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:35 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:37 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:37 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:37 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:37 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:38 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:38 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:39 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:39 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:40 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:40 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:42 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:42 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:43 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:43 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:45 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:45 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:47 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:47 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:49 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:49 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:52 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:52 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:53 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:53 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:56 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:56 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:08:57 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:08:57 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:00 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:00 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:01 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:01 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:05 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:05 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:06 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:06 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:10 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:10 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:12 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:12 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:14 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:14 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:17 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:17 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:19 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:19 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:21 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:21 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:24 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:24 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:25 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:25 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:28 lvps83-169-22-101 postfix/smtpd[5683]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:28 lvps83-169-22-101 postfix/smtpd[5683]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:29 lvps83-169-22-101 postfix/smtpd[5661]: warning: SASL authentication failure: cannot connect to saslauthd server: Permission denied
Nov 10 15:09:29 lvps83-169-22-101 postfix/smtpd[5661]: warning: unknown[59.58.240.82]: SASL LOGIN authentication failed: generic failure
Nov 10 15:09:30 lvps83-169-22-101 postfix/smtpd[5683]: too many errors after AUTH from unknown[59.58.240.82]
Nov 10 15:09:30 lvps83-169-22-101 postfix/smtpd[5683]: disconnect from unknown[59.58.240.82]
Nov 10 15:09:31 lvps83-169-22-101 postfix/smtpd[5661]: too many errors after AUTH from unknown[59.58.240.82]
Nov 10 15:09:31 lvps83-169-22-101 postfix/smtpd[5661]: disconnect from unknown[59.58.240.82]
Nov 10 15:12:51 lvps83-169-22-101 postfix/anvil[5687]: statistics: max connection rate 2/60s for (smtp:59.58.240.82) at Nov 10 15:08:20
Nov 10 15:12:51 lvps83-169-22-101 postfix/anvil[5687]: statistics: max connection count 2 for (smtp:59.58.240.82) at Nov 10 15:08:20
Nov 10 15:12:51 lvps83-169-22-101 postfix/anvil[5687]: statistics: max cache size 1 at Nov 10 15:08:1

Für micht sieht das so aus wie eine bruteforce attacke auf meinen Mailserver.
Liege ich da richtig oder kann mir sonst jemand sagen was das genau ist?

 

[olqs]

Hmm scheint eher so als möchte sich einer am Mailserver (SMTP) authentifizieren und der Mailserver findet dein SASL Backend nicht.
saslauthd scheint nicht zu laufen bzw passt was nicht mit Berechtigungen