|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: reviewing httpd access log
From: J Moore (jaymo
cullmail.com)
Date: Mon Aug 02 2004 - 19:51:15 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Mon, Aug 02, 2004 at 08:24:43AM +0200, the unit calling itself Artur Grabowski wrote:
>
> > Reviewing my /var/www/logs/access_log file it seems there are a lot of
> > "bogus" entries; i.e. people trying various hacks, looking for
> > weaknesses, testing for win32, etc, etc.
> >
> > Is there a good technique for automatically identifying these
> > trouble-makers? I'd like to be able to build a "deny" table for pf to
> > halt repeat offendors, but I can't afford the time to review the logs
> > "manually".
>
> What problem are you trying to solve?
I can't run chrooted httpd; I have some cgi scripts that are probably
not "bullet-proof". I want to avoid a compromise.
Jay
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]