==== DATE ====
Sun Aug 31 00:38:29 WIB 2025
==== UFW STATUS (numbered) ====
Status: inactive
==== UFW LOG (last 200, filtered by IP if set) ====
==== FAIL2BAN sshd STATUS ====
==== FAIL2BAN LOG (last 200) ====
==== CSF LIST (csf -l) ====
iptables filter table
=====================
Chain INPUT (policy DROP 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         
1    9321K  485G LOCALINPUT  0    --  !lo    *       0.0.0.0/0            0.0.0.0/0           
2      138  7026 ACCEPT     0    --  lo     *       0.0.0.0/0            0.0.0.0/0           
3        0     0 SYNFLOOD   6    --  !lo    *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x17/0x02
4       25  1300 INVALID    6    --  !lo    *       0.0.0.0/0            0.0.0.0/0           
5        0     0 ACCEPT     1    --  !lo    *       0.0.0.0/0            0.0.0.0/0            icmptype 8 limit: avg 1/sec burst 5
6        0     0 LOGDROPIN  1    --  !lo    *       0.0.0.0/0            0.0.0.0/0            icmptype 8
7        0     0 ACCEPT     1    --  !lo    *       0.0.0.0/0            0.0.0.0/0           
8       21  1356 ACCEPT     0    --  !lo    *       0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
9        0     0 ACCEPT     6    --  !lo    *       0.0.0.0/0            0.0.0.0/0            ctstate NEW tcp dpt:22
10       0     0 ACCEPT     6    --  !lo    *       0.0.0.0/0            0.0.0.0/0            ctstate NEW tcp dpt:2222
11       0     0 ACCEPT     6    --  !lo    *       0.0.0.0/0            0.0.0.0/0            ctstate NEW tcp dpt:80
12       0     0 ACCEPT     6    --  !lo    *       0.0.0.0/0            0.0.0.0/0            ctstate NEW tcp dpt:9100
13       0     0 ACCEPT     6    --  !lo    *       0.0.0.0/0            0.0.0.0/0            ctstate NEW tcp dpt:5201
14       0     0 ACCEPT     17   --  !lo    *       0.0.0.0/0            0.0.0.0/0            ctstate NEW udp dpt:5201
15      48 21365 LOGDROPIN  0    --  !lo    *       0.0.0.0/0            0.0.0.0/0           

Chain FORWARD (policy DROP 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy DROP 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         
1    4417K  232M LOCALOUTPUT  0    --  *      !lo     0.0.0.0/0            0.0.0.0/0           
2        0     0 ACCEPT     6    --  *      !lo     0.0.0.0/0            0.0.0.0/0            tcp dpt:53
3        0     0 ACCEPT     17   --  *      !lo     0.0.0.0/0            0.0.0.0/0            udp dpt:53
4        0     0 ACCEPT     6    --  *      !lo     0.0.0.0/0            0.0.0.0/0            tcp spt:53
5        0     0 ACCEPT     17   --  *      !lo     0.0.0.0/0            0.0.0.0/0            udp spt:53
6      138  7026 ACCEPT     0    --  *      lo      0.0.0.0/0            0.0.0.0/0           
7    4417K  230M INVALID    6    --  *      !lo     0.0.0.0/0            0.0.0.0/0           
8        0     0 ACCEPT     1    --  *      !lo     0.0.0.0/0            0.0.0.0/0           
9    4417K  230M ACCEPT     0    --  *      !lo     0.0.0.0/0            0.0.0.0/0            ctstate RELATED,ESTABLISHED
10       0     0 ACCEPT     6    --  *      !lo     0.0.0.0/0            0.0.0.0/0            ctstate NEW tcp dpts:1:65535
11      11   836 ACCEPT     17   --  *      !lo     0.0.0.0/0            0.0.0.0/0            ctstate NEW udp dpts:1:65535
12       0     0 LOGDROPOUT  0    --  *      !lo     0.0.0.0/0            0.0.0.0/0           

Chain ALLOWIN (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1       94 21196 ACCEPT     6    --  !lo    *       0.0.0.0/0            0.0.0.0/0            tcp dpt:2222
2        0     0 ACCEPT     6    --  !lo    *       192.168.55.122       0.0.0.0/0            tcp dpt:2222
3        0     0 ACCEPT     17   --  !lo    *       192.168.55.122       0.0.0.0/0            udp dpt:5201
4    9320K  485G ACCEPT     6    --  !lo    *       192.168.55.122       0.0.0.0/0            tcp dpt:5201
5        0     0 ACCEPT     6    --  !lo    *       192.168.55.122       0.0.0.0/0            tcp dpt:80
6      735 84336 ACCEPT     6    --  !lo    *       192.168.55.118       0.0.0.0/0            tcp dpt:9100
7        0     0 ACCEPT     6    --  !lo    *       192.168.55.118       0.0.0.0/0            tcp dpt:9100
8        0     0 ACCEPT     0    --  !lo    *       192.168.55.118       0.0.0.0/0           
9        4   541 ACCEPT     0    --  !lo    *       192.168.48.1         0.0.0.0/0           

Chain ALLOWOUT (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1      672 2209K ACCEPT     0    --  *      !lo     0.0.0.0/0            192.168.55.118      
2        1    73 ACCEPT     0    --  *      !lo     0.0.0.0/0            192.168.48.1        

Chain DENYIN (1 references)
num   pkts bytes target     prot opt in     out     source               destination         

Chain DENYOUT (1 references)
num   pkts bytes target     prot opt in     out     source               destination         

Chain INVALID (2 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 INVDROP    0    --  *      *       0.0.0.0/0            0.0.0.0/0            ctstate INVALID
2        0     0 INVDROP    6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x3F/0x00
3        0     0 INVDROP    6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x3F/0x3F
4        0     0 INVDROP    6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x03/0x03
5        0     0 INVDROP    6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x06/0x06
6        0     0 INVDROP    6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x05/0x05
7        0     0 INVDROP    6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x11/0x01
8        0     0 INVDROP    6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x18/0x08
9        0     0 INVDROP    6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x30/0x20
10       0     0 INVDROP    6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:!0x17/0x02 ctstate NEW

Chain INVDROP (10 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 DROP       0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain LOCALINPUT (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1    9321K  485G ALLOWIN    0    --  !lo    *       0.0.0.0/0            0.0.0.0/0           
2       59 22201 DENYIN     0    --  !lo    *       0.0.0.0/0            0.0.0.0/0           

Chain LOCALOUTPUT (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1    4417K  232M ALLOWOUT   0    --  *      !lo     0.0.0.0/0            0.0.0.0/0           
2    4417K  230M DENYOUT    0    --  *      !lo     0.0.0.0/0            0.0.0.0/0           
3       11   836 UDPFLOOD   17   --  *      !lo     0.0.0.0/0            0.0.0.0/0           

Chain LOGDROPIN (2 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 DROP       6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:23
2        0     0 DROP       17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:23
3        0     0 DROP       6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:67
4        1   328 DROP       17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:67
5        0     0 DROP       6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:68
6        1   576 DROP       17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:68
7        0     0 DROP       6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:111
8        0     0 DROP       17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:111
9        0     0 DROP       6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:113
10       0     0 DROP       17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:113
11       0     0 DROP       6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpts:135:139
12       5   523 DROP       17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpts:135:139
13       0     0 DROP       6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:445
14       0     0 DROP       17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:445
15       0     0 DROP       6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:500
16       0     0 DROP       17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:500
17       0     0 DROP       6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:513
18       0     0 DROP       17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:513
19       0     0 DROP       6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp dpt:520
20       0     0 DROP       17   --  *      *       0.0.0.0/0            0.0.0.0/0            udp dpt:520
21       0     0 LOG        6    --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *TCP_IN Blocked* "
22      29 13960 LOG        17   --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *UDP_IN Blocked* "
23       0     0 LOG        1    --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *ICMP_IN Blocked* "
24      41 19938 DROP       0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain LOGDROPOUT (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 LOG        6    --  *      *       0.0.0.0/0            0.0.0.0/0            tcp flags:0x17/0x02 limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *TCP_OUT Blocked* "
2        0     0 LOG        17   --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *UDP_OUT Blocked* "
3        0     0 LOG        1    --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *ICMP_OUT Blocked* "
4        0     0 REJECT     0    --  *      *       0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable

Chain SYNFLOOD (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 RETURN     0    --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 100/sec burst 150
2        0     0 LOG        0    --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 30/min burst 5 LOG flags 0 level 4 prefix "Firewall: *SYNFLOOD Blocked* "
3        0     0 DROP       0    --  *      *       0.0.0.0/0            0.0.0.0/0           

Chain UDPFLOOD (1 references)
num   pkts bytes target     prot opt in     out     source               destination         
1        0     0 RETURN     17   --  *      *       0.0.0.0/0            0.0.0.0/0            owner UID match 0
2       11   836 RETURN     17   --  *      !lo     0.0.0.0/0            0.0.0.0/0            limit: avg 100/sec burst 500
3        0     0 LOG        0    --  *      *       0.0.0.0/0            0.0.0.0/0            limit: avg 30/min burst 5 LOG flags 8 level 4 prefix "Firewall: *UDPFLOOD* "
4        0     0 REJECT     17   --  *      !lo     0.0.0.0/0            0.0.0.0/0            reject-with icmp-port-unreachable


iptables mangle table
=====================
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         


iptables raw table
==================
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         


iptables nat table
==================
Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         

Chain POSTROUTING (policy ACCEPT 0 packets, 0 bytes)
num   pkts bytes target     prot opt in     out     source               destination         
==== CSF GREP ATTACKER (csf -g) ====

Table  Chain            num   pkts bytes target     prot opt in     out     source               destination         

filter ALLOWIN          2        0     0 ACCEPT     6    --  !lo    *       192.168.55.122       0.0.0.0/0            tcp dpt:2222
filter ALLOWIN          3        0     0 ACCEPT     17   --  !lo    *       192.168.55.122       0.0.0.0/0            udp dpt:5201
filter ALLOWIN          4    9320K  485G ACCEPT     6    --  !lo    *       192.168.55.122       0.0.0.0/0            tcp dpt:5201
filter ALLOWIN          5        0     0 ACCEPT     6    --  !lo    *       192.168.55.122       0.0.0.0/0            tcp dpt:80
==== LFD LOG (last 200) ====
Aug 31 00:21:29 sut lfd[3740]: System Integrity Tracking...
Aug 31 00:21:29 sut lfd[3740]: Exploit Tracking...
Aug 31 00:21:29 sut lfd[3740]: Directory Watching...
Aug 31 00:21:29 sut lfd[3740]: Process Tracking...
Aug 31 00:21:29 sut lfd[3740]: Account Tracking...
Aug 31 00:21:29 sut lfd[3740]: SSH Tracking...
Aug 31 00:21:29 sut lfd[3740]: Webmin Tracking...
Aug 31 00:21:29 sut lfd[3740]: SU Tracking...
Aug 31 00:21:29 sut lfd[3740]: Console Tracking...
Aug 31 00:21:29 sut lfd[3740]: Watching /var/log/lfd.log...
Aug 31 00:21:29 sut lfd[3740]: Watching /var/log/messages...
Aug 31 00:21:29 sut lfd[3740]: Watching /var/log/auth.log...
Aug 31 00:21:29 sut lfd[3740]: Watching /var/log/syslog...
Aug 31 00:21:29 sut lfd[3740]: Watching /var/log/apache2/error.log...
Aug 31 00:21:29 sut lfd[3740]: Watching /var/log/secure...
Aug 31 00:21:29 sut lfd[3740]: Watching /var/log/customlog...
Aug 31 00:21:29 sut lfd[3755]: *User Processing* PID:679 Kill:0 User:prometheus VM:1574(MB) EXE:/usr/bin/prometheus-node-exporter CMD:/usr/bin/prometheus-node-exporter --web.listen-address=0.0.0.0:9100 --collector.textfile.directory=/var/lib/node_exporter/text
Aug 31 00:21:29 sut lfd[3752]: Main Process: TERM
Aug 31 00:21:29 sut lfd[3752]: daemon stopped
Aug 31 00:21:29 sut lfd[3755]: Main Process: TERM
Aug 31 00:21:29 sut lfd[3755]: daemon stopped
Aug 31 00:21:29 sut lfd[3756]: Main Process: TERM
Aug 31 00:21:29 sut lfd[3740]: Main Process: TERM
Aug 31 00:21:29 sut lfd[3756]: daemon stopped
Aug 31 00:21:29 sut lfd[3740]: daemon stopped
Aug 31 00:21:29 sut lfd[3886]: daemon started on sut - csf v14.24 (generic)
Aug 31 00:21:29 sut lfd[3886]: LF_APACHE_ERRPORT: Set to [2]
Aug 31 00:21:29 sut lfd[3886]: Log Scanner...
Aug 31 00:21:29 sut lfd[3886]: CSF Tracking...
Aug 31 00:21:29 sut lfd[3886]: LOAD Tracking...
Aug 31 00:21:29 sut lfd[3886]: Country Code Lookups...
Aug 31 00:21:29 sut lfd[3886]: System Integrity Tracking...
Aug 31 00:21:29 sut lfd[3886]: Exploit Tracking...
Aug 31 00:21:29 sut lfd[3886]: Directory Watching...
Aug 31 00:21:29 sut lfd[3886]: Process Tracking...
Aug 31 00:21:29 sut lfd[3886]: Account Tracking...
Aug 31 00:21:29 sut lfd[3886]: SSH Tracking...
Aug 31 00:21:29 sut lfd[3886]: Webmin Tracking...
Aug 31 00:21:29 sut lfd[3886]: SU Tracking...
Aug 31 00:21:29 sut lfd[3886]: Console Tracking...
Aug 31 00:21:29 sut lfd[3886]: Watching /var/log/auth.log...
Aug 31 00:21:29 sut lfd[3886]: Watching /var/log/apache2/error.log...
Aug 31 00:21:29 sut lfd[3886]: Watching /var/log/messages...
Aug 31 00:21:29 sut lfd[3886]: Watching /var/log/secure...
Aug 31 00:21:29 sut lfd[3886]: Watching /var/log/customlog...
Aug 31 00:21:29 sut lfd[3886]: Watching /var/log/lfd.log...
Aug 31 00:21:29 sut lfd[3886]: Watching /var/log/syslog...
Aug 31 00:21:29 sut lfd[3898]: *User Processing* PID:679 Kill:0 User:prometheus VM:1574(MB) EXE:/usr/bin/prometheus-node-exporter CMD:/usr/bin/prometheus-node-exporter --web.listen-address=0.0.0.0:9100 --collector.textfile.directory=/var/lib/node_exporter/text
Aug 31 00:21:34 sut lfd[3886]: csf (re)start requested - running *csf startup*...
Aug 31 00:21:35 sut lfd[3886]: csf (re)start completed
Aug 31 00:21:35 sut lfd[4144]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:21:35 sut lfd[4146]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:21:35 sut lfd[4156]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:21:35 sut lfd[4162]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:21:35 sut lfd[4168]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:21:40 sut lfd[4210]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:22:15 sut lfd[4237]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:29:40 sut lfd[5160]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:29:41 sut lfd[3886]: Main Process: TERM
Aug 31 00:29:41 sut lfd[5160]: Main Process: TERM
Aug 31 00:29:41 sut lfd[3886]: daemon stopped
Aug 31 00:29:41 sut lfd[5160]: daemon stopped
Aug 31 00:29:41 sut lfd[5355]: daemon started on sut - csf v14.24 (generic)
Aug 31 00:29:41 sut lfd[5355]: LF_APACHE_ERRPORT: Set to [2]
Aug 31 00:29:41 sut lfd[5355]: Log Scanner...
Aug 31 00:29:41 sut lfd[5355]: CSF Tracking...
Aug 31 00:29:41 sut lfd[5355]: LOAD Tracking...
Aug 31 00:29:41 sut lfd[5355]: Country Code Lookups...
Aug 31 00:29:41 sut lfd[5355]: System Integrity Tracking...
Aug 31 00:29:41 sut lfd[5355]: Exploit Tracking...
Aug 31 00:29:41 sut lfd[5355]: Directory Watching...
Aug 31 00:29:41 sut lfd[5355]: Process Tracking...
Aug 31 00:29:41 sut lfd[5355]: Account Tracking...
Aug 31 00:29:41 sut lfd[5355]: SSH Tracking...
Aug 31 00:29:41 sut lfd[5355]: Webmin Tracking...
Aug 31 00:29:41 sut lfd[5355]: SU Tracking...
Aug 31 00:29:41 sut lfd[5355]: Console Tracking...
Aug 31 00:29:41 sut lfd[5355]: Watching /var/log/secure...
Aug 31 00:29:41 sut lfd[5355]: Watching /var/log/lfd.log...
Aug 31 00:29:41 sut lfd[5355]: Watching /var/log/apache2/error.log...
Aug 31 00:29:41 sut lfd[5355]: Watching /var/log/customlog...
Aug 31 00:29:41 sut lfd[5355]: Watching /var/log/messages...
Aug 31 00:29:41 sut lfd[5355]: Watching /var/log/auth.log...
Aug 31 00:29:41 sut lfd[5355]: Watching /var/log/syslog...
Aug 31 00:29:41 sut lfd[5368]: *User Processing* PID:679 Kill:0 User:prometheus VM:1574(MB) EXE:/usr/bin/prometheus-node-exporter CMD:/usr/bin/prometheus-node-exporter --web.listen-address=0.0.0.0:9100 --collector.textfile.directory=/var/lib/node_exporter/text
Aug 31 00:30:41 sut lfd[5373]: Child : *Lock Error* [PT_INTERVAL] still active - section skipped
Aug 31 00:31:12 sut lfd[5386]: daemon started on sut - csf v14.24 (generic)
Aug 31 00:31:12 sut lfd[5386]: LF_APACHE_ERRPORT: Set to [2]
Aug 31 00:31:12 sut lfd[5386]: Log Scanner...
Aug 31 00:31:12 sut lfd[5386]: CSF Tracking...
Aug 31 00:31:12 sut lfd[5386]: LOAD Tracking...
Aug 31 00:31:12 sut lfd[5386]: Country Code Lookups...
Aug 31 00:31:12 sut lfd[5386]: System Integrity Tracking...
Aug 31 00:31:12 sut lfd[5386]: Exploit Tracking...
Aug 31 00:31:12 sut lfd[5386]: Directory Watching...
Aug 31 00:31:12 sut lfd[5386]: Process Tracking...
Aug 31 00:31:12 sut lfd[5386]: Account Tracking...
Aug 31 00:31:12 sut lfd[5386]: SSH Tracking...
Aug 31 00:31:12 sut lfd[5386]: Webmin Tracking...
Aug 31 00:31:12 sut lfd[5386]: SU Tracking...
Aug 31 00:31:12 sut lfd[5386]: Console Tracking...
Aug 31 00:31:12 sut lfd[5386]: Watching /var/log/secure...
Aug 31 00:31:12 sut lfd[5386]: Watching /var/log/syslog...
Aug 31 00:31:12 sut lfd[5386]: Watching /var/log/lfd.log...
Aug 31 00:31:12 sut lfd[5386]: Watching /var/log/auth.log...
Aug 31 00:31:12 sut lfd[5386]: Watching /var/log/messages...
Aug 31 00:31:12 sut lfd[5386]: Watching /var/log/customlog...
Aug 31 00:31:12 sut lfd[5386]: Watching /var/log/apache2/error.log...
Aug 31 00:31:12 sut lfd[5399]: *User Processing* PID:679 Kill:0 User:prometheus VM:1574(MB) EXE:/usr/bin/prometheus-node-exporter CMD:/usr/bin/prometheus-node-exporter --web.listen-address=0.0.0.0:9100 --collector.textfile.directory=/var/lib/node_exporter/text
Aug 31 00:31:17 sut lfd[5424]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:32:12 sut lfd[5436]: Child : *Lock Error* [PT_INTERVAL] still active - section skipped
Aug 31 00:32:17 sut lfd[5462]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:33:17 sut lfd[5530]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:33:18 sut lfd[5386]: Main Process: TERM
Aug 31 00:33:18 sut lfd[5530]: Main Process: TERM
Aug 31 00:33:18 sut lfd[5386]: daemon stopped
Aug 31 00:33:18 sut lfd[5704]: daemon started on sut - csf v14.24 (generic)
Aug 31 00:33:18 sut lfd[5704]: LF_APACHE_ERRPORT: Set to [2]
Aug 31 00:33:18 sut lfd[5704]: Log Scanner...
Aug 31 00:33:18 sut lfd[5704]: CSF Tracking...
Aug 31 00:33:18 sut lfd[5704]: LOAD Tracking...
Aug 31 00:33:18 sut lfd[5704]: Country Code Lookups...
Aug 31 00:33:18 sut lfd[5704]: System Integrity Tracking...
Aug 31 00:33:18 sut lfd[5704]: Exploit Tracking...
Aug 31 00:33:18 sut lfd[5704]: Directory Watching...
Aug 31 00:33:18 sut lfd[5704]: Process Tracking...
Aug 31 00:33:18 sut lfd[5704]: Account Tracking...
Aug 31 00:33:18 sut lfd[5704]: SSH Tracking...
Aug 31 00:33:18 sut lfd[5704]: Webmin Tracking...
Aug 31 00:33:18 sut lfd[5704]: SU Tracking...
Aug 31 00:33:18 sut lfd[5704]: Console Tracking...
Aug 31 00:33:18 sut lfd[5704]: Watching /var/log/apache2/error.log...
Aug 31 00:33:18 sut lfd[5704]: Watching /var/log/auth.log...
Aug 31 00:33:18 sut lfd[5704]: Watching /var/log/messages...
Aug 31 00:33:18 sut lfd[5704]: Watching /var/log/lfd.log...
Aug 31 00:33:18 sut lfd[5704]: Watching /var/log/customlog...
Aug 31 00:33:18 sut lfd[5704]: Watching /var/log/syslog...
Aug 31 00:33:18 sut lfd[5704]: Watching /var/log/secure...
Aug 31 00:33:18 sut lfd[5717]: *User Processing* PID:679 Kill:0 User:prometheus VM:1574(MB) EXE:/usr/bin/prometheus-node-exporter CMD:/usr/bin/prometheus-node-exporter --web.listen-address=0.0.0.0:9100 --collector.textfile.directory=/var/lib/node_exporter/text
Aug 31 00:34:18 sut lfd[5722]: Child : *Lock Error* [PT_INTERVAL] still active - section skipped
Aug 31 00:34:48 sut lfd[5991]: daemon started on sut - csf v14.24 (generic)
Aug 31 00:34:48 sut lfd[5991]: LF_APACHE_ERRPORT: Set to [2]
Aug 31 00:34:48 sut lfd[5991]: Log Scanner...
Aug 31 00:34:48 sut lfd[5991]: CSF Tracking...
Aug 31 00:34:48 sut lfd[5991]: LOAD Tracking...
Aug 31 00:34:48 sut lfd[5991]: Country Code Lookups...
Aug 31 00:34:48 sut lfd[5991]: System Integrity Tracking...
Aug 31 00:34:48 sut lfd[5991]: Exploit Tracking...
Aug 31 00:34:48 sut lfd[5991]: Directory Watching...
Aug 31 00:34:48 sut lfd[5991]: Process Tracking...
Aug 31 00:34:48 sut lfd[5991]: Account Tracking...
Aug 31 00:34:48 sut lfd[5991]: SSH Tracking...
Aug 31 00:34:48 sut lfd[5991]: Webmin Tracking...
Aug 31 00:34:48 sut lfd[5991]: SU Tracking...
Aug 31 00:34:48 sut lfd[5991]: Console Tracking...
Aug 31 00:34:48 sut lfd[5991]: Watching /var/log/lfd.log...
Aug 31 00:34:48 sut lfd[5991]: Watching /var/log/customlog...
Aug 31 00:34:48 sut lfd[5991]: Watching /var/log/messages...
Aug 31 00:34:48 sut lfd[5991]: Watching /var/log/auth.log...
Aug 31 00:34:48 sut lfd[5991]: Watching /var/log/secure...
Aug 31 00:34:48 sut lfd[5991]: Watching /var/log/apache2/error.log...
Aug 31 00:34:48 sut lfd[5991]: Watching /var/log/syslog...
Aug 31 00:34:48 sut lfd[6004]: *User Processing* PID:679 Kill:0 User:prometheus VM:1574(MB) EXE:/usr/bin/prometheus-node-exporter CMD:/usr/bin/prometheus-node-exporter --web.listen-address=0.0.0.0:9100 --collector.textfile.directory=/var/lib/node_exporter/text
Aug 31 00:34:53 sut lfd[6028]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:35:48 sut lfd[6039]: Child : *Lock Error* [PT_INTERVAL] still active - section skipped
Aug 31 00:35:53 sut lfd[6065]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:36:23 sut lfd[6116]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:36:24 sut lfd[5991]: Main Process: TERM
Aug 31 00:36:24 sut lfd[5991]: daemon stopped
Aug 31 00:36:24 sut lfd[6065]: Main Process: TERM
Aug 31 00:36:24 sut lfd[6302]: Main Process: TERM
Aug 31 00:36:24 sut lfd[6302]: daemon stopped
Aug 31 00:36:25 sut lfd[6316]: daemon started on sut - csf v14.24 (generic)
Aug 31 00:36:25 sut lfd[6316]: LF_APACHE_ERRPORT: Set to [2]
Aug 31 00:36:25 sut lfd[6316]: Log Scanner...
Aug 31 00:36:25 sut lfd[6316]: CSF Tracking...
Aug 31 00:36:25 sut lfd[6316]: LOAD Tracking...
Aug 31 00:36:25 sut lfd[6316]: Country Code Lookups...
Aug 31 00:36:25 sut lfd[6316]: System Integrity Tracking...
Aug 31 00:36:25 sut lfd[6316]: Exploit Tracking...
Aug 31 00:36:25 sut lfd[6316]: Directory Watching...
Aug 31 00:36:25 sut lfd[6316]: Process Tracking...
Aug 31 00:36:25 sut lfd[6316]: Account Tracking...
Aug 31 00:36:25 sut lfd[6316]: SSH Tracking...
Aug 31 00:36:25 sut lfd[6316]: Webmin Tracking...
Aug 31 00:36:25 sut lfd[6316]: SU Tracking...
Aug 31 00:36:25 sut lfd[6316]: Console Tracking...
Aug 31 00:36:25 sut lfd[6316]: Watching /var/log/syslog...
Aug 31 00:36:25 sut lfd[6316]: Watching /var/log/auth.log...
Aug 31 00:36:25 sut lfd[6316]: Watching /var/log/customlog...
Aug 31 00:36:25 sut lfd[6316]: Watching /var/log/secure...
Aug 31 00:36:25 sut lfd[6316]: Watching /var/log/messages...
Aug 31 00:36:25 sut lfd[6316]: Watching /var/log/lfd.log...
Aug 31 00:36:25 sut lfd[6316]: Watching /var/log/apache2/error.log...
Aug 31 00:36:25 sut lfd[6329]: *User Processing* PID:679 Kill:0 User:prometheus VM:1574(MB) EXE:/usr/bin/prometheus-node-exporter CMD:/usr/bin/prometheus-node-exporter --web.listen-address=0.0.0.0:9100 --collector.textfile.directory=/var/lib/node_exporter/text
Aug 31 00:36:30 sut lfd[6354]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:37:25 sut lfd[6364]: Child : *Lock Error* [PT_INTERVAL] still active - section skipped
Aug 31 00:37:30 sut lfd[6423]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:37:30 sut lfd[6425]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
Aug 31 00:38:30 sut lfd[6484]: *SSH login* from 192.168.55.222 into the root account using publickey authentication
