Help with log analysis please
beesond001 at hawaii.rr.com
beesond001 at hawaii.rr.com
Mon Jul 30 22:17:42 PDT 2001
To all,
As I was going through some of my logs today I noticed something curious
and as I began digging deeper, I began to get that sinking feeling. Now,
I am no expert, and I would sure appreciate it if you guys could help me
decipher this and tell me if my hunch is correct. My hunch is that the
following IP addresses have borrowed my computer to try and visit a few
web sites with... My other hunch is that I should have caught it sooner,
but that is a different story...
65.34.103.143 - - [30/Jul/2001:01:18:11 -1000] "GET http://www.s3.com/
HTTP/1.1" 404 301
61.144.144.190 - - [19/Jul/2001:00:37:47 -1000] "GET
http://www.yahoo.com/ HTTP/1.1" 404 304
61.144.141.144 - - [20/Jul/2001:23:50:25 -1000] "GET
http://www.yahoo.com/ HTTP/1.1" 404 304
128.132.37.68 - - [07/Jul/2001:06:42:54 -1000] "GET
http://www.mpogd.com/gotm/ HTTP/1.1" 404 309
Now just for grins I ran "last" and no one here was logged in at these
times.
Now, I have also noticed a bunch of chicanery in my logs this month, and
it appears that my firewall has stopped all the stuff I see in
/var/log/messages. This stuff showed up elsewhere and now I am beginning
to feel that something a little more is up.
What I would like is if someone could provide me some tips for figuring
out how these log entries appeared and what I should do to plug those
holes. I will be willing to share log files etc, but I don't wish to
post them to the list a) in their present form, and also b) to save a
little space on the server.
Thanks in advance,
Ben
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.freesoftwarehawaii.org/pipermail/luau-freesoftwarehawaii.org/attachments/20010731/d67c1e2a/attachment-0001.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/rtf
Size: 5686 bytes
Desc: filename="text1.rtf"
URL: <http://lists.freesoftwarehawaii.org/pipermail/luau-freesoftwarehawaii.org/attachments/20010731/d67c1e2a/attachment-0001.rtf>
More information about the LUAU
mailing list