Help with log analysis please
beesond001 at hawaii.rr.com
beesond001 at hawaii.rr.com
Wed Aug 1 00:07:06 PDT 2001
Whenever,
Thanks very much!
Ben
>>>>>>>>>>>>>>>>>> Original Message <<<<<<<<<<<<<<<<<<
On 7/30/01, 7:27:36 PM, whenever <whatever at whoever.net> wrote regarding
[luau] Re: Help with log analysis please:
> you are looking at apache log, they are trying to redirect from your
apache server, but got a 404 (error, no such page), it happened all the
time, nothing to worry about.
> On Tue, Jul 31, 2001 at 05:17:42AM +0000, beesond001 at hawaii.rr.com wrote:
> > To all,
> > As I was going through some of my logs today I noticed something
curious
> > and as I began digging deeper, I began to get that sinking feeling. Now,
> > I am no expert, and I would sure appreciate it if you guys could help me
> > decipher this and tell me if my hunch is correct. My hunch is that the
> > following IP addresses have borrowed my computer to try and visit a few
> > web sites with... My other hunch is that I should have caught it sooner,
> > but that is a different story...
> > 65.34.103.143 - - [30/Jul/2001:01:18:11 -1000] "GET http://www.s3.com/
> > HTTP/1.1" 404 301
> > 61.144.144.190 - - [19/Jul/2001:00:37:47 -1000] "GET
> > http://www.yahoo.com/ HTTP/1.1" 404 304
> > 61.144.141.144 - - [20/Jul/2001:23:50:25 -1000] "GET
> > http://www.yahoo.com/ HTTP/1.1" 404 304
> > 128.132.37.68 - - [07/Jul/2001:06:42:54 -1000] "GET
> > http://www.mpogd.com/gotm/ HTTP/1.1" 404 309
> > Now just for grins I ran "last" and no one here was logged in at these
> > times.
> > Now, I have also noticed a bunch of chicanery in my logs this month,
and
> > it appears that my firewall has stopped all the stuff I see in
> > /var/log/messages. This stuff showed up elsewhere and now I am beginning
> > to feel that something a little more is up.
> > What I would like is if someone could provide me some tips for
figuring
> > out how these log entries appeared and what I should do to plug those
> > holes. I will be willing to share log files etc, but I don't wish to
> > post them to the list a) in their present form, and also b) to save a
> > little space on the server.
> >
> > Thanks in advance,
> > Ben
> >
> > ---
> > You are currently subscribed to luau as: whatever at whoever.net
> > To unsubscribe send a blank email to leave-luau-436Q at list.luau.hi.net
> --
> "Linux: the operating system with a CLUE... Command Line User
Environment"
> ---
> You are currently subscribed to luau as: beesond001 at hawaii.rr.com
> To unsubscribe send a blank email to $subst('Email.Unsub')
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freesoftwarehawaii.org/pipermail/luau-freesoftwarehawaii.org/attachments/20010801/c0e483a2/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/rtf
Size: 7961 bytes
Desc: filename="text1.rtf"
URL: <http://lists.freesoftwarehawaii.org/pipermail/luau-freesoftwarehawaii.org/attachments/20010801/c0e483a2/attachment-0001.rtf>
More information about the LUAU
mailing list