Help with log analysis please

beesond001 at hawaii.rr.com beesond001 at hawaii.rr.com
Wed Aug 1 00:07:06 PDT 2001 

Whenever,

	Thanks very much!

Ben 

>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<

On 7/30/01, 7:27:36 PM, whenever <whatever at whoever.net> wrote regarding 
[luau] Re: Help with log analysis please:


> you are looking at  apache log, they are trying to redirect from your 
apache server, but got a 404 (error, no such page), it happened all the 
time, nothing to worry about.

> On Tue, Jul 31, 2001 at 05:17:42AM +0000, beesond001 at hawaii.rr.com wrote:
> > To all,
> >     As I was going through some of my logs today I noticed something 
curious
> > and as I began digging deeper, I began to get that sinking feeling.  Now,
> > I am no expert, and I would sure appreciate it if you guys could help me
> > decipher this and tell me if my hunch is correct.  My hunch is that the
> > following IP addresses have borrowed my computer to try and visit a few
> > web sites with...  My other hunch is that I should have caught it sooner,
> >  but that is a different story...
> > 65.34.103.143 - - [30/Jul/2001:01:18:11 -1000] "GET http://www.s3.com/
> > HTTP/1.1" 404 301
> > 61.144.144.190 - - [19/Jul/2001:00:37:47 -1000] "GET
> > http://www.yahoo.com/ HTTP/1.1" 404 304
> > 61.144.141.144 - - [20/Jul/2001:23:50:25 -1000] "GET
> > http://www.yahoo.com/ HTTP/1.1" 404 304
> > 128.132.37.68 - - [07/Jul/2001:06:42:54 -1000] "GET
> > http://www.mpogd.com/gotm/ HTTP/1.1" 404 309
> >  Now just for grins I ran "last" and no one here was logged in at these
> > times.
> >     Now, I have also noticed a bunch of chicanery in my logs this month, 
and
> > it appears that my firewall has stopped all the stuff I see in
> > /var/log/messages.  This stuff showed up elsewhere and now I am beginning
> > to feel that  something a little more is up.
> >     What I would like is if someone could provide me some tips for 
figuring
> > out how these log entries appeared and what I should do to plug those
> > holes.  I will be willing to share log files etc, but I don't wish to
> > post them to the list a) in their present form, and also b) to save a
> > little space on the server.
> >
> > Thanks in advance,
> > Ben
> >
> > ---
> > You are currently subscribed to luau as: whatever at whoever.net
> > To unsubscribe send a blank email to leave-luau-436Q at list.luau.hi.net

> --
> "Linux: the operating system with a CLUE... Command Line User 
Environment"

> ---
> You are currently subscribed to luau as: beesond001 at hawaii.rr.com
> To unsubscribe send a blank email to $subst('Email.Unsub')
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freesoftwarehawaii.org/pipermail/luau-freesoftwarehawaii.org/attachments/20010801/c0e483a2/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/rtf
Size: 7961 bytes
Desc: filename="text1.rtf"
URL: <http://lists.freesoftwarehawaii.org/pipermail/luau-freesoftwarehawaii.org/attachments/20010801/c0e483a2/attachment-0001.rtf>

More information about the LUAU mailing list